Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Hrozne pomale pc po format HDD

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
petrik25
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 13 kvě 2007 09:17
Kontaktovat uživatele:

Hrozne pomale pc po format HDD

#1 Příspěvek od petrik25 »

Moj problem je vtom ze pred casom som sa rozhodol vyskusat Ubuntu 12. Urobil som novu particiu-vsetko ok. bootoval som live ubuntu12-vsetko ok. ked som istaloval ubuntu tak to poskodilo windows. Snazilo sa to naistalovat na particiu kde bol moj Win Xp. Zacalo to formatovat ale aj ked som to stopnul aj tak my Win uz nenaskocil. cize reinstal, lenze to ubuntu porobilo taky bordel na hardisku ze ho porozdelovalo na asi dalsie 4 particie a tu kde bol win oznacilo ako unallocated alebo daco take. Zacal som reinstalovat win ale kedze ta particia bola unallocated sanzilo sa to istalovat na dalsiu particiu. mam 120gb disk a povodne som ho rozdelil na 90 gb pre win a zvysok som vyhradil pre ubuntu. kedze ten 90 gb urcilo ako unallocated disk win sa snazil to naistalovat na ten dalsi, lenze ubuntu to posekal na dalsie este mensie particie takze z Win xp instalacie nebolo nic lebo nemal dost priestoru na instalaciu. Tu sa moje schopnosti skoncili a podal som moje pc do ruk dakemu skusenejsemu. nakonec to dopadlo tak ze sa musel HDD fyzicky napojit na iny pc a sformatovat ho tam. potom my nainstaloval naspet Win xp bez nejakeho ubuntu ci nejakych inych particii. povedal my ze mal dake problemy po insatlaci, ze mu nechcel win xp botovat ale nakonec to akosi vyriesil.
problem je ale v tom ze moj pc je take pomale ze ked necham nacitat daku pesnicu z Youtube a odpojim sa z net a pustim ju tak ju ani nemozem pcuvat lebo ju tak seka, proste je hrozne pomale. service pack 3 cez update my instalovalo as 2 hod. je to proste hrozne pomale.
ja si myslim ze po sposobuje daco medzi komunikaciou niekde medzi Bios-hardvare-WinXp. ale fakt neviem.
programy ktore som nainstaloval po instalacii XP: Opera 10.51, Ccleaner, AVG 9.0, VLC, ffdshow codec, 7zip.
pc islo uz pomaly hned po dokonceni instalacii.
pls help me

Logfile of random's system information tool 1.06 (written by random/random)
Run by Peter Balascak at 2010-04-16 21:56:22
Microsoft Windows XP Professional Service Pack 3
System drive C: has 105 GB (91%) free of 114 GB
Total RAM: 895 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:58:58, on 16/04/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Peter Balascak\Desktop\RSIT.exe
C:\Program Files\trend micro\Peter Balascak.exe

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1365717677
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4908 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Registration reminder 2.job
C:\WINDOWS\tasks\Registration reminder 3.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-15 1602912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-02-23 1664256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-02-23 1664256]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-10 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-10 688218]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-04-27 7561216]
"nwiz"=nwiz.exe /installquiet []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe [2005-06-03 36975]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-15 2064224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-04-15 12464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-16 21:56:23 ----D---- C:\Program Files\trend micro
2010-04-16 21:56:22 ----D---- C:\rsit
2010-04-16 16:48:48 ----SHD---- C:\Config.Msi
2010-04-16 16:43:20 ----D---- C:\WINDOWS\system32\XPSViewer
2010-04-16 16:43:04 ----D---- C:\Program Files\MSBuild
2010-04-16 16:42:29 ----D---- C:\Program Files\Reference Assemblies
2010-04-16 16:41:31 ----D---- C:\WINDOWS\LastGood
2010-04-16 16:41:29 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-04-16 16:41:29 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-04-16 16:41:28 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-04-16 16:00:47 ----A---- C:\WINDOWS\OEWABLog.txt
2010-04-16 15:58:48 ----D---- C:\WINDOWS\Prefetch
2010-04-16 15:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-16 15:54:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-16 15:54:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-04-16 15:54:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-04-16 15:54:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-04-16 15:53:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-04-16 15:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-04-16 15:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-04-16 15:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-04-16 15:53:10 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-04-16 15:52:55 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-04-16 15:38:02 ----D---- C:\WINDOWS\system32\en-us
2010-04-16 15:38:00 ----D---- C:\WINDOWS\system32\scripting
2010-04-16 15:37:59 ----D---- C:\WINDOWS\l2schemas
2010-04-16 15:37:57 ----D---- C:\WINDOWS\system32\en
2010-04-16 15:37:56 ----D---- C:\WINDOWS\system32\bits
2010-04-16 15:18:52 ----D---- C:\WINDOWS\network diagnostic
2010-04-16 15:09:28 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-04-16 03:14:30 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-04-16 03:13:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-04-16 03:13:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-04-16 03:13:02 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2010-04-16 03:12:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-04-16 03:12:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$
2010-04-16 03:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-04-16 03:10:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-04-16 03:10:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2010-04-16 03:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-04-16 03:06:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2010-04-16 03:05:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2010-04-16 03:05:04 ----D---- C:\WINDOWS\ServicePackFiles
2010-04-16 03:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-04-16 03:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-04-16 03:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-04-16 03:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-04-16 03:02:14 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2010-04-16 03:00:52 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-04-16 00:05:03 ----A---- C:\WINDOWS\setuplog.txt
2010-04-15 22:44:55 ----D---- C:\Documents and Settings\Peter Balascak\Application Data\vlc
2010-04-15 22:38:11 ----D---- C:\Program Files\VideoLAN
2010-04-15 22:09:30 ----A---- C:\WINDOWS\system32\wups2.dll
2010-04-15 22:09:27 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-04-15 22:09:26 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-04-15 22:09:24 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-04-15 22:09:24 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-04-15 22:06:14 ----D---- C:\Program Files\7-Zip
2010-04-15 22:05:18 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-04-15 22:05:16 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-04-15 22:05:12 ----D---- C:\Program Files\ffdshow
2010-04-15 21:39:34 ----D---- C:\Documents and Settings\Peter Balascak\Application Data\Adobe
2010-04-15 21:35:09 ----D---- C:\Documents and Settings\Peter Balascak\Application Data\Opera
2010-04-15 17:52:16 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-04-15 17:52:12 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2010-04-15 17:51:33 ----D---- C:\Program Files\AVG
2010-04-15 17:51:33 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-04-15 17:43:37 ----D---- C:\Program Files\Opera
2010-04-15 17:43:21 ----D---- C:\Program Files\CCleaner
2010-04-15 17:24:33 ----ASH---- C:\Documents and Settings\Peter Balascak\Application Data\desktop.ini
2010-04-15 17:24:29 ----D---- C:\Documents and Settings\Peter Balascak\Application Data\Macromedia
2010-04-15 17:24:29 ----D---- C:\Documents and Settings\Peter Balascak\Application Data\Identities
2010-04-15 17:24:28 ----SD---- C:\Documents and Settings\Peter Balascak\Application Data\Microsoft
2010-04-15 17:17:13 ----SHD---- C:\RECYCLER
2010-04-15 17:17:11 ----A---- C:\WINDOWS\smscfg.ini
2010-04-15 17:14:58 ----HDC---- C:\WINDOWS\$NtUninstallKB912067$
2010-04-15 17:12:00 ----RASH---- C:\BOOT.BAK
2010-04-15 17:11:48 ----RSHD---- C:\cmdcons
2010-04-15 17:11:48 ----A---- C:\WINDOWS\UPGRADE.TXT
2010-04-15 17:11:13 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-15 17:11:13 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-15 17:11:13 ----A---- C:\WINDOWS\system32\java.exe
2010-04-15 17:09:58 ----D---- C:\Program Files\Java
2010-04-15 17:09:45 ----D---- C:\Program Files\Common Files\Java
2010-04-15 17:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB919803$
2010-04-15 17:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB914548$
2010-04-15 17:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$
2010-04-15 17:02:53 ----N---- C:\WINDOWS\kb913800.exe
2010-04-15 17:01:57 ----D---- C:\WINDOWS\system32\Lang
2010-04-15 16:58:14 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-04-15 16:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
2010-04-15 16:57:49 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2010-04-15 16:57:38 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
2010-04-15 16:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2010-04-15 16:56:37 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2010-04-15 16:56:29 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2010-04-15 16:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB920214$
2010-04-15 16:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB918899$
2010-04-15 16:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2010-04-15 16:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2010-04-15 16:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP10$
2010-04-15 16:54:37 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2010-04-15 16:54:26 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2010-04-15 16:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB917159$
2010-04-15 16:54:07 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2010-04-15 16:53:40 ----HDC---- C:\WINDOWS\$NtUninstallKB916281$
2010-04-15 16:53:13 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2010-04-15 16:53:02 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2010-04-15 16:52:50 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2010-04-15 16:52:38 ----HDC---- C:\WINDOWS\$NtUninstallKB913446$
2010-04-15 16:52:29 ----HDC---- C:\WINDOWS\$NtUninstallKB912945$
2010-04-15 16:52:00 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2010-04-15 16:51:38 ----HDC---- C:\WINDOWS\$NtUninstallKB912812$
2010-04-15 16:51:10 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2010-04-15 16:50:57 ----HDC---- C:\WINDOWS\$NtUninstallKB911567$
2010-04-15 16:50:36 ----HDC---- C:\WINDOWS\$NtUninstallKB911565$
2010-04-15 16:50:26 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2010-04-15 16:50:20 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2010-04-15 16:50:12 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2010-04-15 16:50:03 ----HDC---- C:\WINDOWS\$NtUninstallKB910728$
2010-04-15 16:49:54 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2010-04-15 16:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2010-04-15 16:49:21 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-04-15 16:48:58 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2010-04-15 16:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2010-04-15 16:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2010-04-15 16:48:35 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2010-04-15 16:48:08 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2010-04-15 16:47:41 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2010-04-15 16:47:34 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2010-04-15 16:47:23 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2010-04-15 16:46:52 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2010-04-15 16:46:23 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2010-04-15 16:46:16 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2010-04-15 16:46:08 ----HDC---- C:\WINDOWS\$NtUninstallKB899589$
2010-04-15 16:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2010-04-15 16:45:53 ----D---- C:\WINDOWS\system32\PreInstall
2010-04-15 16:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-04-15 16:45:44 ----HDC---- C:\WINDOWS\$NtUninstallKB898458$
2010-04-15 16:45:35 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2010-04-15 16:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2010-04-15 16:45:10 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2010-04-15 16:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB896422$
2010-04-15 16:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2010-04-15 16:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2010-04-15 16:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2010-04-15 16:43:59 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2010-04-15 16:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2010-04-15 16:43:20 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2010-04-15 16:42:46 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2010-04-15 16:42:38 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2010-04-15 16:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB888113$
2010-04-15 16:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB887998$
2010-04-15 16:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB887742$
2010-04-15 16:42:02 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2010-04-15 16:41:53 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2010-04-15 16:41:46 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2010-04-15 16:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2010-04-15 16:41:22 ----HDC---- C:\WINDOWS\$NtUninstallKB885250$
2010-04-15 16:41:10 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-04-15 16:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2010-04-15 16:41:10 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 16:40:42 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2010-04-15 16:40:42 ----A---- C:\WINDOWS\system32\ChCfg.exe
2010-04-15 16:40:29 ----D---- C:\WINDOWS\system32\RTCOM
2010-04-15 16:39:54 ----A---- C:\WINDOWS\SoundMan.exe
2010-04-15 16:39:54 ----A---- C:\WINDOWS\SkyTel.exe
2010-04-15 16:39:52 ----A---- C:\WINDOWS\RtlUpd.exe
2010-04-15 16:39:48 ----A---- C:\WINDOWS\RTLCPL.exe
2010-04-15 16:39:38 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-15 16:39:38 ----D---- C:\Program Files\Realtek
2010-04-15 16:39:38 ----A---- C:\WINDOWS\RTHDCPL.exe
2010-04-15 16:39:38 ----A---- C:\WINDOWS\MicCal.exe
2010-04-15 16:39:38 ----A---- C:\WINDOWS\alcwzrd.exe
2010-04-15 16:39:38 ----A---- C:\WINDOWS\Alcmtr.exe
2010-04-15 16:39:37 ----A---- C:\WINDOWS\RtlExUpd.dll
2010-04-15 16:38:05 ----D---- C:\WINDOWS\nview
2010-04-15 16:38:05 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-04-15 16:37:49 ----A---- C:\WINDOWS\system32\nwiz.exe
2010-04-15 16:37:49 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2010-04-15 16:37:49 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2010-04-15 16:37:49 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2010-04-15 16:37:48 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwrses.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2010-04-15 16:37:47 ----A---- C:\WINDOWS\system32\nvwimg.dll
2010-04-15 16:37:46 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2010-04-15 16:37:46 ----A---- C:\WINDOWS\system32\nvwddi.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvshell.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-04-15 16:37:45 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-04-15 16:37:44 ----A---- C:\WINDOWS\system32\nvrsar.dll
2010-04-15 16:37:43 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-04-15 16:37:43 ----A---- C:\WINDOWS\system32\nvmctray.dll
2010-04-15 16:37:43 ----A---- C:\WINDOWS\system32\nview.dll
2010-04-15 16:37:42 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2010-04-15 16:37:37 ----A---- C:\WINDOWS\system32\nvcpl.dll
2010-04-15 16:37:36 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-04-15 16:37:36 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-04-15 16:37:36 ----A---- C:\WINDOWS\system32\nvappbar.exe
2010-04-15 16:37:36 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-04-15 16:37:34 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-04-15 16:37:19 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-04-15 16:37:17 ----A---- C:\WINDOWS\system32\nvusmb.exe
2010-04-15 16:37:09 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\nvconrm.dll
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\fdco_l2052.dll
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\fdco_l1046.dll
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\fdco_l1042.dll
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\fdco_l1041.dll
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\fdco_l1040.dll
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\fdco_l1036.dll
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\fdco_l1034.dll
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\fdco_l1031.dll
2010-04-15 16:36:58 ----A---- C:\WINDOWS\system32\fdco_l1028.dll
2010-04-15 16:36:57 ----A---- C:\WINDOWS\system32\fdco1ins.dll
2010-04-15 16:36:57 ----A---- C:\WINDOWS\system32\fdco1.dll
2010-04-15 16:36:57 ----A---- C:\WINDOWS\system32\bdco1ins.dll
2010-04-15 16:36:57 ----A---- C:\WINDOWS\system32\bdco1.dll
2010-04-15 16:36:28 ----D---- C:\Program Files\Common Files\InstallShield
2010-04-15 16:35:32 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-04-15 16:35:25 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2010-04-15 16:32:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-04-15 16:32:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-15 16:31:58 ----HDC---- C:\WINDOWS\$NtUninstallKB908246$
2010-04-15 16:31:22 ----HDC---- C:\WINDOWS\$NtUninstallKB910393$
2010-04-15 16:30:09 ----D---- C:\WINDOWS\RegisteredPackages
2010-04-15 16:27:28 ----HDC---- C:\WINDOWS\$NtUninstallKB900325$
2010-04-15 16:26:43 ----HDC---- C:\WINDOWS\$NtUninstallKB902841$
2010-04-15 16:26:36 ----HDC---- C:\WINDOWS\$NtUninstallKB888795$
2010-04-15 16:26:30 ----HDC---- C:\WINDOWS\$NtUninstallKB899510$
2010-04-15 16:26:21 ----HDC---- C:\WINDOWS\$NtUninstallKB899337$
2010-04-15 16:26:19 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-04-15 16:26:14 ----HDC---- C:\WINDOWS\$NtUninstallKB895961$
2010-04-15 16:26:07 ----HDC---- C:\WINDOWS\$NtUninstallKB891593$
2010-04-15 16:25:56 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-04-15 16:25:53 ----HDC---- C:\WINDOWS\$NtUninstallKB903157$
2010-04-15 16:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB912024$
2010-04-15 16:14:51 ----D---- C:\WINDOWS\system32\URTTemp
2010-04-15 16:09:42 ----D---- C:\WINDOWS\ehome
2010-04-15 16:07:58 ----A---- C:\WINDOWS\system32\hccoin.dll
2010-04-15 16:07:33 ----D---- C:\Program Files\Synaptics
2010-04-15 15:59:34 ----RASH---- C:\BOOT.INI
2010-04-15 15:43:32 ----A---- C:\MCDLOG.TXT
2010-04-15 15:43:32 ----A---- C:\DWNLOG.TXT
2010-04-15 15:32:44 ----HD---- C:\PNP
2010-04-15 15:23:02 ----HD---- C:\WINDOWS\I386
2010-04-15 14:58:22 ----HD---- C:\DIVTOOLS
2010-04-15 14:56:16 ----SHD---- C:\DRIVERS
2010-04-15 14:56:14 ----D---- C:\APPS
2010-04-15 03:07:45 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-04-15 03:03:49 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-04-15 03:03:07 ----N---- C:\WINDOWS\system32\xpsp4res.dll

======List of files/folders modified in the last 1 months======

2010-04-16 21:56:23 ----RD---- C:\Program Files
2010-04-16 17:22:24 ----HD---- C:\WINDOWS\inf
2010-04-16 17:22:11 ----D---- C:\WINDOWS
2010-04-16 17:22:03 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-16 17:17:01 ----D---- C:\WINDOWS\Temp
2010-04-16 17:17:00 ----D---- C:\WINDOWS\Registration
2010-04-16 17:12:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-16 17:04:56 ----RSD---- C:\WINDOWS\assembly
2010-04-16 17:01:32 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-16 16:55:44 ----SHD---- C:\WINDOWS\Installer
2010-04-16 16:52:33 ----D---- C:\WINDOWS\system32
2010-04-16 16:52:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-16 16:51:39 ----D---- C:\WINDOWS\WinSxS
2010-04-16 16:42:48 ----RSD---- C:\WINDOWS\Fonts
2010-04-16 16:41:49 ----D---- C:\WINDOWS\system32\spool
2010-04-16 16:41:44 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-04-16 16:37:52 ----D---- C:\Program Files\Internet Explorer
2010-04-16 16:03:28 ----D---- C:\WINDOWS\Debug
2010-04-16 15:57:37 ----D---- C:\WINDOWS\AppPatch
2010-04-16 15:57:36 ----D---- C:\WINDOWS\system32\Setup
2010-04-16 15:57:35 ----D---- C:\WINDOWS\system32\wbem
2010-04-16 15:57:25 ----D---- C:\WINDOWS\system32\drivers
2010-04-16 15:54:56 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-16 15:54:20 ----D---- C:\Program Files\Outlook Express
2010-04-16 15:52:27 ----D---- C:\WINDOWS\security
2010-04-16 15:39:50 ----D---- C:\Program Files\Messenger
2010-04-16 15:39:00 ----D---- C:\WINDOWS\system32\inetsrv
2010-04-16 15:38:58 ----D---- C:\WINDOWS\Help
2010-04-16 15:38:57 ----D---- C:\WINDOWS\ime
2010-04-16 15:38:02 ----D---- C:\WINDOWS\system32\usmt
2010-04-16 15:37:56 ----D---- C:\WINDOWS\PeerNet
2010-04-16 15:37:55 ----D---- C:\Program Files\Movie Maker
2010-04-16 15:25:52 ----D---- C:\WINDOWS\system32\Restore
2010-04-16 15:25:51 ----D---- C:\WINDOWS\system32\npp
2010-04-16 15:25:51 ----D---- C:\WINDOWS\mui
2010-04-16 15:25:48 ----D---- C:\WINDOWS\msagent
2010-04-16 15:25:43 ----D---- C:\WINDOWS\srchasst
2010-04-16 15:25:23 ----D---- C:\Program Files\NetMeeting
2010-04-16 15:25:18 ----D---- C:\WINDOWS\system32\Com
2010-04-16 15:25:10 ----D---- C:\Program Files\Windows NT
2010-04-16 15:25:00 ----D---- C:\Program Files\Common Files\System
2010-04-16 15:24:09 ----D---- C:\WINDOWS\system32\oobe
2010-04-16 15:24:04 ----D---- C:\WINDOWS\system
2010-04-16 00:05:15 ----SD---- C:\WINDOWS\Tasks
2010-04-15 22:08:42 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-15 17:51:18 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-15 17:24:26 ----D---- C:\Documents and Settings
2010-04-15 17:24:01 ----SHD---- C:\System Volume Information
2010-04-15 17:20:12 ----A---- C:\WINDOWS\system.ini
2010-04-15 17:15:23 ----D---- C:\WINDOWS\system32\Macromed
2010-04-15 17:09:45 ----D---- C:\Program Files\Common Files
2010-04-15 17:02:26 ----D---- C:\Program Files\Windows Media Player
2010-04-15 16:17:19 ----D---- C:\WINDOWS\pchealth
2010-04-15 03:00:47 ----D---- C:\WINDOWS\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 36864]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-04-15 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-04-15 29512]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-15 242696]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-06 4284928]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-04-27 3659968]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-04 13056]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-07 11136]
R3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-06-30 226048]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-10 189408]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-04 34176]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-04-15 916760]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-04-15 308064]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-06-29 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-04-27 143427]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-02-23 369920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119410
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#2 Příspěvek od Rudy »

Ve správci zařízení>řadiče IDE ATA>Prim. a sek. kanál>vlastnosti>upřesnit zkontrolujte, zda je nastaven režim DMA. Pokud tomu tak není, nastavte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petrik25
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 13 kvě 2007 09:17
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#3 Příspěvek od petrik25 »

Uz som to nasiel. Transfer mode bol nastaveny na PIO, a to sposobovalo to spomalenie. V biose som to zmenil na Ultra ATA 66 a vyzera ze to bezi v pohode.

Ale zistil som novy problem.
Internet my bezi cez fifi. kde som bol doteraz my to bezalo v pohode. Teraz ked som sa prestahoval my moj laptop dokaze najst siet a aj pripojit sa na nu ale nedokaze ist online. Siet bezi v pohode lebo priatelke to ide v bez problemov.

Ziskavanie ip a aj dns su nastavene na atomaticky, proxy som nikdy nepouzival takze su vypnute a drivery su reinstalovane.

nefunguje ani opera, IE, a ani updates

any ideas, guys?
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119410
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#4 Příspěvek od Rudy »

Patrně nemáte správně nastaven přístup k té síti. Po přestěhování budou patrně jiné parametry. Musíte nastavit sítě stejně, jako má vaše přítelkyně.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petrik25
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 13 kvě 2007 09:17
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#5 Příspěvek od petrik25 »

Ale hacik je v tom ze pristup na siet je nastaveny uplne rovnako. len jej to ide a mne nie
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119410
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#6 Příspěvek od Rudy »

Zkuste reinstalovat ovladače Wifi karty.

Edit Rudy:
také je možné, že poskytovatel má zavedeno filtrování MAC adres.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petrik25
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 13 kvě 2007 09:17
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#7 Příspěvek od petrik25 »

Reinstal som robil hned ked to nechcelo ist, cize to nepomohlo, filtrovanie mac adries nema, kontaktoval som ho.
mal som avg 9, ked som sa ho chcel vypnut ci to on neblokuje internet, nenasiel som to a tak som ho odinstaloval, firewall mam windows ale aj tak som ho vypol, stale bez vysledku.
ma niekto dake ine navrhy.
Obrázek

petrik25
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 13 kvě 2007 09:17
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#8 Příspěvek od petrik25 »

Urobil som este ipconfig /all a tu je vysledok:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Peter Balascak>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : SN757000490231
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RT73 USB Wireless LAN Card
Physical Address. . . . . . . . . : 00-10-60-20-C2-FA
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : fe80::210:60ff:fe20:c2fa%5
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
Lease Obtained. . . . . . . . . . : 19 April 2010 09:39:11
Lease Expires . . . . . . . . . . : 22 April 2010 09:39:11

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%4
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : C0-A8-00-05
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.0.5%2
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119410
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#9 Příspěvek od Rudy »

Ještě zkuste použít WinsockFix: http://www.spyware.cz/go.php?p=spyware&t=aplikace&id=22 . Utilita reinstalujte TCP/IP protokol. Máte-li parametry sítě zadány ručně, budete je muset po restartu znovu nastavit.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petrik25
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 13 kvě 2007 09:17
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#10 Příspěvek od petrik25 »

nepomohlo to stale nic. vsetky parametre su nastavene na automaticke
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119410
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#11 Příspěvek od Rudy »

Ještě zkusíme ComboFix. Dejte log.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petrik25
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 13 kvě 2007 09:17
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#12 Příspěvek od petrik25 »

dobre idem to zoskenovat ale som si takmer isty ze nic nenaide lebo tak ako som hore pisal formatoval som cely HDD asi pred 3-4 dnami.
Obrázek

petrik25
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 13 kvě 2007 09:17
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#13 Příspěvek od petrik25 »

A tu je log:

ComboFix 10-04-18.04 - Peter Balascak 19/04/2010 20:22:52.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.895.545 [GMT 1:00]
Running from: E:\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Files Created from 2010-03-19 to 2010-04-19 )))))))))))))))))))))))))))))))
.

2010-04-19 09:43 . 2010-04-19 10:05 -------- d-----w- c:\documents and settings\Peter Balascak\Application Data\ICQ
2010-04-19 09:43 . 2010-04-19 09:43 -------- d-----w- c:\documents and settings\Peter Balascak\Local Settings\Application Data\AOL
2010-04-19 09:43 . 2010-04-19 09:46 -------- d-----w- c:\program files\ICQ7.1
2010-04-19 09:23 . 2010-04-19 09:28 -------- d-----w- c:\documents and settings\Peter Balascak\Local Settings\Application Data\eSupport.com
2010-04-19 09:23 . 2010-04-19 09:23 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-04-19 08:34 . 2010-04-14 16:35 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-19 08:34 . 2010-04-14 16:31 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-19 08:34 . 2010-04-14 16:35 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-19 08:34 . 2010-04-14 16:31 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-19 08:34 . 2010-04-14 16:31 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-19 08:34 . 2010-04-14 16:31 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-19 08:34 . 2010-04-14 16:30 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-19 08:34 . 2010-04-14 16:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-19 08:34 . 2010-04-14 16:47 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-19 08:34 . 2010-04-19 08:34 -------- d-----w- c:\program files\Alwil Software
2010-04-19 08:34 . 2010-04-19 08:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-04-18 11:06 . 2001-08-17 21:36 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2010-04-18 11:06 . 2001-08-17 11:50 13664 ----a-w- c:\windows\system32\dllcache\n9i128.sys
2010-04-18 11:06 . 2001-08-17 13:56 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-04-18 11:06 . 2001-08-17 11:11 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-04-18 11:06 . 2001-08-17 11:11 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-04-18 11:06 . 2001-08-17 12:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-04-18 11:06 . 2001-08-17 21:36 7168 ----a-w- c:\windows\system32\dllcache\mxport.dll
2010-04-18 11:06 . 2001-08-17 12:49 19968 ----a-w- c:\windows\system32\dllcache\mxnic.sys
2010-04-18 11:06 . 2001-08-17 21:36 19968 ----a-w- c:\windows\system32\dllcache\mxicfg.dll
2010-04-18 11:04 . 2001-08-17 11:50 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys
2010-04-18 11:03 . 2001-08-17 11:11 25065 ----a-w- c:\windows\system32\dllcache\lmndis3.sys
2010-04-18 11:02 . 2004-08-10 13:00 60928 ----a-w- c:\windows\system32\dllcache\iisclex4.dll
2010-04-18 11:01 . 2001-08-17 12:28 73279 ----a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2010-04-18 11:00 . 2001-08-17 21:36 123392 ----a-w- c:\windows\system32\dllcache\hpgt21tk.dll
2010-04-18 10:59 . 2001-08-17 21:36 71680 ----a-w- c:\windows\system32\dllcache\fnfilter.dll
2010-04-18 10:58 . 2001-08-17 21:36 53248 ----a-w- c:\windows\system32\dllcache\eqndiag.exe
2010-04-18 10:57 . 2001-08-17 12:47 23808 ----a-w- c:\windows\system32\dllcache\dot4usb.sys
2010-04-18 10:56 . 2001-08-17 11:12 117760 ----a-w- c:\windows\system32\dllcache\d100ib5.sys
2010-04-18 10:55 . 2001-08-17 11:13 22044 ----a-w- c:\windows\system32\dllcache\cem33n5.sys
2010-04-18 10:54 . 2001-08-17 11:13 37568 ----a-w- c:\windows\system32\dllcache\avmwan.sys
2010-04-18 10:51 . 2004-08-10 13:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2010-04-18 10:51 . 2001-08-17 13:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-04-18 10:51 . 2004-08-10 13:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2010-04-18 10:51 . 2004-08-10 13:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2010-04-18 10:51 . 2004-08-10 13:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2010-04-18 10:51 . 2004-08-10 13:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2010-04-18 10:51 . 2004-08-10 13:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2010-04-18 10:51 . 2004-08-10 13:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2010-04-18 08:38 . 2010-04-18 08:38 -------- d-sh--w- c:\documents and settings\Peter Balascak\PrivacIE
2010-04-17 06:35 . 2010-04-17 06:35 -------- d-sh--w- c:\documents and settings\Peter Balascak\IETldCache
2010-04-17 06:13 . 2010-02-25 06:24 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-04-17 06:13 . 2010-02-25 10:54 11070976 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-04-17 06:13 . 2010-02-25 06:24 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-17 06:13 . 2010-02-25 06:24 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-17 06:13 . 2010-02-25 06:24 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-17 06:13 . 2010-02-25 06:24 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-04-17 06:13 . 2010-04-17 06:13 -------- d-----w- c:\windows\ie8updates
2010-04-17 06:12 . 2010-02-16 04:50 64000 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-04-17 06:10 . 2010-04-17 06:11 -------- dc-h--w- c:\windows\ie8
2010-04-17 00:02 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-16 20:56 . 2010-04-16 20:58 -------- d-----w- c:\program files\trend micro
2010-04-16 20:56 . 2010-04-16 20:59 -------- d-----w- C:\rsit
2010-04-16 15:43 . 2010-04-16 15:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-04-16 15:43 . 2010-04-16 15:43 -------- d-----w- c:\program files\MSBuild
2010-04-16 15:42 . 2010-04-16 15:42 -------- d-----w- c:\program files\Reference Assemblies
2010-04-16 15:41 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-04-16 15:41 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-04-16 15:41 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-04-16 15:41 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-04-16 15:41 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-04-16 15:41 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-04-16 15:41 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-04-16 15:41 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-04-16 15:41 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2010-04-16 14:38 . 2010-04-16 14:38 -------- d-----w- c:\windows\system32\scripting
2010-04-16 14:37 . 2010-04-16 14:37 -------- d-----w- c:\windows\l2schemas
2010-04-16 14:37 . 2010-04-16 14:37 -------- d-----w- c:\windows\system32\en
2010-04-16 14:37 . 2010-04-16 14:37 -------- d-----w- c:\windows\system32\bits
2010-04-16 10:13 . 2004-08-03 21:29 25471 ------w- c:\windows\system32\drivers\watv10nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 22271 ------w- c:\windows\system32\drivers\watv06nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 11935 ------w- c:\windows\system32\drivers\wadv11nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 11807 ------w- c:\windows\system32\drivers\wadv07nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 11295 ------w- c:\windows\system32\drivers\wadv08nt.sys
2010-04-16 10:11 . 2004-08-03 21:41 1041536 ----a-w- c:\windows\system32\dllcache\hsfdpsp2.sys
2010-04-16 10:11 . 2004-08-03 21:41 1041536 ------w- c:\windows\system32\drivers\hsfdpsp2.sys
2010-04-16 10:11 . 2004-08-03 21:41 685056 ----a-w- c:\windows\system32\dllcache\hsfcxts2.sys
2010-04-16 10:11 . 2004-08-03 21:41 685056 ------w- c:\windows\system32\drivers\hsfcxts2.sys
2010-04-16 10:11 . 2004-08-03 21:41 220032 ----a-w- c:\windows\system32\dllcache\hsfbs2s2.sys
2010-04-16 10:11 . 2004-08-03 21:41 220032 ------w- c:\windows\system32\drivers\hsfbs2s2.sys
2010-04-16 05:57 . 2009-12-31 16:50 353792 ------w- c:\windows\system32\dllcache\srv.sys
2010-04-16 05:44 . 2009-10-15 16:28 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2010-04-16 05:44 . 2009-03-06 14:22 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2010-04-16 05:44 . 2009-02-06 10:39 35328 ------w- c:\windows\system32\dllcache\sc.exe
2010-04-16 05:44 . 2009-02-09 12:10 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2010-04-16 05:44 . 2009-02-06 11:11 110592 ------w- c:\windows\system32\dllcache\services.exe
2010-04-16 05:44 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2010-04-16 05:44 . 2009-02-09 12:10 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-04-16 05:44 . 2010-02-16 14:08 2146304 ----a-w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-04-16 05:44 . 2010-02-16 13:25 2024448 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-04-16 05:42 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2010-04-16 02:05 . 2010-04-16 14:26 -------- d-----w- c:\windows\ServicePackFiles
2010-04-15 21:47 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2010-04-15 21:44 . 2010-04-16 21:16 -------- d-----w- c:\documents and settings\Peter Balascak\Application Data\vlc
2010-04-15 21:38 . 2010-04-15 21:38 -------- d-----w- c:\program files\VideoLAN
2010-04-15 21:11 . 2010-04-19 08:35 36176 ----a-w- c:\documents and settings\Peter Balascak\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-15 21:09 . 2009-08-06 18:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-04-15 21:06 . 2010-04-15 21:06 -------- d-----w- c:\program files\7-Zip
2010-04-15 21:05 . 2010-03-02 23:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-15 21:05 . 2010-04-15 21:05 -------- d-----w- c:\program files\ffdshow
2010-04-15 20:35 . 2010-04-15 20:35 -------- d-----w- c:\documents and settings\Peter Balascak\Local Settings\Application Data\Opera
2010-04-15 16:51 . 2010-04-15 16:51 -------- d-----w- c:\program files\AVG
2010-04-15 16:43 . 2010-04-15 16:43 -------- d-----w- c:\program files\Opera
2010-04-15 16:43 . 2010-04-15 16:43 -------- d-----w- c:\program files\CCleaner
2010-04-15 16:36 . 2010-04-15 16:36 -------- d-s---w- c:\documents and settings\Peter Balascak\UserData
2010-04-15 16:17 . 2010-04-15 16:17 -------- d-sh--w- c:\documents and settings\All Users\DRM
2010-04-15 16:09 . 2010-04-15 16:11 -------- d-----w- c:\program files\Java
2010-04-15 16:09 . 2010-04-15 16:09 -------- d-----w- c:\program files\Common Files\Java
2010-04-15 16:09 . 2010-04-15 16:09 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}
2010-04-15 16:02 . 2006-03-21 03:23 23040 ------w- c:\windows\kb913800.exe
2010-04-15 16:01 . 2010-04-15 16:01 -------- d-----w- c:\windows\system32\Lang
2010-04-15 15:49 . 2008-04-14 00:12 28672 ------w- c:\windows\system32\verclsid.exe
2010-04-15 15:41 . 2010-04-17 06:13 -------- d--h--w- c:\windows\$hf_mig$
2010-04-15 15:40 . 2005-10-31 18:17 135168 ----a-w- c:\windows\system32\RtlCPAPI.dll
2010-04-15 15:40 . 2005-07-15 15:48 40960 ----a-w- c:\windows\system32\ChCfg.exe
2010-04-15 15:40 . 2010-04-15 15:40 -------- d-----w- c:\windows\system32\RTCOM
2010-04-15 15:39 . 2006-05-16 17:04 2879488 ----a-w- c:\windows\SkyTel.exe
2010-04-15 15:39 . 2006-05-04 15:22 86016 ----a-w- c:\windows\SoundMan.exe
2010-04-15 15:39 . 2006-03-09 17:45 364544 ----a-w- c:\windows\RtlUpd.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-16 14:49 . 2004-09-10 14:36 86811 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-15 15:37 . 2010-04-15 15:36 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-25 06:24 . 2004-09-10 13:57 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-09-10 13:57 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 08:10 . 2004-09-10 13:57 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2004-08-03 21:59 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2004-09-10 13:56 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-09-10 13:57 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" [2010-04-19 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 688218]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-27 7561216]
"nwiz"="nwiz.exe" [2006-04-27 1519616]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 16208384]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 36975]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19/04/2010 09:34 162768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/04/2010 09:34 19024]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [19/04/2010 10:23 23456]
.
Contents of the 'Scheduled Tasks' folder

2010-04-15 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-09-10 00:12]

2010-04-15 c:\windows\Tasks\Registration reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-09-10 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-19 20:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-04-19 20:27:27
ComboFix-quarantined-files.txt 2010-04-19 19:27

Pre-Run: 108,530,327,552 bytes free
Post-Run: 108,524,650,496 bytes free

- - End Of File - - 9FF9EBF5468269A5F2278E053A82705B
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119410
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#14 Příspěvek od Rudy »

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Driver::
MHN
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petrik25
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 13 kvě 2007 09:17
Kontaktovat uživatele:

Re: Hrozne pomale pc po format HDD

#15 Příspěvek od petrik25 »

tak vsetko urobene,
Log:

ComboFix 10-04-18.04 - Peter Balascak 19/04/2010 20:56:55.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.895.542 [GMT 1:00]
Running from: c:\documents and settings\Peter Balascak\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Peter Balascak\Desktop\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MHN


((((((((((((((((((((((((( Files Created from 2010-03-19 to 2010-04-19 )))))))))))))))))))))))))))))))
.

2010-04-19 09:43 . 2010-04-19 10:05 -------- d-----w- c:\documents and settings\Peter Balascak\Application Data\ICQ
2010-04-19 09:43 . 2010-04-19 09:43 -------- d-----w- c:\documents and settings\Peter Balascak\Local Settings\Application Data\AOL
2010-04-19 09:43 . 2010-04-19 09:46 -------- d-----w- c:\program files\ICQ7.1
2010-04-19 09:23 . 2010-04-19 09:28 -------- d-----w- c:\documents and settings\Peter Balascak\Local Settings\Application Data\eSupport.com
2010-04-19 09:23 . 2010-04-19 09:23 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-04-19 08:34 . 2010-04-14 16:35 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-19 08:34 . 2010-04-14 16:31 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-19 08:34 . 2010-04-14 16:35 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-19 08:34 . 2010-04-14 16:31 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-19 08:34 . 2010-04-14 16:31 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-19 08:34 . 2010-04-14 16:31 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-19 08:34 . 2010-04-14 16:30 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-19 08:34 . 2010-04-14 16:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-19 08:34 . 2010-04-14 16:47 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-19 08:34 . 2010-04-19 08:34 -------- d-----w- c:\program files\Alwil Software
2010-04-19 08:34 . 2010-04-19 08:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-04-18 11:06 . 2001-08-17 21:36 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2010-04-18 11:06 . 2001-08-17 11:50 13664 ----a-w- c:\windows\system32\dllcache\n9i128.sys
2010-04-18 11:06 . 2001-08-17 13:56 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-04-18 11:06 . 2001-08-17 11:11 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-04-18 11:06 . 2001-08-17 11:11 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-04-18 11:06 . 2001-08-17 12:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-04-18 11:06 . 2001-08-17 21:36 7168 ----a-w- c:\windows\system32\dllcache\mxport.dll
2010-04-18 11:06 . 2001-08-17 12:49 19968 ----a-w- c:\windows\system32\dllcache\mxnic.sys
2010-04-18 11:06 . 2001-08-17 21:36 19968 ----a-w- c:\windows\system32\dllcache\mxicfg.dll
2010-04-18 11:04 . 2001-08-17 11:50 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys
2010-04-18 11:03 . 2001-08-17 11:11 25065 ----a-w- c:\windows\system32\dllcache\lmndis3.sys
2010-04-18 11:02 . 2004-08-10 13:00 60928 ----a-w- c:\windows\system32\dllcache\iisclex4.dll
2010-04-18 11:01 . 2001-08-17 12:28 73279 ----a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2010-04-18 11:00 . 2001-08-17 21:36 123392 ----a-w- c:\windows\system32\dllcache\hpgt21tk.dll
2010-04-18 10:59 . 2001-08-17 21:36 71680 ----a-w- c:\windows\system32\dllcache\fnfilter.dll
2010-04-18 10:58 . 2001-08-17 21:36 53248 ----a-w- c:\windows\system32\dllcache\eqndiag.exe
2010-04-18 10:57 . 2001-08-17 12:47 23808 ----a-w- c:\windows\system32\dllcache\dot4usb.sys
2010-04-18 10:56 . 2001-08-17 11:12 117760 ----a-w- c:\windows\system32\dllcache\d100ib5.sys
2010-04-18 10:55 . 2001-08-17 11:13 22044 ----a-w- c:\windows\system32\dllcache\cem33n5.sys
2010-04-18 10:54 . 2001-08-17 11:13 37568 ----a-w- c:\windows\system32\dllcache\avmwan.sys
2010-04-18 10:51 . 2004-08-10 13:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2010-04-18 10:51 . 2001-08-17 13:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-04-18 10:51 . 2004-08-10 13:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2010-04-18 10:51 . 2004-08-10 13:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2010-04-18 10:51 . 2004-08-10 13:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2010-04-18 10:51 . 2004-08-10 13:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2010-04-18 10:51 . 2004-08-10 13:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2010-04-18 10:51 . 2004-08-10 13:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2010-04-18 08:38 . 2010-04-18 08:38 -------- d-sh--w- c:\documents and settings\Peter Balascak\PrivacIE
2010-04-17 06:35 . 2010-04-17 06:35 -------- d-sh--w- c:\documents and settings\Peter Balascak\IETldCache
2010-04-17 06:13 . 2010-02-25 06:24 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-04-17 06:13 . 2010-02-25 10:54 11070976 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-04-17 06:13 . 2010-02-25 06:24 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-17 06:13 . 2010-02-25 06:24 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-17 06:13 . 2010-02-25 06:24 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-17 06:13 . 2010-02-25 06:24 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-04-17 06:13 . 2010-04-17 06:13 -------- d-----w- c:\windows\ie8updates
2010-04-17 06:12 . 2010-02-16 04:50 64000 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-04-17 06:10 . 2010-04-17 06:11 -------- dc-h--w- c:\windows\ie8
2010-04-17 00:02 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-16 20:56 . 2010-04-16 20:58 -------- d-----w- c:\program files\trend micro
2010-04-16 20:56 . 2010-04-16 20:59 -------- d-----w- C:\rsit
2010-04-16 15:43 . 2010-04-16 15:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-04-16 15:43 . 2010-04-16 15:43 -------- d-----w- c:\program files\MSBuild
2010-04-16 15:42 . 2010-04-16 15:42 -------- d-----w- c:\program files\Reference Assemblies
2010-04-16 15:41 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-04-16 15:41 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-04-16 15:41 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-04-16 15:41 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-04-16 15:41 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-04-16 15:41 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-04-16 15:41 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-04-16 15:41 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-04-16 15:41 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2010-04-16 14:38 . 2010-04-16 14:38 -------- d-----w- c:\windows\system32\scripting
2010-04-16 14:37 . 2010-04-16 14:37 -------- d-----w- c:\windows\l2schemas
2010-04-16 14:37 . 2010-04-16 14:37 -------- d-----w- c:\windows\system32\en
2010-04-16 14:37 . 2010-04-16 14:37 -------- d-----w- c:\windows\system32\bits
2010-04-16 10:13 . 2004-08-03 21:29 25471 ------w- c:\windows\system32\drivers\watv10nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 22271 ------w- c:\windows\system32\drivers\watv06nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 11935 ------w- c:\windows\system32\drivers\wadv11nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 11807 ------w- c:\windows\system32\drivers\wadv07nt.sys
2010-04-16 10:13 . 2004-08-03 21:29 11295 ------w- c:\windows\system32\drivers\wadv08nt.sys
2010-04-16 10:11 . 2004-08-03 21:41 1041536 ----a-w- c:\windows\system32\dllcache\hsfdpsp2.sys
2010-04-16 10:11 . 2004-08-03 21:41 1041536 ------w- c:\windows\system32\drivers\hsfdpsp2.sys
2010-04-16 10:11 . 2004-08-03 21:41 685056 ----a-w- c:\windows\system32\dllcache\hsfcxts2.sys
2010-04-16 10:11 . 2004-08-03 21:41 685056 ------w- c:\windows\system32\drivers\hsfcxts2.sys
2010-04-16 10:11 . 2004-08-03 21:41 220032 ----a-w- c:\windows\system32\dllcache\hsfbs2s2.sys
2010-04-16 10:11 . 2004-08-03 21:41 220032 ------w- c:\windows\system32\drivers\hsfbs2s2.sys
2010-04-16 05:57 . 2009-12-31 16:50 353792 ------w- c:\windows\system32\dllcache\srv.sys
2010-04-16 05:44 . 2009-10-15 16:28 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2010-04-16 05:44 . 2009-03-06 14:22 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2010-04-16 05:44 . 2009-02-06 10:39 35328 ------w- c:\windows\system32\dllcache\sc.exe
2010-04-16 05:44 . 2009-02-09 12:10 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2010-04-16 05:44 . 2009-02-06 11:11 110592 ------w- c:\windows\system32\dllcache\services.exe
2010-04-16 05:44 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2010-04-16 05:44 . 2009-02-09 12:10 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-04-16 05:44 . 2010-02-16 14:08 2146304 ----a-w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-04-16 05:44 . 2010-02-16 13:25 2024448 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-04-16 05:42 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2010-04-16 02:05 . 2010-04-16 14:26 -------- d-----w- c:\windows\ServicePackFiles
2010-04-15 21:47 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2010-04-15 21:44 . 2010-04-16 21:16 -------- d-----w- c:\documents and settings\Peter Balascak\Application Data\vlc
2010-04-15 21:38 . 2010-04-15 21:38 -------- d-----w- c:\program files\VideoLAN
2010-04-15 21:11 . 2010-04-19 08:35 36176 ----a-w- c:\documents and settings\Peter Balascak\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-15 21:09 . 2009-08-06 18:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-04-15 21:06 . 2010-04-15 21:06 -------- d-----w- c:\program files\7-Zip
2010-04-15 21:05 . 2010-03-02 23:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-15 21:05 . 2010-04-15 21:05 -------- d-----w- c:\program files\ffdshow
2010-04-15 20:35 . 2010-04-15 20:35 -------- d-----w- c:\documents and settings\Peter Balascak\Local Settings\Application Data\Opera
2010-04-15 16:51 . 2010-04-15 16:51 -------- d-----w- c:\program files\AVG
2010-04-15 16:43 . 2010-04-15 16:43 -------- d-----w- c:\program files\Opera
2010-04-15 16:43 . 2010-04-15 16:43 -------- d-----w- c:\program files\CCleaner
2010-04-15 16:36 . 2010-04-15 16:36 -------- d-s---w- c:\documents and settings\Peter Balascak\UserData
2010-04-15 16:17 . 2010-04-15 16:17 -------- d-sh--w- c:\documents and settings\All Users\DRM
2010-04-15 16:09 . 2010-04-15 16:11 -------- d-----w- c:\program files\Java
2010-04-15 16:09 . 2010-04-15 16:09 -------- d-----w- c:\program files\Common Files\Java
2010-04-15 16:09 . 2010-04-15 16:09 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}
2010-04-15 16:02 . 2006-03-21 03:23 23040 ------w- c:\windows\kb913800.exe
2010-04-15 16:01 . 2010-04-15 16:01 -------- d-----w- c:\windows\system32\Lang
2010-04-15 15:49 . 2008-04-14 00:12 28672 ------w- c:\windows\system32\verclsid.exe
2010-04-15 15:41 . 2010-04-17 06:13 -------- d--h--w- c:\windows\$hf_mig$
2010-04-15 15:40 . 2005-10-31 18:17 135168 ----a-w- c:\windows\system32\RtlCPAPI.dll
2010-04-15 15:40 . 2005-07-15 15:48 40960 ----a-w- c:\windows\system32\ChCfg.exe
2010-04-15 15:40 . 2010-04-15 15:40 -------- d-----w- c:\windows\system32\RTCOM
2010-04-15 15:39 . 2006-05-16 17:04 2879488 ----a-w- c:\windows\SkyTel.exe
2010-04-15 15:39 . 2006-05-04 15:22 86016 ----a-w- c:\windows\SoundMan.exe
2010-04-15 15:39 . 2006-03-09 17:45 364544 ----a-w- c:\windows\RtlUpd.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-16 14:49 . 2004-09-10 14:36 86811 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-15 15:37 . 2010-04-15 15:36 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-25 06:24 . 2004-09-10 13:57 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-09-10 13:57 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 08:10 . 2004-09-10 13:57 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2004-08-03 21:59 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2004-09-10 13:56 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-09-10 13:57 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" [2010-04-19 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 688218]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-27 7561216]
"nwiz"="nwiz.exe" [2006-04-27 1519616]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 16208384]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 36975]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19/04/2010 09:34 162768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/04/2010 09:34 19024]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [19/04/2010 10:23 23456]
.
Contents of the 'Scheduled Tasks' folder

2010-04-15 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-09-10 00:12]

2010-04-15 c:\windows\Tasks\Registration reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-09-10 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-19 21:01
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3492)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\eHome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2010-04-19 21:03:46 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-19 20:03
ComboFix2.txt 2010-04-19 19:27

Pre-Run: 108,530,515,968 bytes free
Post-Run: 108,437,680,128 bytes free

- - End Of File - - 513FBB28D28BD158F7203145B23E390F
Obrázek

Odpovědět