rpcnet.exe

Zpráva

vfvf21 · #31 Příspěvek od **vfvf21** » 21 črc 2010 10:06

ty logy jsou kazdy přes 90000 znaků jak to sem mam vložit?

#32 Příspěvek od **motji** » 21 črc 2010 10:28

Extras.txt vložte přílohou a ten druhý rozdělejte do dvou příspěvků

vfvf21 · #33 Příspěvek od **vfvf21** » 21 črc 2010 10:53

OTL logfile created on: 21.7.2010 10:37:34 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\vf1\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 31,92 Gb Free Space | 65,36% Space Free | Partition Type: NTFS
Drive D: | 111,82 Gb Total Space | 96,81 Gb Free Space | 86,58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1,83 Gb Total Space | 0,01 Gb Free Space | 0,36% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VF1-PC
Current User Name: vf1
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.21 10:34:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\vf1\Desktop\OTL.exe
PRC - [2010.07.19 17:59:27 | 002,133,536 | ---- | M] (AVG Technologies) -- C:\Users\vf1\Dokumenty\Downloads\avg_iswt_stb_all_9_115.exe
PRC - [2010.04.19 17:39:55 | 001,348,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\vf1\AppData\Local\temp\7zSF22C.tmp\stub.exe
PRC - [2010.03.02 20:29:46 | 001,347,496 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
PRC - [2010.03.02 12:13:57 | 000,067,312 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
PRC - [2010.01.28 23:09:28 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.09.28 19:05:02 | 000,919,024 | ---- | M] (Google Inc.) -- C:\Users\vf1\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009.08.14 15:49:20 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
PRC - [2009.07.15 04:14:52 | 000,352,256 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.07.15 04:14:24 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.04.11 15:20:09 | 000,653,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psxss.exe
PRC - [2009.04.11 15:20:08 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmp.exe
PRC - [2009.04.11 15:20:05 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nfsclnt.exe
PRC - [2009.04.11 15:20:03 | 000,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
PRC - [2009.04.11 15:20:03 | 000,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
PRC - [2009.04.11 15:19:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 15:19:25 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.08.26 19:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008.01.21 04:23:18 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\inetinfo.exe
PRC - [2008.01.21 04:21:41 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

========== Modules (SafeList) ==========

MOD - [2010.07.21 10:34:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\vf1\Desktop\OTL.exe
MOD - [2009.04.11 15:19:13 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.21 04:22:45 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Windows\System32\rpcnetp.exe -- (rpcnetp)
SRV - File not found [Unknown | Running] -- -- (avast! Antivirus)
SRV - [2010.04.21 19:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.04.21 19:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.02 12:13:57 | 000,067,312 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.08.14 15:49:20 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\TCPSVCS.EXE -- (simptcp)
SRV - [2009.07.15 04:14:24 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.04.11 15:20:08 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\snmp.exe -- (SNMP)
SRV - [2009.04.11 15:20:05 | 000,050,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nfsclnt.exe -- (NfsClnt)
SRV - [2009.04.11 15:20:03 | 000,129,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.04.11 15:20:03 | 000,129,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2009.04.11 15:20:03 | 000,129,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2009.04.11 15:20:03 | 000,129,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetMsmqActivator)
SRV - [2009.04.11 15:19:53 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009.04.11 15:19:01 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV)
SRV - [2008.08.26 19:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 04:23:37 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2008.01.21 04:23:19 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSvc)
SRV - [2008.01.21 04:23:18 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (MSFTPSVC)
SRV - [2008.01.21 04:23:18 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008.01.21 04:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - File not found [File_System | Disabled | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - File not found [Kernel | Disabled | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys -- (AVGIDSShimvtx)
DRV - File not found [Kernel | Disabled | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys -- (AVGIDSFiltervtx)
DRV - File not found [Kernel | Disabled | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys -- (AVGIDSDrivervtx)
DRV - File not found [Kernel | Unknown | Stop_Pending] -- -- (Avgfwfd)
DRV - File not found [Kernel | Unknown | Running] -- -- (aswTdi)
DRV - File not found [Kernel | Unknown | Running] -- -- (aswSP)
DRV - File not found [Kernel | Unknown | Running] -- -- (aswRdr)
DRV - File not found [File_System | Unknown | Running] -- -- (aswMonFlt)
DRV - File not found [File_System | Unknown | Running] -- -- (aswFsBlk)
DRV - [2010.06.15 16:53:28 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2010.06.15 16:53:12 | 000,033,848 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010.05.27 22:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009.07.17 16:53:38 | 000,080,384 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.07.15 06:22:48 | 005,068,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.06.04 10:10:00 | 000,312,832 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2009.04.11 15:20:05 | 000,195,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\nfsrdr.sys -- (NfsRdr)
DRV - [2009.04.11 15:20:05 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rpcxdr.sys -- (RpcXdr)
DRV - [2009.04.11 15:19:32 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) Ovladač protokolu RMCAST (Pgm)
DRV - [2009.04.11 15:18:59 | 000,069,096 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2009.03.27 06:48:22 | 001,810,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.11.21 21:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.21 04:23:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psxdrv.sys -- (PsxDrv)
DRV - [2008.01.21 04:23:29 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2008.01.21 04:21:35 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:21:35 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:21:35 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:21:34 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:21:34 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:21:34 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008.01.21 04:21:33 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:21:33 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:21:33 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:21:33 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:21:32 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:21:32 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:21:32 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:21:31 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:21:31 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:21:30 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:21:29 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:21:28 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:21:27 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008.01.21 04:21:09 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:21:09 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:21:09 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006.11.02 09:30:53 | 000,052,224 | ---- | M] (Microsoft Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc21x4vm.sys -- (dc21x4vm)
DRV - [2006.11.02 09:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006.06.28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1458081666-3714914705-1728877592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1458081666-3714914705-1728877592-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.18 18:51:12 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010.07.21 04:47:04 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [MsmqIntCert] C:\Windows\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1000..\Run: [T-Mobile Communication Centre] C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Av_S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O15 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\..Trusted Domains: localhost ([]http in Místní intranet)
O15 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\..Trusted Ranges: GD ([http] in Místní intranet)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.07.21 10:31:41 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\vf1\Desktop\OTL.exe
[2010.07.21 09:51:15 | 000,000,000 | ---D | C] -- C:\Program Files\Ultimate Process Manager
[2010.07.21 08:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.07.21 08:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.07.21 07:47:13 | 000,000,000 | ---D | C] -- C:\_OTM
[2010.07.21 07:12:08 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Local\WindowsUpdate
[2010.07.21 04:56:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.07.21 04:55:58 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Local\temp
[2010.07.21 04:05:22 | 000,201,728 | ---- | C] (OldTimer Tools) -- C:\Users\vf1\Desktop\OTC.exe
[2010.07.21 04:04:40 | 000,520,192 | ---- | C] (OldTimer Tools) -- C:\Users\vf1\Desktop\OTM.exe
[2010.07.21 03:09:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.07.21 01:59:04 | 000,000,000 | ---D | C] -- C:\Microgaming
[2010.07.20 22:44:25 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.07.20 20:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\BitLocker
[2010.07.20 20:31:07 | 001,171,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecureKeyBackupCPL.dll
[2010.07.20 17:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\DBF Viewer 2000
[2010.07.20 16:50:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010.07.20 16:48:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2010.07.20 16:48:02 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2010.07.20 16:48:02 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2010.07.20 16:48:02 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2010.07.20 16:48:01 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2010.07.20 16:48:01 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2010.07.20 16:47:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2010.07.20 16:47:53 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2010.07.20 16:47:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2010.07.20 16:47:52 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2010.07.20 16:47:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2010.07.20 16:47:36 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2010.07.20 16:47:35 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2010.07.20 16:47:35 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2010.07.20 16:47:35 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2010.07.20 16:47:35 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2010.07.20 15:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows OneCare Live
[2010.07.19 20:56:52 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Local\Adobe
[2010.07.19 20:41:40 | 000,080,384 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\System32\drivers\ser2pl.sys
[2010.07.19 20:41:39 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\System32\SER9PL.sys
[2010.07.19 20:41:37 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010.07.19 17:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2010.07.19 15:03:06 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Roaming\HP
[2010.07.19 12:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell
[2010.07.19 09:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010.07.19 09:11:34 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Roaming\hpqLog
[2010.07.19 09:07:38 | 000,000,000 | ---D | C] -- C:\SWSetup
[2010.07.19 08:08:44 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Roaming\Macromedia
[2010.07.19 08:08:43 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Roaming\Adobe
[2010.07.19 07:27:58 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlntsess.exe
[2010.07.19 07:27:58 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\telnet.exe
[2010.07.19 07:09:06 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Local\HP
[2010.07.19 03:22:39 | 000,000,000 | ---D | C] -- C:\ProgramData\HPSSUPPLY
[2010.07.19 03:05:22 | 000,000,000 | ---D | C] -- C:\Windows\SUA
[2010.07.19 03:05:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\msmq
[2010.07.19 03:05:13 | 000,000,000 | ---D | C] -- C:\inetpub
[2010.07.19 02:27:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.07.19 00:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010.07.19 00:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Gemfor
[2010.07.18 20:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\T-Mobile
[2010.07.18 20:38:03 | 000,000,000 | ---D | C] -- C:\Users\vf1\Desktop\WNW - Instalační soubory
[2010.07.18 18:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010.07.18 18:44:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.07.18 18:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2010.07.18 18:43:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2010.07.18 18:38:52 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.07.18 18:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010.07.18 18:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.07.18 17:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.07.18 15:37:36 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010.07.18 15:10:51 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010.07.18 15:06:08 | 000,675,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2010.07.18 14:59:17 | 000,000,000 | ---D | C] -- C:\Users\vf1\Documents\Downloads
[2010.07.18 14:43:24 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Local\Google
[2010.07.18 14:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010.07.18 14:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010.07.18 14:11:28 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010.07.18 14:11:24 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010.07.18 14:11:23 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010.07.18 14:10:51 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010.07.18 14:10:46 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010.07.18 14:10:42 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010.07.18 14:10:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010.07.18 14:10:41 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010.07.18 14:10:41 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010.07.18 14:10:41 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010.07.18 14:10:41 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010.07.18 14:10:41 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010.07.18 14:10:40 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010.07.18 14:10:40 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010.07.18 14:10:40 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010.07.18 14:10:40 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010.07.18 14:10:40 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010.07.18 14:10:40 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010.07.18 14:10:40 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010.07.18 14:10:39 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010.07.18 14:10:39 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010.07.18 14:10:39 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010.07.18 14:10:39 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010.07.18 14:10:39 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010.07.18 14:10:39 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010.07.18 14:10:39 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010.07.18 14:10:39 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010.07.18 14:10:39 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010.07.18 14:10:16 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010.07.18 14:10:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010.07.18 14:10:09 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010.07.18 14:10:04 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010.07.18 14:10:04 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010.07.18 14:10:04 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010.07.18 14:10:04 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010.07.18 14:10:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010.07.18 14:10:04 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010.07.18 14:09:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010.07.18 14:09:00 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010.07.18 14:08:10 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.07.18 14:08:10 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.07.18 14:08:10 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.07.18 13:22:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010.07.18 13:22:27 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010.07.18 13:21:11 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.07.18 13:21:11 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.07.18 13:12:12 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.07.18 13:09:55 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010.07.18 13:09:51 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.07.18 13:09:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010.07.18 13:09:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010.07.18 13:09:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010.07.18 13:07:30 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.07.18 13:07:28 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010.07.18 03:17:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.07.18 03:04:04 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
[2010.07.18 03:02:48 | 000,123,904 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpf3l70w.dll
[2010.07.18 00:26:51 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.07.18 00:08:48 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iisreset.exe
[2010.07.18 00:08:48 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iisrstap.dll
[2010.07.18 00:08:47 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iisRtl.dll
[2010.07.18 00:08:44 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010.07.18 00:08:40 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admwprox.dll
[2010.07.18 00:08:38 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ahadmin.dll
[2010.07.18 00:08:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010.07.18 00:08:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wamregps.dll
[2010.07.18 00:00:42 | 000,966,656 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hpost_p02f.dll
[2010.07.18 00:00:42 | 000,315,392 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hposc_p02a.dll
[2010.07.18 00:00:41 | 000,712,704 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hposwia_p02f.dll
[2010.07.18 00:00:41 | 000,372,736 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hppldcoi.dll
[2010.07.18 00:00:41 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2010.07.17 23:43:56 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010.07.17 23:43:51 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010.07.17 23:43:51 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010.07.17 23:43:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010.07.17 23:43:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010.07.17 23:43:50 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010.07.17 23:43:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010.07.17 23:43:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010.07.17 23:43:46 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.07.17 23:37:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.07.17 23:37:16 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.07.17 23:37:15 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.07.17 23:37:14 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.07.17 23:37:12 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.07.17 23:37:12 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.07.17 23:37:11 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.07.17 23:37:11 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.07.17 23:37:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.07.17 23:37:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.07.17 23:37:09 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.07.17 23:37:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.07.17 23:37:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.07.17 23:37:08 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.07.17 23:37:08 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.07.17 23:31:53 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010.07.17 23:28:50 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.07.17 23:28:38 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.07.17 23:28:30 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.07.17 23:28:27 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.07.17 23:28:27 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.07.17 23:28:26 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.07.17 23:28:25 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010.07.17 23:28:25 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.07.17 23:28:25 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.07.17 23:15:58 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.07.17 23:15:52 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.07.17 23:15:51 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.07.17 23:15:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.07.17 23:10:53 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.07.17 23:10:43 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.07.17 23:10:26 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010.07.17 23:10:23 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.07.17 23:00:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.07.17 23:00:06 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.07.17 22:59:59 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.07.17 22:59:59 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.07.17 22:59:57 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010.07.17 22:59:40 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.07.17 22:59:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010.07.17 22:59:26 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010.07.17 22:59:25 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010.07.17 22:59:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010.07.17 22:56:10 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.07.17 22:56:10 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.07.17 22:55:02 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010.07.17 22:52:42 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.07.17 22:52:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.07.17 22:52:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.07.17 22:52:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010.07.17 22:48:05 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010.07.17 22:23:13 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010.07.17 22:09:38 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010.07.17 21:52:17 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll.install_backup
[2010.07.17 19:31:28 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Local\Opera
[2010.07.17 19:31:27 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Roaming\Opera
[2010.07.17 19:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.07.17 19:25:32 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010.07.17 19:25:32 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010.07.17 19:25:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010.07.17 19:25:17 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010.07.17 19:25:17 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010.07.17 19:25:09 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010.07.17 19:25:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010.07.17 19:05:52 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Roaming\ATI
[2010.07.17 19:05:52 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Local\ATI
[2010.07.17 19:05:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.07.17 18:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010.07.17 18:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010.07.17 18:58:26 | 000,000,000 | ---D | C] -- C:\ATI

vfvf21 · #34 Příspěvek od **vfvf21** » 21 črc 2010 11:00

[2010.07.17 18:18:40 | 000,000,000 | ---D | C] -- C:\$AVG
[2010.07.17 18:17:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010.07.17 17:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.07.17 17:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.07.17 17:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.07.17 17:57:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.07.17 17:38:54 | 000,000,000 | R--D | C] -- C:\Users\vf1\Searches
[2010.07.17 17:38:42 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Roaming\Identities
[2010.07.17 17:38:36 | 000,000,000 | R--D | C] -- C:\Users\vf1\Contacts
[2010.07.17 17:38:35 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Local\VirtualStore
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\AppData\Local\Temporary Internet Files
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Šablony
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Soubory cookie
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\SendTo
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Recent
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Okolní tiskárny
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Okolní síť
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Documents\Obrázky
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Nabídka Start
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Local Settings
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Documents\Hudba
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\AppData\Local\Historie
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Documents\Filmy
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Dokumenty
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\Data aplikací
[2010.07.17 17:38:29 | 000,000,000 | -HSD | C] -- C:\Users\vf1\AppData\Local\Data aplikací
[2010.07.17 17:38:28 | 000,000,000 | --SD | C] -- C:\Users\vf1\AppData\Roaming\Microsoft
[2010.07.17 17:38:28 | 000,000,000 | R--D | C] -- C:\Users\vf1\Videos
[2010.07.17 17:38:28 | 000,000,000 | R--D | C] -- C:\Users\vf1\Saved Games
[2010.07.17 17:38:28 | 000,000,000 | R--D | C] -- C:\Users\vf1\Pictures
[2010.07.17 17:38:28 | 000,000,000 | R--D | C] -- C:\Users\vf1\Music
[2010.07.17 17:38:28 | 000,000,000 | R--D | C] -- C:\Users\vf1\Links
[2010.07.17 17:38:28 | 000,000,000 | R--D | C] -- C:\Users\vf1\Favorites
[2010.07.17 17:38:28 | 000,000,000 | R--D | C] -- C:\Users\vf1\Downloads
[2010.07.17 17:38:28 | 000,000,000 | R--D | C] -- C:\Users\vf1\Dokumenty
[2010.07.17 17:38:28 | 000,000,000 | R--D | C] -- C:\Users\vf1\Desktop
[2010.07.17 17:38:28 | 000,000,000 | -H-D | C] -- C:\Users\vf1\AppData
[2010.07.17 17:38:28 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Local\Microsoft
[2010.07.17 17:38:28 | 000,000,000 | ---D | C] -- C:\Users\vf1\AppData\Roaming\Media Center Programs
[2010.07.17 17:34:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2010.07.17 17:34:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2010.07.17 17:34:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2010.07.17 17:34:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2010.07.17 17:34:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2010.07.17 17:34:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2010.07.17 17:34:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2010.07.17 17:34:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010.07.17 17:34:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2010.07.17 17:34:23 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010.07.17 17:22:37 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.07.17 17:20:19 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010.07.17 17:18:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2009.03.27 06:47:16 | 000,195,120 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

========== Files - Modified Within 30 Days ==========

[2010.07.21 10:42:18 | 000,786,432 | -HS- | M] () -- C:\Users\vf1\NTUSER.DAT
[2010.07.21 10:34:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\vf1\Desktop\OTL.exe
[2010.07.21 10:03:04 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.21 10:01:11 | 000,001,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.07.21 09:43:01 | 000,002,592 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.21 09:43:01 | 000,002,592 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.21 09:26:17 | 001,002,814 | ---- | M] () -- C:\Users\vf1\Desktop\upmsfx.exe
[2010.07.21 08:26:59 | 001,632,512 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.21 08:26:59 | 000,683,950 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.07.21 08:26:59 | 000,670,408 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.21 08:26:59 | 000,150,560 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.07.21 08:26:59 | 000,129,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.21 08:11:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010.07.21 07:37:52 | 000,201,728 | ---- | M] (OldTimer Tools) -- C:\Users\vf1\Desktop\OTC.exe
[2010.07.21 07:37:41 | 000,520,192 | ---- | M] (OldTimer Tools) -- C:\Users\vf1\Desktop\OTM.exe
[2010.07.21 07:34:44 | 002,775,808 | ---- | M] () -- C:\Users\vf1\Desktop\rmdndup.exe
[2010.07.21 07:18:31 | 005,116,596 | ---- | M] () -- C:\Users\vf1\Documents\VirusRemover.bat
[2010.07.21 07:05:35 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{16A41C02-1E23-4CD4-948E-2C6998CEDA2D}.job
[2010.07.21 04:47:49 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.07.21 04:47:04 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.07.21 04:24:54 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.21 03:48:13 | 000,524,288 | -HS- | M] () -- C:\Users\vf1\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
[2010.07.21 03:48:13 | 000,065,536 | -HS- | M] () -- C:\Users\vf1\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
[2010.07.21 03:42:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.21 03:42:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.21 03:42:48 | 1875,763,200 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.21 03:41:30 | 000,007,660 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.07.21 02:36:58 | 000,001,013 | ---- | M] () -- C:\Users\vf1\Desktop\rmelkern – zástupce.lnk
[2010.07.20 23:36:29 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.07.20 20:38:18 | 002,897,215 | -H-- | M] () -- C:\Users\vf1\AppData\Local\IconCache.db
[2010.07.20 20:29:21 | 000,000,862 | ---- | M] () -- C:\Windows\System32\termcap
[2010.07.20 17:46:52 | 000,001,711 | ---- | M] () -- C:\Users\vf1\Desktop\DBF Viewer 2000.lnk
[2010.07.19 15:24:15 | 005,072,764 | ---- | M] () -- C:\Users\vf1\Documents\VirusRemover2
[2010.07.19 15:01:46 | 000,214,521 | ---- | M] () -- C:\Windows\hpoins39.dat
[2010.07.19 13:13:32 | 000,189,104 | ---- | M] () -- C:\Users\vf1\Documents\rmvirus.dos
[2010.07.19 13:13:11 | 000,287,744 | ---- | M] () -- C:\Users\vf1\Documents\rmvirus32.nt
[2010.07.19 08:08:36 | 000,214,627 | ---- | M] () -- C:\Windows\hpoins39.dat.temp
[2010.07.19 02:29:56 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.19 00:45:49 | 000,000,680 | ---- | M] () -- C:\Users\vf1\AppData\Local\d3d9caps.dat
[2010.07.18 21:09:34 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.07.18 20:38:34 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\Web'n'walk Manager.lnk
[2010.07.18 19:43:29 | 000,000,179 | ---- | M] () -- C:\Windows\win.ini
[2010.07.18 19:35:00 | 000,229,888 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.07.18 19:14:42 | 000,049,552 | ---- | M] () -- C:\Users\vf1\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.18 18:47:40 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.07.18 18:42:53 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Windows Live Fotogalerie.lnk
[2010.07.18 15:38:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.07.18 15:22:00 | 000,008,192 | ---- | M] () -- C:\Users\vf1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.18 14:58:36 | 000,002,032 | ---- | M] () -- C:\Users\vf1\Desktop\Google Chrome.lnk
[2010.07.18 14:55:51 | 000,002,550 | ---- | M] () -- C:\Users\vf1\Documents\Zaloha klice certifikatu.pfx
[2010.07.18 14:13:28 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010.07.17 21:52:17 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll.install_backup
[2010.07.17 19:30:43 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.07.17 19:03:56 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.07.17 18:19:59 | 000,524,288 | -HS- | M] () -- C:\Users\vf1\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms
[2010.07.17 17:38:29 | 000,000,020 | -HS- | M] () -- C:\Users\vf1\ntuser.ini
[2010.07.17 17:27:32 | 000,396,485 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.07.17 17:24:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

========== Files Created - No Company Name ==========

[2010.07.21 09:15:29 | 001,002,814 | ---- | C] () -- C:\Users\vf1\Desktop\upmsfx.exe
[2010.07.21 07:18:31 | 005,116,596 | ---- | C] () -- C:\Users\vf1\Documents\VirusRemover.bat
[2010.07.21 07:05:35 | 000,000,432 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{16A41C02-1E23-4CD4-948E-2C6998CEDA2D}.job
[2010.07.21 06:43:09 | 000,287,744 | ---- | C] () -- C:\Users\vf1\Documents\rmvirus32.nt
[2010.07.21 06:43:01 | 000,189,104 | ---- | C] () -- C:\Users\vf1\Documents\rmvirus.dos
[2010.07.21 03:09:59 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010.07.21 03:09:59 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.07.21 02:36:58 | 000,001,013 | ---- | C] () -- C:\Users\vf1\Desktop\rmelkern – zástupce.lnk
[2010.07.20 23:36:29 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.07.20 22:58:13 | 000,000,934 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.20 22:58:09 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.20 20:31:08 | 000,000,711 | ---- | C] () -- C:\Windows\System32\CPSOKBTasks.xml
[2010.07.20 20:29:23 | 000,000,862 | ---- | C] () -- C:\Windows\System32\termcap
[2010.07.20 17:46:52 | 000,001,711 | ---- | C] () -- C:\Users\vf1\Desktop\DBF Viewer 2000.lnk
[2010.07.20 16:47:43 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010.07.20 16:47:42 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010.07.20 16:47:42 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010.07.19 20:41:39 | 000,026,719 | ---- | C] () -- C:\Windows\System32\SERSPL.VXD
[2010.07.19 15:24:14 | 005,072,764 | ---- | C] () -- C:\Users\vf1\Documents\VirusRemover2
[2010.07.19 09:18:00 | 000,000,179 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2010.07.19 02:07:17 | 1875,763,200 | -HS- | C] () -- C:\hiberfil.sys
[2010.07.18 22:55:19 | 002,775,808 | ---- | C] () -- C:\Users\vf1\Desktop\rmdndup.exe
[2010.07.18 21:09:34 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.07.18 20:38:34 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\Web'n'walk Manager.lnk
[2010.07.18 18:47:18 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.07.18 18:45:00 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.07.18 18:42:53 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Windows Live Fotogalerie.lnk
[2010.07.18 18:32:32 | 000,214,627 | ---- | C] () -- C:\Windows\hpoins39.dat.temp
[2010.07.18 18:32:31 | 000,000,703 | ---- | C] () -- C:\Windows\hpomdl39.dat.temp
[2010.07.18 15:38:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.07.18 15:37:44 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.07.18 14:58:36 | 000,002,032 | ---- | C] () -- C:\Users\vf1\Desktop\Google Chrome.lnk
[2010.07.18 14:55:51 | 000,002,550 | ---- | C] () -- C:\Users\vf1\Documents\Zaloha klice certifikatu.pfx
[2010.07.18 14:13:28 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010.07.18 03:07:20 | 000,214,521 | ---- | C] () -- C:\Windows\hpoins39.dat
[2010.07.17 23:37:08 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010.07.17 23:32:25 | 000,002,594 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.07.17 22:59:25 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010.07.17 19:30:43 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.07.17 19:03:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.07.17 18:31:57 | 000,008,192 | ---- | C] () -- C:\Users\vf1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.17 17:58:16 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.17 17:38:31 | 000,000,680 | ---- | C] () -- C:\Users\vf1\AppData\Local\d3d9caps.dat
[2010.07.17 17:38:29 | 000,524,288 | -HS- | C] () -- C:\Users\vf1\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms
[2010.07.17 17:38:29 | 000,524,288 | -HS- | C] () -- C:\Users\vf1\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
[2010.07.17 17:38:29 | 000,262,144 | -H-- | C] () -- C:\Users\vf1\ntuser.dat.LOG1
[2010.07.17 17:38:29 | 000,065,536 | -HS- | C] () -- C:\Users\vf1\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
[2010.07.17 17:38:29 | 000,000,020 | -HS- | C] () -- C:\Users\vf1\ntuser.ini
[2010.07.17 17:38:29 | 000,000,000 | -H-- | C] () -- C:\Users\vf1\ntuser.dat.LOG2
[2010.07.17 17:38:28 | 000,786,432 | -HS- | C] () -- C:\Users\vf1\NTUSER.DAT
[2010.07.17 17:24:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010.07.17 17:24:14 | 000,007,660 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.04.11 15:19:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.03.27 06:48:22 | 001,810,992 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009.03.27 06:48:12 | 000,034,096 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008.01.21 04:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2006.11.02 14:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.05.19 18:39:58 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2010.07.17 22:42:07 | 000,000,000 | ---D | M] -- C:\Users\fil\AppData\Roaming\Opera
[2010.07.17 19:31:27 | 000,000,000 | ---D | M] -- C:\Users\vf1\AppData\Roaming\Opera
[2010.07.21 03:41:30 | 000,017,344 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.07.21 07:05:35 | 000,000,432 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{16A41C02-1E23-4CD4-948E-2C6998CEDA2D}.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe -- [2009.04.11 15:19:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"T-Mobile Communication Centre" = "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun -- [2010.03.02 20:29:46 | 001,347,496 | ---- | M] (Gemfor s.r.o.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.07.19 20:56:52 | 000,000,000 | ---D | M] -- C:\Users\vf1\AppData\Roaming\Adobe
[2010.07.17 19:05:52 | 000,000,000 | ---D | M] -- C:\Users\vf1\AppData\Roaming\ATI
[2010.07.19 15:03:06 | 000,000,000 | ---D | M] -- C:\Users\vf1\AppData\Roaming\HP
[2010.07.19 09:11:34 | 000,000,000 | ---D | M] -- C:\Users\vf1\AppData\Roaming\hpqLog
[2010.07.17 17:38:42 | 000,000,000 | ---D | M] -- C:\Users\vf1\AppData\Roaming\Identities
[2010.07.19 08:08:44 | 000,000,000 | ---D | M] -- C:\Users\vf1\AppData\Roaming\Macromedia
[2006.11.02 14:35:50 | 000,000,000 | ---D | M] -- C:\Users\vf1\AppData\Roaming\Media Center Programs
[2010.07.21 05:54:25 | 000,000,000 | --SD | M] -- C:\Users\vf1\AppData\Roaming\Microsoft
[2010.07.17 19:31:27 | 000,000,000 | ---D | M] -- C:\Users\vf1\AppData\Roaming\Opera

< %APPDATA%\*.exe /s >
[2010.07.17 18:59:13 | 000,010,134 | R--- | M] () -- C:\Users\vf1\AppData\Roaming\Microsoft\Installer\{1BFF0EA4-DFD8-8E28-90D4-8E435C7E0AAB}\ARPPRODUCTICON.exe

< MD5 for: AGP440.SYS >
[2008.01.21 04:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008.01.21 04:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 15:18:59 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 15:18:59 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 15:18:59 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 15:18:59 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:21:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:21:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CDROM.SYS >
[2008.01.21 04:21:11 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:21:11 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 15:18:59 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 15:18:59 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 15:18:59 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.04.11 15:19:34 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.04.11 15:19:34 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 15:19:34 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.04.11 15:19:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 15:19:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 15:19:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 15:18:59 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.21 04:21:31 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:21:31 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:21:31 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 04:21:09 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:21:09 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 04:21:09 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:21:09 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:21:09 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\ERDNT\cache\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\SoftwareDistribution\Download\f0e7510dbdd98e00504ebcf9a6bc42ad\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\SoftwareDistribution\Download\f0e7510dbdd98e00504ebcf9a6bc42ad\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\SoftwareDistribution\Download\f0e7510dbdd98e00504ebcf9a6bc42ad\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:22:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 15:19:16 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.04.11 15:19:16 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 15:19:16 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 15:19:21 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 15:19:21 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 15:19:21 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 04:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.04.11 15:19:45 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 15:19:45 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 15:19:45 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2009.04.11 15:19:14 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 15:19:14 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:21:53 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008.01.21 04:21:53 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:21:53 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.04.11 15:20:11 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\ERDNT\cache\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\System32\drivers\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 04:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 04:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 15:19:45 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 15:19:45 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 15:19:45 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 04:22:57 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\ERDNT\cache\ws2_32.dll
[2008.01.21 04:22:57 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:22:57 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.15 04:15:18 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009.04.11 15:19:41 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 15:19:39 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.04.11 16:14:01 | 025,030,656 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2009.04.11 16:13:38 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2009.04.11 16:14:01 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.15 04:15:18 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009.04.11 15:19:41 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 15:19:39 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.07.21 09:43:01 | 000,002,592 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.21 09:43:01 | 000,002,592 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.21 08:11:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010.07.18 19:35:00 | 000,229,888 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.07.21 08:26:59 | 000,150,560 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.07.21 08:26:59 | 000,129,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.21 08:26:59 | 000,683,950 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.07.21 08:26:59 | 000,670,408 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.21 08:26:59 | 001,632,512 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.20 20:29:21 | 000,000,862 | ---- | M] () -- C:\Windows\System32\termcap
< End of report >

vfvf21 · #35 Příspěvek od **vfvf21** » 21 črc 2010 11:04

OTL Extras logfile created on: 21.7.2010 10:37:34 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\vf1\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 31,92 Gb Free Space | 65,36% Space Free | Partition Type: NTFS
Drive D: | 111,82 Gb Total Space | 96,81 Gb Free Space | 86,58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1,83 Gb Total Space | 0,01 Gb Free Space | 0,36% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VF1-PC
Current User Name: vf1
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1458081666-3714914705-1728877592-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\vf1\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1458081666-3714914705-1728877592-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\fil\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7158A3AB-E63F-49C3-BDB0-A986A1AA8ADF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7C061E74-BC9E-4E45-A93F-83E597032A65}" = rport=445 | protocol=6 | dir=out | app=system |
"{8F33AAE7-E595-4907-9671-C1AD28536656}" = rport=139 | protocol=6 | dir=out | app=system |
"{909D2F72-CA28-4362-B1E6-ABE244BEBEE2}" = lport=137 | protocol=17 | dir=in | app=system |
"{97E24DDD-9B2F-4A60-A418-C5A88A60D9CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9D6B89F1-57C8-431B-AB7D-25BD0957A0FE}" = rport=137 | protocol=17 | dir=out | app=system |
"{A03B675D-73B3-4612-8162-9E32F1C7DE07}" = lport=139 | protocol=6 | dir=in | app=system |
"{C0E8616A-4341-4232-BA99-2D375EE7F386}" = rport=138 | protocol=17 | dir=out | app=system |
"{C5596539-EFA7-4ED7-A3EF-9977DCE98C82}" = lport=445 | protocol=6 | dir=in | app=system |
"{DE48B90C-735F-45FF-9B33-9EB362A617D8}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{F82B58C1-FDA6-4D5C-B4B1-EC20A63C9617}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AB7F57B-33DF-49E1-8CBE-3585E0D875A4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{0FF79372-46E6-42B8-95D7-A5CFD3A07BB9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{16548851-C40C-48D7-BF10-9FDF3584C3C6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{1708295D-1467-4B6F-A7B7-1AB446C1762D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{2AC5DB4A-7613-4828-B064-067E7A31CB61}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{2E074875-4CF2-472D-B019-C7B56B411D52}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{3A599E85-5F3B-4565-B3A7-ED41C8E564DB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{4665601B-28D9-4B79-BB04-C0AEED7F674D}" = dir=in | app=e:\setup\hpznui01.exe |
"{524DD2F1-5265-4772-B04C-E0F00153C289}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6FBDD790-B845-4844-9A0C-55CF163E0339}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{89C4E3A9-D981-4FFC-AFEA-9A460B38D98E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9FB28F75-5369-499A-91D1-182A575641FD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{AAFB3E96-6F9E-4BDD-95C4-A5E18C2DB73B}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{ACC1E2CD-BA90-4C72-A25F-C575416AF7EA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B7B799FA-DF5E-43A2-B2A5-A5CE5A7B6797}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{BCDAE989-030F-41BF-8CA3-25A244C24B47}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CDD0446B-1E7D-483C-94C7-2888F517DE8F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{E507FC2F-A888-4F03-9284-F840E9EDCC6B}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{E71EF230-9C79-4203-8327-31D5448E4D81}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"TCP Query User{A8B122A6-C3AD-436F-AD9B-7D0DD4043C54}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{1E5BDC81-71FB-4D3C-AFE5-901EFC226DCE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{134EE273-0F1C-4A5B-817D-13111DB75B14}" = B109n-z
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1BFF0EA4-DFD8-8E28-90D4-8E435C7E0AAB}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}" = Opera 10.00
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2EDC86B3-E984-2F11-0C2F-8D6DA0353ED7}" = CCC Help English
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3A7C8786-F407-1AF2-510E-63804A814C32}" = Catalyst Control Center Graphics Full New
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4F5840BD-37BD-4B4C-6D58-B8BC7A594DA1}" = ccc-core-static
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{5FEF2C49-9133-0BB1-A5E5-111D6FF88504}" = ccc-utility
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69A13D2F-A08F-619A-1D42-94CB96F3635A}" = ATI Catalyst Install Manager
"{69CAB146-08E3-64A4-F9C6-FC3D0A962E37}" = Catalyst Control Center Graphics Light
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{722B4A13-F24D-43AE-8813-5DB82C0B23C2}" = HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8466940C-84D8-484C-B1E3-C2E4D73FD5DD}" = PS_AIO_06_B109n-z_SW_Min
"{8E0B96CD-28A2-6D67-F629-372B81751C92}" = Catalyst Control Center Core Implementation
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{A14CB363-D717-2EBB-9D84-1DAE75764181}" = Catalyst Control Center HydraVision Full
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC363598-9D70-0357-8DA4-9598A05B48EA}" = Catalyst Control Center Graphics Full Existing
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3 - Czech
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}" = Catalyst Control Center - Branding
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E7861D15-407C-3328-E2F7-CFE5C04A32F4}" = Catalyst Control Center Graphics Previews Vista
"{EBBCBC9A-1281-D33E-4AD2-C3E8A36D9E1F}" = Catalyst Control Center Graphics Previews Common
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"DBF Viewer 2000" = DBF Viewer 2000 3.25
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Communication Centre" = Web'n'walk Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1458081666-3714914705-1728877592-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1458081666-3714914705-1728877592-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.7.2010 20:19:17 | Computer Name = vf1-PC | Source = RasClient | ID = 20227
Description =

Error - 20.7.2010 20:19:25 | Computer Name = vf1-PC | Source = RasClient | ID = 20227
Description =

Error - 20.7.2010 20:20:33 | Computer Name = vf1-PC | Source = RasClient | ID = 20227
Description =

Error - 20.7.2010 20:29:59 | Computer Name = vf1-PC | Source = RasClient | ID = 20227
Description =

Error - 20.7.2010 20:30:50 | Computer Name = vf1-PC | Source = RasClient | ID = 20227
Description =

Error - 20.7.2010 20:56:49 | Computer Name = vf1-PC | Source = WinDefendRtp | ID = 3003
Description = Kontrolní bod ochrany v reálném čase programu %%827 zjistil chybu
a nepodařilo se jej spustit. Uživatel: vf1-PC\fil Kontrolní bod: 1 Kód chyby: 0x80070005

Popis
chyby: Přístup byl odepřen.

Error - 20.7.2010 22:33:41 | Computer Name = vf1-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace PEV.exe, verze 0.0.0.0, časové razítko 0x4bd0e994,
chybující modul PEV.exe, verze 0.0.0.0, časové razítko 0x4bd0e994, kód výjimky
0x40000015, posun chyby 0x0008d560, ID procesu 0x14b4, čas spuštění aplikace 0x01cb287d1b667028.

Error - 21.7.2010 2:35:48 | Computer Name = vf1-PC | Source = VSS | ID = 8194
Description =

Error - 21.7.2010 4:00:12 | Computer Name = vf1-PC | Source = Customer Experience Improvement Program | ID = 1006
Description =

Error - 21.7.2010 4:38:18 | Computer Name = vf1-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ System Events ]
Error - 20.7.2010 21:24:10 | Computer Name = vf1-PC | Source = TPM | ID = 393229
Description = V hardwaru TPM došlo k neobnovitelné chybě ovladače zařízení, která
brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další
pomoc, obraťte se na výrobce počítače.

Error - 20.7.2010 21:24:10 | Computer Name = vf1-PC | Source = TPM | ID = 393229
Description = V hardwaru TPM došlo k neobnovitelné chybě ovladače zařízení, která
brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další
pomoc, obraťte se na výrobce počítače.

Error - 20.7.2010 21:40:40 | Computer Name = vf1-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 20.7.2010 21:42:45 | Computer Name = vf1-PC | Source = TPM | ID = 393229
Description = V hardwaru TPM došlo k neobnovitelné chybě ovladače zařízení, která
brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další
pomoc, obraťte se na výrobce počítače.

Error - 20.7.2010 21:42:45 | Computer Name = vf1-PC | Source = TPM | ID = 393229
Description = V hardwaru TPM došlo k neobnovitelné chybě ovladače zařízení, která
brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další
pomoc, obraťte se na výrobce počítače.

Error - 20.7.2010 21:42:45 | Computer Name = vf1-PC | Source = TPM | ID = 393229
Description = V hardwaru TPM došlo k neobnovitelné chybě ovladače zařízení, která
brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další
pomoc, obraťte se na výrobce počítače.

Error - 20.7.2010 21:42:45 | Computer Name = vf1-PC | Source = TPM | ID = 393229
Description = V hardwaru TPM došlo k neobnovitelné chybě ovladače zařízení, která
brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další
pomoc, obraťte se na výrobce počítače.

Error - 20.7.2010 21:43:49 | Computer Name = vf1-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 20.7.2010 22:31:15 | Computer Name = vf1-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 20.7.2010 22:47:17 | Computer Name = vf1-PC | Source = Service Control Manager | ID = 7030
Description =

< End of report >

vfvf21 · #36 Příspěvek od **vfvf21** » 21 črc 2010 13:03

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4334

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

21.7.2010 13:42:43
mbam-log-2010-07-21 (13-42-43).txt

Typ skenu: Úplný sken (C:\|D:\|E:\|F:\|)
Skenované objekty: 303409
Uplynulý čas: 1 hodina(y), 21 minuta(y), 1 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\fil\Documents\Downloads\install_flash_player.exe (Trojan.Downloader) -> No action taken.

#37 Příspěvek od **motji** » 21 črc 2010 14:16

Otestujte na www.virustotal.com
C:\Users\fil\Documents\Downloads\install_flash_player.exe

vfvf21 · #38 Příspěvek od **vfvf21** » 21 črc 2010 14:51

Soubor install_flash_player.exe přijatý 2010.07.21 13:36:06 (UTC)
Současný stav: Dokončeno
Výsledek: 0/42 (0%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2010.07.21.00 2010.07.20 -
AntiVir 8.2.4.22 2010.07.21 -
Antiy-AVL 2.0.3.7 2010.07.21 -
Authentium 5.2.0.5 2010.07.21 -
Avast 4.8.1351.0 2010.07.21 -
Avast5 5.0.332.0 2010.07.21 -
AVG 9.0.0.851 2010.07.21 -
BitDefender 7.2 2010.07.21 -
CAT-QuickHeal 11.00 2010.07.21 -
ClamAV 0.96.0.3-git 2010.07.21 -
Comodo 5498 2010.07.21 -
DrWeb 5.0.2.03300 2010.07.21 -
Emsisoft 5.0.0.34 2010.07.21 -
eSafe 7.0.17.0 2010.07.21 -
eTrust-Vet 36.1.7726 2010.07.21 -
F-Prot 4.6.1.107 2010.07.21 -
F-Secure 9.0.15370.0 2010.07.21 -
Fortinet 4.1.143.0 2010.07.20 -
GData 21 2010.07.21 -
Ikarus T3.1.1.84.0 2010.07.21 -
Jiangmin 13.0.900 2010.07.21 -
Kaspersky 7.0.0.125 2010.07.21 -
McAfee 5.400.0.1158 2010.07.21 -
McAfee-GW-Edition 2010.1 2010.07.21 -
Microsoft 1.6004 2010.07.21 -
NOD32 5297 2010.07.21 -
Norman 6.05.11 2010.07.20 -
nProtect 2010-07-21.01 2010.07.21 -
Panda 10.0.2.7 2010.07.21 -
PCTools 7.0.3.5 2010.07.21 -
Prevx 3.0 2010.07.21 -
Rising 22.57.02.04 2010.07.21 -
Sophos 4.55.0 2010.07.21 -
Sunbelt 6612 2010.07.21 -
SUPERAntiSpyware 4.40.0.1006 2010.07.21 -
Symantec 20101.1.1.7 2010.07.21 -
TheHacker 6.5.2.1.322 2010.07.20 -
TrendMicro 9.120.0.1004 2010.07.21 -
TrendMicro-HouseCall 9.120.0.1004 2010.07.21 -
VBA32 3.12.12.6 2010.07.21 -
ViRobot 2010.6.21.3896 2010.07.21 -
VirusBuster 5.0.27.0 2010.07.21 -
Rozšiřující informace
File size: 113045 bytes
MD5...: 8c18c16eedf8c64f4dc8ec84f53f2826
SHA1..: 80e937e9fbffe3a69d2224fbd0cd2290218deea4
SHA256: 85d58f804691624f2ead66e9c7246dde2a8af085ee2e460a01ef5ba57ffffd39
ssdeep: 1536:282WRCHNAxMhObtzm2qm+rHJ8gtVpycVvv8e:v+tw/RD1+rHJ8oVocBv8e
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4114
timedatestamp.....: 0x4c0e911a (Tue Jun 08 18:51:06 2010)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x9b3c 0x9c00 6.50 eb17ad0b3bc2f0a5d55978121fb502ce
.rdata 0xb000 0x1b08 0x1c00 5.06 dd7c568a61b20d8479bcfbdc9d8a5726
.data 0xd000 0x118 0x200 2.23 cc4c715e5ecd0af97382d1d8428e5f6e
.rsrc 0xe000 0x265588 0x265600 6.23 9d8d1d8f8760d498d9e4edb4e404510b
.reloc 0x274000 0x6d4 0x800 0.00 d41d8cd98f00b204e9800998ecf8427e

( 1 imports )
> KERNEL32.dll: GetLastError, CreateMutexW, CloseHandle, ExitProcess, GetEnvironmentVariableW, LocalFree, LocalAlloc, GetCurrentProcess, GetVersionExA, SetThreadLocale, GetCommandLineW, GetModuleHandleW, HeapAlloc, GetProcessHeap, HeapFree, ReleaseMutex, WaitForSingleObject, QueueUserAPC, SetWaitableTimer, ExitThread, CreateWaitableTimerW, CreateThread, FindResourceW, CreateDirectoryW, CreateFileW, WriteFile, GetTempFileNameW, GetTempPathW, RemoveDirectoryW, DeleteFileW, FreeLibrary, FreeResource, LockResource, SizeofResource, LoadResource, LoadLibraryW, SetFilePointer, GetProcAddress, GetSystemDirectoryW, GetSystemTime, FindResourceA, OutputDebugStringW, LoadLibraryA, GetThreadLocale, InterlockedExchange, RaiseException

( 0 exports )
RDS...: NSRL Reference Data Set
-
trid..: Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
pdfid.: -
Symantec Reputation Network: Suspicious.Insight http://www.symantec.com/security_respon ... 23-0550-99
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
VAROVÁNÍ: VirusTotal je služba poskytovaná zdarma společnosti Hispasec Sistemas. Kvalita výsledků není nijak zaručena. Výsledky jsou závislé na tvůrci daného produktu. Vysledky testů nemusí být 100% správné. Tyto výsledky nemusí znamenat, že daný soubor je infikován, nebo čistý!

vfvf21 · #39 Příspěvek od **vfvf21** » 21 črc 2010 16:25

myslim že problem by se vyřešil, kdybych věděl jak zamezit přístup stínovým kopiim svazků do meho PC. Protože to jsou přesně ty věci co vidím asi jen ja a vy ne(myslím to v dobrem slovasmyslu)

Protože co jsem tak pochopil z tech logů co sem davam ,tak když už vam to ukaže zamknuté soubory ke kterym nemam přístup, tak to většinou vynecha prazdne soubory ale to jsou právě ty soubory které se mi vrací zpatky přes sítˇ(stínové svazky) jestli to chapu dobře. A z těch se mi tady pravě objevují soubory a složky typu = NTUSER.DAT, ERDNT, ERDNTDOS.LOC, ERDNTWIN.LOC atd.. a jsou v určitých intervalech aktualizovany.

(ale je to jen nazor nˇoumi co si zašvihal pěkně počitač)

#40 Příspěvek od **motji** » 21 črc 2010 22:50

V mbamu nic nemažte

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1458081666-3714914705-1728877592-1001\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Users\vf1\Desktop\rmdndup.exe
C:\Users\vf1\Documents\VirusRemover.bat
C:\Users\vf1\Documents\VirusRemover2

:services
rpcnetp 

:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

běžte do služeb
( start - do řádku pro vyhledávání napište services-msc)
-Vyhledejte si kopii stínového svazku , klikněte na ni pravým myšítkem - vlastnosti - zakázat
-restart pc

vfvf21 · #41 Příspěvek od **vfvf21** » 22 črc 2010 08:06

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Registry value HKEY_USERS\S-1-5-21-1458081666-3714914705-1728877592-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found.
Registry value HKEY_USERS\S-1-5-21-1458081666-3714914705-1728877592-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-1458081666-3714914705-1728877592-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-1458081666-3714914705-1728877592-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1287.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1563.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41EF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4BAF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5CA0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAD9C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCF20.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD078.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD43F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED1C.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI76B0.tmp moved successfully.
C:\WINDOWS\Installer\MSIB80E.tmp moved successfully.
C:\WINDOWS\Installer\MSID128.tmp moved successfully.
C:\WINDOWS\Installer\MSIF06E.tmp moved successfully.
C:\WINDOWS\Installer\MSIF411.tmp moved successfully.
C:\WINDOWS\Installer\MSIFDDA.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\38fccbde3f7a76ed668e92758f8911ad\BITA838.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\76f9fc8f1dc6a72a021c08d35c113036\BITC1BA.tmp moved successfully.
C:\WINDOWS\Temp\ASR4D2.tmp moved successfully.
C:\WINDOWS\Temp\DMI1B6D.tmp moved successfully.
C:\WINDOWS\Temp\DMI3A71.tmp moved successfully.
C:\WINDOWS\Temp\DMI55D.tmp moved successfully.
C:\WINDOWS\Temp\DMI6603.tmp moved successfully.
C:\WINDOWS\Temp\DMI8787.tmp moved successfully.
C:\WINDOWS\Temp\DMIAB0F.tmp moved successfully.
C:\WINDOWS\Temp\DMIB0E8.tmp moved successfully.
C:\WINDOWS\Temp\DMIB432.tmp moved successfully.
C:\WINDOWS\Temp\DMIDB13.tmp moved successfully.
C:\WINDOWS\Temp\DMIE25.tmp moved successfully.
C:\WINDOWS\Temp\DMIE73.tmp moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286382149 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286382145 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286382143 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286382140 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286381992 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286381967 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286380268 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286379042 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286377213 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286377210 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp\infopak_ct.sp.f-secure.com_80_286376799 folder moved successfully.
C:\WINDOWS\Temp\fsaua.tmp folder moved successfully.
C:\WINDOWS\Temp\nvcbin.def.DD0B6467.TMP moved successfully.
C:\WINDOWS\Temp\_avast5_\unp112842516.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp127574390.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp131434749.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp136249696.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp157025411.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp186217543.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp191165875.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp191599769.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp192809143.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp202052219.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp208615053.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp209377983.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp23204252.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp246687231.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp267655895.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp40157922.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp54738799.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp55107697.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp55651038.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp56592205.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp56794739.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp59222181.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp61210412.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp69834977.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp72319041.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp74622381.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp76105110.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp87202809.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
File\Folder C:\Users\vf1\Desktop\rmdndup.exe not found.
C:\Users\vf1\Documents\VirusRemover.bat moved successfully.
C:\Users\vf1\Documents\VirusRemover2 moved successfully.
========== SERVICES/DRIVERS ==========
Service rpcnetp stopped successfully!
Service rpcnetp deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: fil
->Temp folder emptied: 332400 bytes
->Temporary Internet Files folder emptied: 448338 bytes
->Google Chrome cache emptied: 48876909 bytes
->Opera cache emptied: 14760 bytes
->Flash cache emptied: 801 bytes

User: Public
->Temp folder emptied: 0 bytes

User: vf1
->Temp folder emptied: 108890320 bytes
->Temporary Internet Files folder emptied: 50236123 bytes
->Google Chrome cache emptied: 45121211 bytes
->Opera cache emptied: 4388 bytes
->Flash cache emptied: 456 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 642535 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 243,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: fil
->Flash cache emptied: 0 bytes

User: Public

User: vf1
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.9.1 log created on 07222010_084256

Files\Folders moved on Reboot...
C:\Users\vf1\AppData\Local\Temp\HPV28BE.tmp.vdf moved successfully.
C:\Users\vf1\AppData\Local\Temp\HPVF45E.tmp.vdf moved successfully.
C:\Users\vf1\AppData\Local\Temp\HPVF691.tmp.vdf moved successfully.
C:\Users\vf1\AppData\Local\Temp\HPVFC6B.tmp.vdf moved successfully.
File\Folder C:\Windows\temp\TMP00000074C4786D68B9A50020 not found!

Registry entries deleted on Reboot...

#42 Příspěvek od **motji** » 22 črc 2010 10:18

Fajn, jak to vypadá?

vfvf21 · #43 Příspěvek od **vfvf21** » 22 črc 2010 10:49

vypada to tak že zamrza při pokusu o nouzovy režim vždy začne načítat ovladače a tim to končí. Pak taky tak trošku postradam sítˇove adaptery a WLAN prej že NOT Aplicable.

#44 Příspěvek od **motji** » 22 črc 2010 11:13

To postrádáte po tom mém skriptu?

Zkuste ty síťové adaptéry přeinstalovat.
Podívejte se do správce zařízení, u čeho máte žluté otazníky.

vfvf21 · #45 Příspěvek od **vfvf21** » 22 črc 2010 13:45

nektere mi chybí už od začatku infekce ale uplně mi zmizely soubory systemu WAN minipor= (IP, IPV6, L2TP, NETBEUI,PPPOE, PPTP, SSTP, sledovaní sítě,RAS) jediné přes co se ted mužu připojit je sítˇ PAN . Jde to od někud stahnout? Vykřičník mam u : řadič rozhraním IDE a ATAPI ke sběrnici PCMCIA , 15x bluetooth peripheral device a čip trusted Platform module 1,2, AMD=8151 HyperTransport(tm)AGP3,0 Graphics Tunel,. Jde to od nekud stahnout? Moje rychlost na netu je asi tak jako rychlost světla

VIRY.CZ

rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe

Re: rpcnet.exe