Prosím o kontrolu logu

Zpráva

pl4toon · #1 Příspěvek od **pl4toon** » 20 lis 2010 04:42

Prosím o kontrolu. Trošku mi zlobí systém, mám podezření na konrétní HW ale, chtěl bych mít nějdřív jistotu, že to nedělá havěť v systému. Děkuji

______________________________________________________________________________

Logfile of random's system information tool 1.08 (written by random/random)
Run by nobody at 2010-11-20 04:37:31
Microsoft Windows 7 Ultimate
System drive C: has 120 GB (80%) free of 149 GB
Total RAM: 1024 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:37:41, on 20.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Sidebar\sidebar.exe
E:\+-PORTABLE_APPZ-+\Thunderbird\ThunderbirdPortable3.1.3\ThunderbirdPortable.exe
E:\+-PORTABLE_APPZ-+\Thunderbird\ThunderbirdPortable3.1.3\App\thunderbird\thunderbird.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Users\nobody\Desktop\RSIT.exe
C:\Program Files\trend micro\nobody.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 3919 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-11-02 9808488]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP 4\FlashFXP.exe"="C:\Program Files\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP 4\FlashFXP.exe"="C:\Program Files\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-20 04:34:57 ----D---- C:\Program Files\trend micro
2010-11-20 04:34:54 ----D---- C:\rsit
2010-11-19 23:20:24 ----A---- C:\Windows\system32\OpenCL.dll
2010-11-19 23:20:24 ----A---- C:\Windows\system32\nvoglv32.dll
2010-11-19 23:20:24 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-11-19 23:20:24 ----A---- C:\Windows\system32\nvcuvid.dll
2010-11-19 23:20:24 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-11-19 23:20:23 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-11-19 23:20:23 ----A---- C:\Windows\system32\nvcuda.dll
2010-11-19 23:20:23 ----A---- C:\Windows\system32\nvcompiler.dll
2010-11-19 22:43:01 ----D---- C:\Users\nobody\AppData\Roaming\Thunderbird
2010-11-19 07:11:02 ----D---- C:\Program Files\GNU
2010-11-19 07:04:56 ----D---- C:\Users\nobody\AppData\Roaming\GRETECH
2010-11-19 07:04:04 ----D---- C:\Program Files\GRETECH
2010-11-19 04:19:00 ----D---- C:\Program Files\Worms Armageddon
2010-11-19 04:18:13 ----A---- C:\Windows\IsUninst.exe
2010-11-19 04:18:06 ----RASH---- C:\MSDOS.SYS
2010-11-19 04:18:06 ----RASH---- C:\IO.SYS
2010-11-17 22:05:29 ----D---- C:\Windows\XSxS
2010-11-17 22:05:29 ----D---- C:\Program Files\Xenocode
2010-11-17 06:45:31 ----A---- C:\Windows\GPInstall.exe
2010-11-17 06:14:23 ----D---- C:\Program Files\Electronic Arts
2010-11-15 06:21:08 ----N---- C:\Windows\system32\vxblock.dll
2010-11-15 06:21:08 ----N---- C:\Windows\system32\pxwave.dll
2010-11-15 06:21:08 ----N---- C:\Windows\system32\pxsfs.dll
2010-11-15 06:21:08 ----N---- C:\Windows\system32\pxmas.dll
2010-11-15 06:21:08 ----N---- C:\Windows\system32\pxinsa64.exe
2010-11-15 06:21:08 ----N---- C:\Windows\system32\pxhpinst.exe
2010-11-15 06:21:08 ----N---- C:\Windows\system32\pxdrv.dll
2010-11-15 06:21:08 ----N---- C:\Windows\system32\pxcpya64.exe
2010-11-15 06:21:08 ----N---- C:\Windows\system32\pxafs.dll
2010-11-15 06:21:08 ----N---- C:\Windows\system32\px.dll
2010-11-15 06:21:02 ----D---- C:\Users\nobody\AppData\Roaming\Winamp
2010-11-15 06:21:02 ----D---- C:\Program Files\Winamp
2010-11-15 02:10:59 ----D---- C:\Program Files\Fraps
2010-11-15 01:38:55 ----D---- C:\Users\nobody\AppData\Roaming\NeoDownloader
2010-11-15 01:38:54 ----D---- C:\Program Files\NeoDownloader
2010-11-14 12:58:23 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-11-14 12:58:23 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-11-14 12:58:23 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-11-14 12:58:23 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-11-14 12:58:22 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-11-14 12:58:22 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-11-14 12:58:22 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-11-14 12:58:22 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-11-14 12:58:22 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-11-14 12:58:22 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-11-14 12:58:22 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-11-14 12:58:22 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-11-14 12:58:21 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-11-14 12:58:21 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-11-14 12:58:21 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-11-14 12:58:21 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-11-14 12:58:21 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-11-14 12:58:21 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-11-14 12:58:20 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-11-14 12:58:20 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-11-14 12:58:20 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-11-14 12:58:20 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-11-14 12:58:20 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-11-14 12:58:20 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-11-14 12:58:19 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-11-14 12:58:19 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-11-14 12:58:19 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-11-14 12:58:19 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-11-14 12:58:19 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-11-14 12:58:19 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-11-14 12:58:19 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-11-14 12:58:18 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-11-14 12:58:18 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-11-14 12:58:18 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-11-14 12:58:18 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-11-14 12:58:18 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-11-14 12:58:18 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-11-14 12:58:18 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-11-14 12:58:17 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-11-14 12:58:17 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-11-14 12:58:17 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-11-14 12:58:17 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-11-14 12:58:17 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-11-14 12:58:17 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-11-14 12:58:17 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-11-14 12:58:16 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-11-14 12:58:16 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-11-14 12:58:16 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-11-14 12:58:16 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-11-14 12:58:16 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-11-14 12:58:16 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-11-14 12:58:16 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-11-14 12:58:15 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-11-14 12:58:15 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-11-14 12:58:15 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-11-14 12:58:15 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-11-14 12:58:15 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-11-14 12:58:15 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-11-14 12:58:15 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-11-14 12:58:15 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\xinput1_3.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-11-14 12:58:14 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-11-14 12:58:13 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-11-14 12:58:13 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-11-14 12:58:13 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-11-14 12:58:13 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-11-14 12:58:13 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-11-14 12:58:13 ----A---- C:\Windows\system32\d3dx10.dll
2010-11-14 12:58:12 ----A---- C:\Windows\system32\xinput1_2.dll
2010-11-14 12:58:12 ----A---- C:\Windows\system32\xinput1_1.dll
2010-11-14 12:58:12 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-11-14 12:58:12 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-11-14 12:58:12 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-11-14 12:58:12 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-11-14 12:58:10 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-11-14 12:58:10 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-11-14 12:58:10 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-11-14 12:58:10 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-11-14 12:58:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-11-14 12:58:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-11-14 12:58:09 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-11-14 12:52:32 ----D---- C:\Windows\system32\directx
2010-11-14 07:30:42 ----D---- C:\ProgramData\IObit
2010-11-14 07:30:34 ----D---- C:\Users\nobody\AppData\Roaming\IObit
2010-11-14 07:30:34 ----D---- C:\Program Files\IObit
2010-11-14 00:44:39 ----D---- C:\Program Files\Vypínač na dobrou noc
2010-11-14 00:25:28 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-11-14 00:25:28 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-11-14 00:18:35 ----D---- C:\Program Files\EA GAMES
2010-11-14 00:13:10 ----D---- C:\Program Files\Alcohol Soft
2010-11-14 00:10:41 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-11-13 20:59:40 ----D---- C:\Program Files\LopeSoft
2010-11-13 19:04:55 ----D---- C:\Users\nobody\AppData\Roaming\Radmin
2010-11-13 19:04:42 ----D---- C:\Program Files\Radmin Viewer 3
2010-11-13 18:54:22 ----D---- C:\Windows\system32\rserver30
2010-11-13 18:14:12 ----D---- C:\ProgramData\Protexis
2010-11-13 18:14:07 ----D---- C:\Users\nobody\AppData\Roaming\Corel
2010-11-13 18:06:46 ----D---- C:\Program Files\Microsoft SDKs
2010-11-13 18:06:45 ----D---- C:\ProgramData\Microsoft Help
2010-11-13 18:06:45 ----D---- C:\Program Files\Microsoft.NET
2010-11-13 18:06:45 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2010-11-13 18:06:10 ----D---- C:\Program Files\Common Files\Corel
2010-11-13 18:05:46 ----D---- C:\Program Files\Common Files\Protexis
2010-11-13 18:05:45 ----D---- C:\ProgramData\Corel
2010-11-13 18:02:03 ----D---- C:\Program Files\Corel
2010-11-13 17:56:48 ----D---- C:\Users\nobody\AppData\Roaming\Apple Computer
2010-11-13 17:52:53 ----D---- C:\ProgramData\Apple Computer
2010-11-13 17:52:53 ----D---- C:\Program Files\Safari
2010-11-13 17:52:35 ----D---- C:\Program Files\Common Files\Apple
2010-11-13 17:52:20 ----D---- C:\ProgramData\Apple
2010-11-13 17:12:39 ----D---- C:\Users\nobody\AppData\Roaming\PSpad
2010-11-13 17:12:23 ----D---- C:\Program Files\PSPad editor
2010-11-13 17:10:08 ----D---- C:\Program Files\FlashFXP 4
2010-11-13 17:10:07 ----D---- C:\ProgramData\FlashFXP
2010-11-13 16:58:55 ----D---- C:\Program Files\EasyPHP 3.0
2010-11-13 02:40:16 ----D---- C:\Users\nobody\AppData\Roaming\WinRAR
2010-11-13 02:39:48 ----D---- C:\Program Files\WinRAR
2010-11-13 01:53:07 ----D---- C:\Users\nobody\AppData\Roaming\ACD Systems
2010-11-13 01:51:41 ----D---- C:\ProgramData\ACD Systems
2010-11-13 01:51:29 ----D---- C:\Program Files\Common Files\ACD Systems
2010-11-13 01:51:29 ----D---- C:\Program Files\ACD Systems
2010-11-13 01:23:04 ----D---- C:\Windows\system32\appmgmt
2010-11-13 01:06:39 ----D---- C:\Program Files\The KMPlayer
2010-11-12 21:13:34 ----D---- C:\Users\nobody\AppData\Roaming\Opera
2010-11-12 21:13:28 ----D---- C:\Program Files\Opera
2010-11-12 21:12:44 ----D---- C:\Program Files\CCleaner
2010-11-12 21:04:42 ----D---- C:\Users\nobody\AppData\Roaming\Trillian
2010-11-12 21:04:16 ----D---- C:\Program Files\Trillian
2010-11-12 21:01:26 ----D---- C:\Users\nobody\AppData\Roaming\Macromedia
2010-11-12 21:01:26 ----D---- C:\Users\nobody\AppData\Roaming\Adobe
2010-11-12 21:01:03 ----D---- C:\Windows\system32\Macromed
2010-11-12 20:48:30 ----D---- C:\Users\nobody\AppData\Roaming\Mozilla
2010-11-12 20:42:37 ----D---- C:\Windows\Options
2010-11-12 20:42:37 ----A---- C:\Windows\system32\drivers\athur.sys
2010-11-12 20:42:37 ----A---- C:\Windows\system32\athur.sys
2010-11-12 20:42:22 ----D---- C:\ProgramData\TP-LINK
2010-11-12 20:40:25 ----D---- C:\Program Files\Mozilla Firefox
2010-11-12 20:33:16 ----D---- C:\Users\nobody\AppData\Roaming\ESET
2010-11-12 20:32:35 ----D---- C:\ProgramData\ESET
2010-11-12 20:32:35 ----D---- C:\Program Files\ESET
2010-11-12 20:31:08 ----D---- C:\Windows\system32\RTCOM
2010-11-12 20:30:39 ----A---- C:\Windows\system32\WavesLib.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\WavesGUILib.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\SRSWOW.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\SRSTSHD.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\SRSHP360.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\SFNHK.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\SFCOM.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\SFAPO.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\RtkApoApi.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\RtkAPO.dll
2010-11-12 20:30:39 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2010-11-12 20:30:38 ----A---- C:\Windows\system32\RTEEP32A.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\RTEEL32A.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\RTEEG32A.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\RTEED32A.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\RP3DHT32.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\RP3DAA32.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\R4EEP32A.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\R4EEL32A.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\R4EEG32A.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\R4EED32A.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\R4EEA32A.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2010-11-12 20:30:38 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\FMAPO.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSVoiceClarityDLL.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSSymmetryDLL.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSS2SpeakerDLL.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSNeoPCDLL.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSLimiterDLL.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSLFXAPO.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSGFXAPONS.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSGFXAPO.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSGainCompensatorDLL.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSBoostDLL.dll
2010-11-12 20:30:37 ----A---- C:\Windows\system32\DTSBassEnhancementDLL.dll
2010-11-12 20:30:36 ----A---- C:\Windows\system32\AERTARen.dll
2010-11-12 20:30:36 ----A---- C:\Windows\system32\AERTACap.dll
2010-11-12 20:30:32 ----A---- C:\Windows\RtlExUpd.dll
2010-11-12 20:30:29 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-12 20:29:27 ----D---- C:\Program Files\Realtek
2010-11-12 20:29:26 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-12 20:27:09 ----D---- C:\ProgramData\NVIDIA
2010-11-12 20:26:46 ----SHD---- C:\Windows\Installer
2010-11-12 20:26:36 ----D---- C:\ProgramData\NVIDIA Corporation
2010-11-12 20:26:12 ----A---- C:\Windows\system32\nvgenco322030.dll
2010-11-12 20:26:12 ----A---- C:\Windows\system32\nvdispco322050.dll
2010-11-12 20:26:12 ----A---- C:\Windows\system32\nvd3dum.dll
2010-11-12 20:26:12 ----A---- C:\Windows\system32\nvapi.dll
2010-11-12 20:25:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-12 20:24:48 ----D---- C:\Program Files\NVIDIA Corporation
2010-11-12 20:24:28 ----D---- C:\NVIDIA
2010-11-12 20:21:13 ----D---- C:\Users\nobody\AppData\Roaming\Identities
2010-11-12 20:20:46 ----SD---- C:\Users\nobody\AppData\Roaming\Microsoft
2010-11-12 20:20:46 ----D---- C:\Users\nobody\AppData\Roaming\Media Center Programs
2010-11-12 20:19:24 ----SHD---- C:\Recovery
2010-11-12 20:19:24 ----SHD---- C:\ProgramData\Šablony
2010-11-12 20:19:24 ----SHD---- C:\ProgramData\Plocha
2010-11-12 20:19:24 ----SHD---- C:\ProgramData\Oblíbené položky
2010-11-12 20:19:24 ----SHD---- C:\ProgramData\Nabídka Start
2010-11-12 20:19:24 ----SHD---- C:\ProgramData\Dokumenty
2010-11-12 20:19:24 ----SHD---- C:\ProgramData\Data aplikací
2010-11-12 20:17:15 ----D---- C:\Windows\SoftwareDistribution
2010-11-12 20:14:37 ----D---- C:\Windows\Prefetch
2010-11-12 20:14:19 ----ASH---- C:\pagefile.sys
2010-11-12 20:14:19 ----ASH---- C:\hiberfil.sys
2010-11-12 20:14:18 ----SHD---- C:\System Volume Information
2010-11-12 20:13:44 ----D---- C:\Windows\Panther
2010-11-12 20:13:32 ----RASH---- C:\BOOTSECT.BAK
2010-11-12 20:13:30 ----SHD---- C:\Boot

======List of files/folders modified in the last 1 months======

2010-11-20 04:37:13 ----D---- C:\Windows\Tasks
2010-11-20 04:35:10 ----D---- C:\Windows\Temp
2010-11-20 04:34:57 ----RD---- C:\Program Files
2010-11-20 00:20:29 ----D---- C:\Windows\System32
2010-11-20 00:20:28 ----D---- C:\Windows\inf
2010-11-20 00:16:52 ----D---- C:\Windows
2010-11-19 23:21:43 ----D---- C:\Windows\system32\drivers
2010-11-19 23:21:33 ----D---- C:\Windows\system32\catroot
2010-11-19 23:21:32 ----D---- C:\Windows\system32\DriverStore
2010-11-19 23:09:01 ----D---- C:\Windows\system32\Tasks
2010-11-18 19:37:15 ----SD---- C:\ProgramData\Microsoft
2010-11-18 19:37:10 ----D---- C:\Windows\system32\drivers\UMDF
2010-11-18 07:31:36 ----D---- C:\Windows\system32\config
2010-11-17 06:30:39 ----D---- C:\Windows\system32\LogFiles
2010-11-17 01:33:18 ----RSD---- C:\Windows\assembly
2010-11-14 12:52:32 ----D---- C:\Windows\Logs
2010-11-14 07:30:42 ----HD---- C:\ProgramData
2010-11-14 00:25:28 ----D---- C:\Windows\Microsoft.NET
2010-11-13 18:07:06 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-13 18:06:10 ----D---- C:\Program Files\Common Files
2010-11-13 18:05:57 ----RSD---- C:\Windows\Fonts
2010-11-13 18:02:48 ----D---- C:\Windows\winsxs
2010-11-13 17:47:35 ----D---- C:\Windows\system32\wdi
2010-11-13 08:26:29 ----D---- C:\Windows\rescache
2010-11-13 01:17:38 ----D---- C:\Windows\debug
2010-11-13 00:26:20 ----D---- C:\Windows\system32\catroot2
2010-11-12 23:43:42 ----D---- C:\Program Files\DVD Maker
2010-11-12 23:43:40 ----D---- C:\Windows\system32\cs-CZ
2010-11-12 23:43:40 ----D---- C:\Windows\PolicyDefinitions
2010-11-12 20:30:32 ----D---- C:\Windows\system32\CodeIntegrity
2010-11-12 20:29:13 ----D---- C:\Windows\system32\restore
2010-11-12 20:27:03 ----D---- C:\Windows\Help
2010-11-12 20:25:37 ----D---- C:\Windows\system32\wbem
2010-11-12 20:21:07 ----SHD---- C:\$Recycle.Bin
2010-11-12 20:20:46 ----RD---- C:\Users
2010-11-12 20:19:24 ----D---- C:\Program Files\Windows NT
2010-11-12 20:16:29 ----D---- C:\Windows\system32\sysprep
2010-11-12 20:14:59 ----D---- C:\Windows\CSC
2010-11-12 20:13:18 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-14 436792]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-02-23 1500160]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-11-02 3228712]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 azwzuvk5;azwzuvk5; C:\Windows\system32\drivers\azwzuvk5.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 mirrorv3;mirrorv3; C:\Windows\system32\DRIVERS\rminiv3.sys [2009-10-09 3328]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680]
R2 PnkBstrA;PunkBuster; C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe [2007-10-19 63040]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;Offline soubory; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 20 lis 2010 23:54

Dobrý večer

,
jaké máte konkrétní problémy s počítačem?

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

pl4toon · #3 Příspěvek od **pl4toon** » 21 lis 2010 00:33

Dobrý den. Systém se mi už několikrát ukončil, zobrazen BD s nějakou chybou, z výpisu se nedalo poznat, čeho se problém týká.
Mám podezření na primární HDD. Toto se mi stalo už podruhé, dvakrát jsem reinstaloval systém po tom, co už nešel vůbec spustit, ani po opravě.
Chkdisk vždy něco najde, něco opraví, ale výsledek toho je, že se mi systém načítá třeba 5 minut, nebo že už vůbec nejde spustit (při spuštění se to rovnou opakovaně přesměruje na opravu systému, ale windows jako takový se vůbec nespustí).
Teď po druhém reinstalu windows zatím všecko v pohodě, zatím se nic neprojevuje. Radši už ani nespouštím chkdisk, mám obavu, že pak už zase nenahodím systém.
Cca před dvěma měsíci jsem měl problém s boot virem, který mi odstranil kamarád nějakým nástrojem. A zhruba po měsíci to začalo takhle blbnout, předtím nebyl s PC žádný problém. Disk je WD SATA II, nijak se nepřehřívá, je v pohodě, jiné problémy s ním nejsou. Třeba teď momentálně mi už cca týden jede systém bez známky problému. Ale to mi předtím po prvním reinstalu windows taky jelo takhle v pohodě, dokud jsem nenaplánoval při příštím spuštění chkdisk. Něco opravil a od té chvíle už nešel spustit windows. Takže následovalo další rychlé formátování a reinstalace windows.
Jednou po kontrole a opravě systému (myslím že to byla ta úplně první kontrola při prvním problému) byla na konci logu nějaká zmínka o poškozených registrech, ale čeho přímo se problém týkal, to nevím.

Log z MBAM

**********************************--

Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Verze databáze: 5158

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

21.11.2010 0:15:43
mbam-log-2010-11-21 (00-15-43).txt

Typ skenu: Rychlý sken
Skenované objekty: 136338
Uplynulý čas: 5 minuta(y), 6 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

#4 Příspěvek od **motji** » 21 lis 2010 00:42

Mrkněte, jestli máte v pc složku a v ní soubory C:\Windows\minidump. Pokud ano, dejte ji do raru a upněte zde jako přílohu. Zkusím zjistit, co ty BSOD způsobuje.

Najděte složku C:\Rsit a v ní soubor info.txt a vložte ho zde .

Stahněte HD tune http://www.slunecnice.cz/sw/hd-tune/
-zvolete poslední záložku Error scan
-dejte skenovat, trvá to kolem hodiny.
-pak napište jestli jste měl nějaká políčka červená

pl4toon · #5 Příspěvek od **pl4toon** » 21 lis 2010 02:21

Složku minidump boužel nemám, od poslední instalace Windows se ještě BSOD neukázal.

HD Tune žádnou chybu neukázal:

Log info.txt:
**********************************************

info.txt logfile of random's system information tool 1.08 2010-11-20 04:35:30

======Uninstall list======

-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
ACDSee Pro 3 Build 355 - Český překlad-->C:\Program Files\ACD Systems\ACDSee Pro\3.0\odinstalovat_cz.exe
ACDSee Pro 3-->MsiExec.exe /I{1B280FAF-AE10-4E31-A41A-DB3917D651DC}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
BF2SP64-->C:\Program Files\EA GAMES\Battlefield 2\mods\bf2sp64\Uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CGS15_IPM_T2-->MsiExec.exe /I{05D18A0F-ED9D-4FBD-9BF5-AF632EB09CB3}
Corel Graphics - Windows Shell Extension-->c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellUninst.exe -ProductCode {65094424-9351-40B8-939B-3676D67E48E0} -arp
Corel Graphics - Windows Shell Extension-->MsiExec.exe /X{65094424-9351-40B8-939B-3676D67E48E0}
CorelDRAW Graphics Suite X5 - WT-->MsiExec.exe /I{9244E956-5939-4B88-930C-0699D4AB2B95}
CorelDRAW(R) Graphics Suite X5-->C:\Program Files\Corel\CorelDRAW Graphics Suite X5\Setup\SetupARP.exe /arp
FileMenu Tools-->"C:\Program Files\LopeSoft\FileMenu Tools\unins000.exe"
FlashFXP v4.0-->"C:\Program Files\FlashFXP 4\Uninstall.exe" "C:\Program Files\FlashFXP 4\install.log" -u
Fraps (remove only)-->"C:\Program Files\Fraps\uninstall.exe"
Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe"
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}
Microsoft Visual Studio Tools for Applications 2.0 Runtime-->MsiExec.exe /X{299C0434-4F4E-341F-A916-4E07AEB35E79}
Mozilla Firefox (3.6.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MPEG2 Codec(libmpeg2/mad)-->"C:\Program Files\GNU\MPEG2\Uninstall.exe"
Need for Speed™ Most Wanted-->C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
Need for Speed™ ProStreet-->MsiExec.exe /X{CC419DDC-E0F0-4013-B25A-6FA036516F0D}
NeoDownloader 2.4-->"C:\Program Files\NeoDownloader\unins000.exe"
NFS: Most Wanted CZ-->C:\PROGRA~1\EAGAME~1\NEEDFO~1\odinstalovat_cz.exe
NVIDIA Ovladač 3D Vision 260.99-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladače grafiky 260.99-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.10.0514-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.PhysX
Opera 10.63-->MsiExec.exe /X{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}
PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe"
Radmin Viewer 3.4-->MsiExec.exe /X{9B8A821E-1FCE-45D1-8BEC-738F5AAB20D8}
Realtek Ethernet Controller Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Safari-->MsiExec.exe /I{3763A2B4-B07A-4E4D-994D-7D2C6AF0CF9E}
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
TP-LINK Wireless Client Utility-->"C:\Program Files\InstallShield Installation Information\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}\setup.exe" -runfromtemp -l0x0009 -removeonly
Trillian-->C:\Program Files\Trillian\Trillian.exe /uninstall
Vypínač na dobrou noc verze 2.0-->"C:\Program Files\Vypínač na dobrou noc\unins000.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Worms Armageddon-->C:\Windows\IsUninst.exe -f"c:\Program Files\Worms Armageddon\Uninst.isu"

======System event log======

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Distributed Link Tracking Client byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Security Center byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Desktop Window Manager Session Manager byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Microsoft Software Shadow Copy Provider byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247D28-05
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPRequestAdditionalSoftware
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x86
P2: USB\VID_09DA&PID_0080&REV_020<
P3: 6.1.0.0
P4: 0405
P5: input.inf
P6: *
P7:
P8:
P9:
P10:

Připojené soubory:

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_20ccc1c7aa7eb542bf396185c98ef3510105758_cab_06a20e00

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 53256052-ee91-11df-ac63-cc2c58f37d5f
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20101112191618.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20101112191507.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20101112191503.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.

Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101112191500.359375-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247D28-05
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20101112191500.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247D28-05
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101112191439.187500-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101112191439.171875-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x22da3
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101112191438.812500-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101112191437.062500-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101112191436.968750-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604

-----------------EOF-----------------

#6 Příspěvek od **motji** » 21 lis 2010 10:55

Kolega na to mrkne, já bych ještě prověřila toho Mbr rootkita

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu a spusťte
-vytvoří se log s názvem mbr.log, vložte ho zde

pl4toon · #7 Příspěvek od **pl4toon** » 21 lis 2010 12:57

Když jsem měl OTL na ploše, tak mi logy nevytvořil. Ani v TEMP jsem je nenašel. Při ukončení mi vyhodil toto:

Přesunul jsem ho tedy do C:/ a tam už mi logy vytvořil

************************************
Log - OTL.Txt:
************************************

OTL logfile created on: 21.11.2010 12:27:39 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 024,00 Mb Total Physical Memory | 439,00 Mb Available Physical Memory | 43,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 145,93 Gb Total Space | 115,85 Gb Free Space | 79,39% Space Free | Partition Type: NTFS
Drive D: | 40,38 Gb Total Space | 32,79 Gb Free Space | 81,19% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 22,56 Gb Free Space | 9,69% Space Free | Partition Type: NTFS
Drive G: | 538,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 673,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: NOBODY-PC | User Name: nobody | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.11.21 11:16:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2010.11.02 19:28:50 | 009,808,488 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2010.10.27 07:12:32 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.27 07:12:32 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.10.16 12:42:12 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010.08.12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.10.19 04:18:12 | 000,063,040 | ---- | M] () -- C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
PRC - [2007.10.10 06:29:14 | 001,250,816 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe

========== Modules (SafeList) ==========

MOD - [2010.11.21 11:16:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.08.12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) Protokol PNRP (Peer Name Resolution Protocol)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2007.10.19 04:18:12 | 000,063,040 | ---- | M] () [Auto | Running] -- C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe -- (PnkBstrA)

========== Driver Services (SafeList) ==========

DRV - [2010.11.14 00:10:42 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.11.02 19:29:14 | 003,228,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.10.16 19:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.07.29 13:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.07.29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010.07.29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.07.29 13:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010.07.29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010.02.23 11:39:48 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009.10.09 14:00:44 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rminiv3.sys -- (mirrorv3)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\S-1-5-21-1008637813-3475847375-2910435409-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1008637813-3475847375-2910435409-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2
FF - prefs.js..extensions.enabledItems: drobbek@shabbi.cz:1.2.1
FF - prefs.js..extensions.enabledItems: ibiv@igstab.ru:1.3
FF - prefs.js..extensions.enabledItems: nelinka@shabbi.cz:1.3.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.0.1
FF - prefs.js..extensions.enabledItems: copyandgo@vimperator:1.2
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.11.13 01:23:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.14 19:33:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.11.12 20:32:35 | 000,000,000 | ---D | M]

[2010.11.12 20:52:24 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla\Extensions
[2010.11.12 20:51:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nobody\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.11.19 02:13:09 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions
[2010.11.12 20:56:39 | 000,000,000 | ---D | M] (Linkification) -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.11.12 20:56:39 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010.11.13 01:29:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.11.12 20:56:40 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\anttoolbar@ant.com
[2010.11.12 20:56:40 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\copyandgo@vimperator
[2010.11.12 20:56:41 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\drobbek@shabbi.cz
[2010.11.13 01:27:59 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\elemhidehelper@adblockplus.org
[2010.11.12 20:56:41 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\fastdial@telega.phpnet.us
[2010.11.12 20:56:41 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\ibiv@igstab.ru
[2010.11.12 20:56:41 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\9vutk941.default\extensions\nelinka@shabbi.cz
[2010.11.12 20:40:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.10.27 06:19:36 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.10.27 06:19:36 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.10.27 06:19:36 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.10.27 06:19:36 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.10.27 06:19:36 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O3 - HKU\S-1-5-21-1008637813-3475847375-2910435409-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-1008637813-3475847375-2910435409-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1008637813-3475847375-2910435409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1008637813-3475847375-2910435409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O7 - HKU\S-1-5-21-1008637813-3475847375-2910435409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.10
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999.05.27 11:17:52 | 000,000,049 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2005.11.04 07:24:50 | 000,000,000 | ---D | M] - H:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2005.10.14 09:02:16 | 000,585,728 | R--- | M] (Electronic Arts Inc.) - H:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2005.11.04 07:22:30 | 000,000,160 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7efe1340-ef7b-11df-89da-b2c4a015ae17}\Shell - "" = AutoRun
O33 - MountPoints2\{7efe1340-ef7b-11df-89da-b2c4a015ae17}\Shell\AutoRun\command - "" = G:\Setup.exe -- [1999.05.27 11:17:52 | 000,291,328 | R--- | M] (Team 17 Software Ltd.)
O33 - MountPoints2\{7efe1341-ef7b-11df-89da-b2c4a015ae17}\Shell - "" = AutoRun
O33 - MountPoints2\{7efe1341-ef7b-11df-89da-b2c4a015ae17}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)

pl4toon · #8 Příspěvek od **pl4toon** » 21 lis 2010 12:58

========== Files/Folders - Created Within 30 Days ==========

[2010.11.21 11:16:42 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2010.11.21 03:33:32 | 000,000,000 | ---D | C] -- C:\Users\nobody\Desktop\Undisputed 3 Redemption (2010)
[2010.11.21 00:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2010.11.21 00:08:47 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Malwarebytes
[2010.11.21 00:08:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.21 00:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.21 00:08:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.21 00:08:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.11.20 05:06:47 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010.11.20 05:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\xp-AntiSpy
[2010.11.20 04:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.11.20 04:34:54 | 000,000,000 | ---D | C] -- C:\rsit
[2010.11.20 02:43:22 | 000,000,000 | ---D | C] -- C:\Users\nobody\Desktop\Stone (2010)
[2010.11.19 23:20:24 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.11.19 23:20:24 | 010,084,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.11.19 23:20:24 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.11.19 23:20:24 | 000,319,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.11.19 23:20:24 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.11.19 23:20:23 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.11.19 23:20:23 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.11.19 23:20:23 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.11.19 23:20:23 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.11.19 07:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\GNU
[2010.11.19 07:04:56 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\GRETECH
[2010.11.19 07:04:56 | 000,000,000 | ---D | C] -- C:\Users\nobody\Documents\GomPlayer
[2010.11.19 07:04:04 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH
[2010.11.19 04:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\Worms Armageddon
[2010.11.19 04:18:13 | 000,315,904 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2010.11.19 03:26:01 | 000,000,000 | ---D | C] -- C:\Users\nobody\Desktop\Shrek Zvonec a Konec - Forever After (2010)
[2010.11.19 00:33:39 | 000,000,000 | ---D | C] -- C:\Users\nobody\Desktop\Children Of Bodom
[2010.11.17 22:05:29 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2010.11.17 22:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2010.11.17 06:56:46 | 000,000,000 | ---D | C] -- C:\Users\nobody\Documents\NFS ProStreet
[2010.11.17 06:55:10 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\PunkBuster
[2010.11.17 06:45:31 | 000,796,672 | ---- | C] (Qsc) -- C:\Windows\GPInstall.exe
[2010.11.17 06:14:23 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010.11.17 01:40:22 | 000,000,000 | ---D | C] -- C:\Users\nobody\Documents\NFS Most Wanted
[2010.11.15 06:21:08 | 001,628,920 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxsfs.dll
[2010.11.15 06:21:08 | 000,547,576 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\px.dll
[2010.11.15 06:21:08 | 000,510,712 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxdrv.dll
[2010.11.15 06:21:08 | 000,379,640 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxwave.dll
[2010.11.15 06:21:08 | 000,187,128 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxmas.dll
[2010.11.15 06:21:08 | 000,129,784 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxafs.dll
[2010.11.15 06:21:08 | 000,072,440 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxhpinst.exe
[2010.11.15 06:21:08 | 000,064,760 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxinsa64.exe
[2010.11.15 06:21:08 | 000,064,760 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxcpya64.exe
[2010.11.15 06:21:08 | 000,039,672 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\vxblock.dll
[2010.11.15 06:21:02 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Winamp
[2010.11.15 06:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010.11.15 02:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\Fraps
[2010.11.15 01:39:01 | 000,000,000 | ---D | C] -- C:\Users\nobody\Documents\NeoDownloader
[2010.11.15 01:38:55 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\NeoDownloader
[2010.11.15 01:38:54 | 000,000,000 | ---D | C] -- C:\Program Files\NeoDownloader
[2010.11.14 12:58:23 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.11.14 12:58:23 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.11.14 12:58:23 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.11.14 12:58:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.11.14 12:58:22 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.11.14 12:58:22 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.11.14 12:58:22 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.11.14 12:58:22 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.11.14 12:58:22 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.11.14 12:58:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.11.14 12:58:22 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.11.14 12:58:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.11.14 12:58:21 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.11.14 12:58:21 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.11.14 12:58:21 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.11.14 12:58:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.11.14 12:58:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.11.14 12:58:21 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.11.14 12:58:20 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.11.14 12:58:20 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.11.14 12:58:20 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.11.14 12:58:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.11.14 12:58:20 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.11.14 12:58:20 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.11.14 12:58:19 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.11.14 12:58:19 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.11.14 12:58:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.11.14 12:58:19 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.11.14 12:58:19 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.11.14 12:58:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.11.14 12:58:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.11.14 12:58:18 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.11.14 12:58:18 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.11.14 12:58:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.11.14 12:58:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.11.14 12:58:18 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.11.14 12:58:18 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.11.14 12:58:18 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.11.14 12:58:17 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.11.14 12:58:17 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.11.14 12:58:17 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.11.14 12:58:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.11.14 12:58:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.11.14 12:58:17 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.11.14 12:58:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.11.14 12:58:16 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.11.14 12:58:16 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.11.14 12:58:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.11.14 12:58:16 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.11.14 12:58:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.11.14 12:58:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.11.14 12:58:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.11.14 12:58:15 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.11.14 12:58:15 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.11.14 12:58:15 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.11.14 12:58:15 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010.11.14 12:58:15 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.11.14 12:58:15 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010.11.14 12:58:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.11.14 12:58:15 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.11.14 12:58:14 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.11.14 12:58:14 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.11.14 12:58:14 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010.11.14 12:58:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.11.14 12:58:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010.11.14 12:58:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.11.14 12:58:14 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.11.14 12:58:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.11.14 12:58:14 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.11.14 12:58:14 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.11.14 12:58:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.11.14 12:58:13 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.11.14 12:58:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.11.14 12:58:13 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.11.14 12:58:13 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.11.14 12:58:13 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.11.14 12:58:12 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.11.14 12:58:12 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.11.14 12:58:12 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.11.14 12:58:12 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.11.14 12:58:12 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.11.14 12:58:12 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.11.14 12:58:10 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.11.14 12:58:10 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.11.14 12:58:10 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.11.14 12:58:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.11.14 12:58:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.11.14 12:58:09 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.11.14 12:58:09 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.11.14 12:52:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010.11.14 07:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010.11.14 07:30:34 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\IObit
[2010.11.14 07:30:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.11.14 00:44:39 | 000,000,000 | ---D | C] -- C:\Program Files\Vypínač na dobrou noc
[2010.11.14 00:25:28 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.11.14 00:25:28 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.11.14 00:25:16 | 000,000,000 | ---D | C] -- C:\Users\nobody\Documents\Battlefield 2
[2010.11.14 00:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2010.11.14 00:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2010.11.13 20:59:40 | 000,000,000 | ---D | C] -- C:\Program Files\LopeSoft
[2010.11.13 19:04:55 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Radmin
[2010.11.13 19:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Radmin Viewer 3
[2010.11.13 18:54:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\rserver30
[2010.11.13 18:15:10 | 000,000,000 | ---D | C] -- C:\Users\nobody\Documents\Moje palety
[2010.11.13 18:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2010.11.13 18:14:07 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Corel
[2010.11.13 18:08:27 | 000,000,000 | ---D | C] -- C:\Users\nobody\Documents\Corel
[2010.11.13 18:08:18 | 000,000,000 | ---D | C] -- C:\Users\nobody\Documents\Visual Studio 2008
[2010.11.13 18:08:12 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\Microsoft Help
[2010.11.13 18:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010.11.13 18:06:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.11.13 18:06:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2010.11.13 18:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.11.13 18:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2010.11.13 18:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010.11.13 18:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2010.11.13 18:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010.11.13 17:56:48 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Apple Computer
[2010.11.13 17:56:48 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\Apple Computer
[2010.11.13 17:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010.11.13 17:52:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.11.13 17:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.11.13 17:52:23 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\Apple
[2010.11.13 17:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.11.13 17:51:22 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\Google
[2010.11.13 17:12:39 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\PSpad
[2010.11.13 17:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\PSPad editor
[2010.11.13 17:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\FlashFXP 4
[2010.11.13 17:10:07 | 000,000,000 | ---D | C] -- C:\ProgramData\FlashFXP
[2010.11.13 16:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\EasyPHP 3.0
[2010.11.13 02:40:16 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\WinRAR
[2010.11.13 02:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.11.13 01:53:08 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\ACD Systems
[2010.11.13 01:53:07 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\ACD Systems
[2010.11.13 01:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ACD Systems
[2010.11.13 01:51:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ACD Systems
[2010.11.13 01:51:29 | 000,000,000 | ---D | C] -- C:\Program Files\ACD Systems
[2010.11.13 01:30:03 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\Downloaded Installations
[2010.11.13 01:23:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.11.13 01:07:33 | 000,000,000 | ---D | C] -- C:\Users\nobody\Documents\The KMPlayer
[2010.11.13 01:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2010.11.12 21:13:34 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Opera
[2010.11.12 21:13:34 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\Opera
[2010.11.12 21:13:28 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.11.12 21:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.11.12 21:04:42 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Trillian
[2010.11.12 21:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\Trillian
[2010.11.12 21:01:26 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Macromedia
[2010.11.12 21:01:26 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Adobe
[2010.11.12 21:01:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.11.12 20:56:43 | 000,000,000 | ---D | C] -- C:\Users\nobody\Application Data
[2010.11.12 20:48:30 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Mozilla
[2010.11.12 20:48:30 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\Mozilla
[2010.11.12 20:42:37 | 001,500,160 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athur.sys
[2010.11.12 20:42:37 | 001,500,160 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athur.sys
[2010.11.12 20:42:37 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010.11.12 20:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK
[2010.11.12 20:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.11.12 20:33:16 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\ESET
[2010.11.12 20:33:16 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\ESET
[2010.11.12 20:32:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010.11.12 20:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.11.12 20:31:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.11.12 20:30:39 | 003,633,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.11.12 20:30:39 | 003,228,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.11.12 20:30:39 | 001,889,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.11.12 20:30:39 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.11.12 20:30:39 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010.11.12 20:30:39 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.11.12 20:30:39 | 000,461,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.11.12 20:30:39 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.11.12 20:30:39 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2010.11.12 20:30:39 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.11.12 20:30:39 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.11.12 20:30:39 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.11.12 20:30:39 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2010.11.12 20:30:39 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2010.11.12 20:30:39 | 000,068,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.11.12 20:30:38 | 001,703,568 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2010.11.12 20:30:38 | 001,336,664 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.11.12 20:30:38 | 000,561,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2010.11.12 20:30:38 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.11.12 20:30:38 | 000,339,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2010.11.12 20:30:38 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.11.12 20:30:38 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.11.12 20:30:38 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010.11.12 20:30:38 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.11.12 20:30:38 | 000,094,352 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2010.11.12 20:30:38 | 000,078,992 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2010.11.12 20:30:38 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.11.12 20:30:38 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.11.12 20:30:38 | 000,059,536 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2010.11.12 20:30:37 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.11.12 20:30:37 | 001,558,432 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.11.12 20:30:37 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.11.12 20:30:37 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.11.12 20:30:37 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.11.12 20:30:37 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.11.12 20:30:37 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010.11.12 20:30:37 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.11.12 20:30:37 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.11.12 20:30:37 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.11.12 20:30:37 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.11.12 20:30:37 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.11.12 20:30:37 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.11.12 20:30:37 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.11.12 20:30:37 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.11.12 20:30:37 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.11.12 20:30:37 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.11.12 20:30:36 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.11.12 20:30:36 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.11.12 20:30:32 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.11.12 20:30:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.11.12 20:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.11.12 20:29:26 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010.11.12 20:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.11.12 20:26:46 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.11.12 20:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.11.12 20:26:12 | 010,023,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.11.12 20:26:12 | 001,719,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.11.12 20:26:12 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll
[2010.11.12 20:26:12 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll
[2010.11.12 20:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.11.12 20:24:28 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.11.12 20:21:23 | 000,000,000 | R--D | C] -- C:\Users\nobody\Searches
[2010.11.12 20:21:13 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Identities
[2010.11.12 20:21:07 | 000,000,000 | R--D | C] -- C:\Users\nobody\Contacts
[2010.11.12 20:20:49 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\VirtualStore
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\AppData\Local\Temporary Internet Files
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Šablony
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Soubory cookie
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\SendTo
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Poslední
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Okolní tiskárny
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Okolní síť
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Documents\Obrázky
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Nabídka Start
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Local Settings
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Documents\Hudba
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\AppData\Local\History
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Documents\Filmy
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Dokumenty
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\Data aplikací
[2010.11.12 20:20:47 | 000,000,000 | -HSD | C] -- C:\Users\nobody\AppData\Local\Data aplikací
[2010.11.12 20:20:46 | 000,000,000 | --SD | C] -- C:\Users\nobody\AppData\Roaming\Microsoft
[2010.11.12 20:20:46 | 000,000,000 | R--D | C] -- C:\Users\nobody\Videos
[2010.11.12 20:20:46 | 000,000,000 | R--D | C] -- C:\Users\nobody\Saved Games
[2010.11.12 20:20:46 | 000,000,000 | R--D | C] -- C:\Users\nobody\Pictures
[2010.11.12 20:20:46 | 000,000,000 | R--D | C] -- C:\Users\nobody\Music
[2010.11.12 20:20:46 | 000,000,000 | R--D | C] -- C:\Users\nobody\Links
[2010.11.12 20:20:46 | 000,000,000 | R--D | C] -- C:\Users\nobody\Favorites
[2010.11.12 20:20:46 | 000,000,000 | R--D | C] -- C:\Users\nobody\Downloads
[2010.11.12 20:20:46 | 000,000,000 | R--D | C] -- C:\Users\nobody\Dokumenty
[2010.11.12 20:20:46 | 000,000,000 | R--D | C] -- C:\Users\nobody\Desktop
[2010.11.12 20:20:46 | 000,000,000 | -H-D | C] -- C:\Users\nobody\AppData
[2010.11.12 20:20:46 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\Temp
[2010.11.12 20:20:46 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Local\Microsoft
[2010.11.12 20:20:46 | 000,000,000 | ---D | C] -- C:\Users\nobody\AppData\Roaming\Media Center Programs
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010.11.12 20:19:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2010.11.12 20:17:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.11.12 20:14:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.11.12 20:14:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.11.12 20:13:44 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.11.12 20:13:30 | 000,000,000 | -HSD | C] -- C:\Boot

========== Files - Modified Within 30 Days ==========

[2010.11.21 11:35:19 | 000,120,241 | ---- | M] () -- C:\Users\nobody\Desktop\capture007.jpg
[2010.11.21 11:16:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010.11.21 02:33:46 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.21 02:33:46 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.21 02:32:40 | 000,601,532 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.11.21 02:32:40 | 000,585,948 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.21 02:32:40 | 000,110,414 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.11.21 02:32:40 | 000,096,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.21 02:26:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.21 02:26:31 | 804,954,112 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.21 02:15:11 | 000,038,065 | ---- | M] () -- C:\Users\nobody\Desktop\HDTune_Error_Scan_WDC_WD2000JS-00SGB0.png
[2010.11.21 00:53:16 | 000,000,900 | ---- | M] () -- C:\Users\nobody\Desktop\HD Tune.lnk
[2010.11.21 00:08:41 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.20 05:03:47 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\xp-AntiSpy.lnk
[2010.11.20 01:14:58 | 000,000,663 | ---- | M] () -- C:\Users\nobody\Desktop\+-misc-+ – zástupce.lnk
[2010.11.19 23:05:24 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010.11.19 11:52:59 | 000,027,648 | ---- | M] () -- C:\Users\nobody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.19 07:04:13 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010.11.19 04:18:06 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.11.19 04:18:06 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.11.19 04:17:43 | 000,000,811 | ---- | M] () -- C:\Users\nobody\Documents\ax_files.xml
[2010.11.18 19:37:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.17 06:45:31 | 000,796,672 | ---- | M] (Qsc) -- C:\Windows\GPInstall.exe
[2010.11.17 05:57:46 | 000,002,094 | ---- | M] () -- C:\Users\nobody\Desktop\Basemod.bf2.lnk
[2010.11.17 03:50:06 | 000,001,183 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.11.17 03:30:18 | 000,028,055 | ---- | M] () -- C:\Windows\FontData.fdb
[2010.11.16 09:43:45 | 000,000,677 | ---- | M] () -- C:\Users\nobody\Desktop\+-filmy2-+.lnk
[2010.11.15 06:21:23 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.11.15 05:26:43 | 000,001,846 | ---- | M] () -- C:\Users\nobody\Desktop\PSPad.lnk
[2010.11.15 02:11:10 | 000,000,925 | ---- | M] () -- C:\Users\nobody\Desktop\Fraps.lnk
[2010.11.15 01:38:55 | 000,000,967 | ---- | M] () -- C:\Users\nobody\Desktop\NeoDownloader.lnk
[2010.11.14 23:09:21 | 000,001,959 | R--- | M] () -- C:\Users\nobody\Desktop\US_Sniper.con
[2010.11.14 23:07:46 | 000,001,421 | ---- | M] () -- C:\Users\nobody\Desktop\mods.lnk
[2010.11.14 13:03:18 | 000,099,460 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2010.11.14 00:44:39 | 000,001,943 | ---- | M] () -- C:\Users\nobody\Desktop\Vypínač PC.lnk
[2010.11.14 00:10:42 | 000,436,792 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.11.13 20:59:41 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Configure FileMenu Tools.lnk
[2010.11.13 18:56:25 | 000,276,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.13 18:06:01 | 000,002,263 | ---- | M] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2010.11.13 18:03:41 | 000,002,621 | ---- | M] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2010.11.13 18:03:37 | 000,002,629 | ---- | M] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2010.11.13 18:03:26 | 000,002,613 | ---- | M] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2010.11.13 17:53:28 | 000,001,324 | ---- | M] () -- C:\Users\nobody\Desktop\Safari.lnk
[2010.11.13 17:52:23 | 000,002,283 | ---- | M] () -- C:\Users\nobody\Desktop\Google Chrome.lnk
[2010.11.13 17:10:11 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\FlashFXP.lnk
[2010.11.13 16:59:34 | 000,001,855 | ---- | M] () -- C:\Users\nobody\Desktop\EasyPHP.lnk
[2010.11.13 16:54:46 | 000,000,871 | ---- | M] () -- C:\Users\nobody\Desktop\root.lnk
[2010.11.13 01:51:46 | 000,002,859 | ---- | M] () -- C:\Users\Public\Desktop\ACDSee Pro 3.lnk
[2010.11.13 01:06:53 | 000,000,997 | ---- | M] () -- C:\Users\nobody\Desktop\KMPlayer.lnk
[2010.11.13 00:13:00 | 000,000,670 | ---- | M] () -- C:\Users\nobody\Desktop\+-filmy-+.lnk
[2010.11.12 21:13:31 | 000,000,803 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.11.12 21:09:32 | 000,001,501 | ---- | M] () -- C:\Users\nobody\Desktop\TC.lnk
[2010.11.12 21:09:25 | 000,001,393 | ---- | M] () -- C:\Users\nobody\Desktop\Skype.lnk
[2010.11.12 21:09:16 | 000,001,131 | ---- | M] () -- C:\Users\nobody\Desktop\OperaTor.lnk
[2010.11.12 21:09:08 | 000,001,371 | ---- | M] () -- C:\Users\nobody\Desktop\Nero.lnk
[2010.11.12 21:09:01 | 000,001,294 | ---- | M] () -- C:\Users\nobody\Desktop\KeePass.lnk
[2010.11.12 21:08:44 | 000,001,298 | ---- | M] () -- C:\Users\nobody\Desktop\autoruns.exe – zástupce.lnk
[2010.11.12 21:04:42 | 000,001,053 | ---- | M] () -- C:\Users\nobody\Desktop\Trillian.lnk
[2010.11.12 20:52:22 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010.11.12 20:51:14 | 000,001,488 | ---- | M] () -- C:\Users\nobody\Desktop\Thunderbird.lnk
[2010.11.12 20:40:29 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.11.12 20:23:26 | 000,000,965 | ---- | M] () -- C:\Users\nobody\Desktop\PF.lnk
[2010.11.12 20:23:20 | 000,000,705 | ---- | M] () -- C:\Users\nobody\Desktop\+-instalacky.lnk
[2010.11.12 20:23:02 | 000,000,861 | ---- | M] () -- C:\Users\nobody\Desktop\Dokumenty.lnk
[2010.11.12 20:22:42 | 000,000,480 | ---- | M] () -- C:\Users\nobody\Desktop\(C) Místní disk.lnk
[2010.11.12 20:22:42 | 000,000,458 | ---- | M] () -- C:\Users\nobody\Desktop\(F) DVD-RW.lnk
[2010.11.12 20:22:42 | 000,000,450 | ---- | M] () -- C:\Users\nobody\Desktop\(E) DATA.lnk
[2010.11.12 20:21:25 | 000,001,417 | ---- | M] () -- C:\Users\nobody\Desktop\Internet Explorer.lnk
[2010.11.12 20:19:28 | 000,203,464 | RHS- | M] () -- C:\grldr
[2010.11.12 20:19:28 | 000,000,012 | RHS- | M] () -- C:\win7.ld
[2010.11.12 20:17:19 | 000,061,655 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.11.12 20:13:32 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.11.02 19:29:26 | 001,084,008 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.11.02 19:29:14 | 003,228,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.11.02 19:29:14 | 001,889,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.11.02 19:29:02 | 000,068,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.11.02 19:28:52 | 003,633,256 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.11.02 19:28:52 | 000,461,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.11.02 19:28:28 | 000,561,256 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2010.11.02 19:28:28 | 000,406,120 | ---- | M] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.11.02 19:28:16 | 001,132,648 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.11.02 19:28:16 | 000,962,664 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.11.02 19:28:16 | 000,429,160 | ---- | M] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010.11.02 19:28:16 | 000,291,432 | ---- | M] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.11.02 19:28:06 | 000,224,360 | ---- | M] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.11.02 19:28:06 | 000,107,112 | ---- | M] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.11.02 19:28:06 | 000,107,112 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.11.02 19:28:06 | 000,106,600 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.11.02 19:27:54 | 000,901,224 | ---- | M] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.11.02 19:27:54 | 000,448,616 | ---- | M] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.11.02 19:27:54 | 000,236,648 | ---- | M] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.10.28 10:46:00 | 001,251,944 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.10.26 13:02:26 | 001,558,432 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.10.26 09:15:58 | 001,703,568 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2010.10.26 09:15:58 | 000,339,600 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2010.10.26 09:15:58 | 000,094,352 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2010.10.26 09:15:58 | 000,059,536 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2010.10.26 09:15:56 | 000,078,992 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll

========== Files Created - No Company Name ==========

[2010.11.21 11:35:19 | 000,120,241 | ---- | C] () -- C:\Users\nobody\Desktop\capture007.jpg
[2010.11.21 02:15:11 | 000,038,065 | ---- | C] () -- C:\Users\nobody\Desktop\HDTune_Error_Scan_WDC_WD2000JS-00SGB0.png
[2010.11.21 00:53:16 | 000,000,900 | ---- | C] () -- C:\Users\nobody\Desktop\HD Tune.lnk
[2010.11.21 00:08:41 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.20 05:03:47 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\xp-AntiSpy.lnk
[2010.11.20 01:14:58 | 000,000,663 | ---- | C] () -- C:\Users\nobody\Desktop\+-misc-+ – zástupce.lnk
[2010.11.19 23:20:24 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010.11.19 07:04:12 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010.11.19 04:18:06 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.11.19 04:18:06 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.11.18 19:37:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.17 04:00:25 | 000,002,094 | ---- | C] () -- C:\Users\nobody\Desktop\Basemod.bf2.lnk
[2010.11.17 03:50:06 | 000,001,183 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.11.17 03:30:18 | 000,028,055 | ---- | C] () -- C:\Windows\FontData.fdb
[2010.11.16 09:43:45 | 000,000,677 | ---- | C] () -- C:\Users\nobody\Desktop\+-filmy2-+.lnk
[2010.11.15 06:21:23 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.11.15 02:11:10 | 000,000,925 | ---- | C] () -- C:\Users\nobody\Desktop\Fraps.lnk
[2010.11.15 01:38:55 | 000,000,967 | ---- | C] () -- C:\Users\nobody\Desktop\NeoDownloader.lnk
[2010.11.14 23:08:59 | 000,001,959 | R--- | C] () -- C:\Users\nobody\Desktop\US_Sniper.con
[2010.11.14 23:07:46 | 000,001,421 | ---- | C] () -- C:\Users\nobody\Desktop\mods.lnk
[2010.11.14 13:03:18 | 000,099,460 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010.11.14 07:30:37 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010.11.14 00:44:39 | 000,001,943 | ---- | C] () -- C:\Users\nobody\Desktop\Vypínač PC.lnk
[2010.11.14 00:17:04 | 000,000,811 | ---- | C] () -- C:\Users\nobody\Documents\ax_files.xml
[2010.11.14 00:10:41 | 000,436,792 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.11.13 20:59:41 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Configure FileMenu Tools.lnk
[2010.11.13 18:43:25 | 000,001,855 | ---- | C] () -- C:\Users\nobody\Desktop\EasyPHP.lnk
[2010.11.13 18:09:55 | 000,002,629 | ---- | C] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2010.11.13 18:09:55 | 000,002,621 | ---- | C] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2010.11.13 18:09:55 | 000,002,613 | ---- | C] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2010.11.13 18:09:55 | 000,002,263 | ---- | C] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2010.11.13 17:53:28 | 000,001,324 | ---- | C] () -- C:\Users\nobody\Desktop\Safari.lnk
[2010.11.13 17:52:23 | 000,002,283 | ---- | C] () -- C:\Users\nobody\Desktop\Google Chrome.lnk
[2010.11.13 17:12:34 | 000,001,846 | ---- | C] () -- C:\Users\nobody\Desktop\PSPad.lnk
[2010.11.13 17:10:11 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\FlashFXP.lnk
[2010.11.13 16:54:46 | 000,000,871 | ---- | C] () -- C:\Users\nobody\Desktop\root.lnk
[2010.11.13 02:00:32 | 000,027,648 | ---- | C] () -- C:\Users\nobody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.13 01:51:46 | 000,002,859 | ---- | C] () -- C:\Users\Public\Desktop\ACDSee Pro 3.lnk
[2010.11.13 01:11:40 | 000,001,417 | ---- | C] () -- C:\Users\nobody\Desktop\Internet Explorer.lnk
[2010.11.13 01:06:53 | 000,000,997 | ---- | C] () -- C:\Users\nobody\Desktop\KMPlayer.lnk
[2010.11.13 00:13:00 | 000,000,670 | ---- | C] () -- C:\Users\nobody\Desktop\+-filmy-+.lnk
[2010.11.12 21:13:31 | 000,000,803 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.11.12 21:09:32 | 000,001,501 | ---- | C] () -- C:\Users\nobody\Desktop\TC.lnk
[2010.11.12 21:09:25 | 000,001,393 | ---- | C] () -- C:\Users\nobody\Desktop\Skype.lnk
[2010.11.12 21:09:16 | 000,001,131 | ---- | C] () -- C:\Users\nobody\Desktop\OperaTor.lnk
[2010.11.12 21:09:08 | 000,001,371 | ---- | C] () -- C:\Users\nobody\Desktop\Nero.lnk
[2010.11.12 21:09:01 | 000,001,294 | ---- | C] () -- C:\Users\nobody\Desktop\KeePass.lnk
[2010.11.12 21:08:44 | 000,001,298 | ---- | C] () -- C:\Users\nobody\Desktop\autoruns.exe – zástupce.lnk
[2010.11.12 21:04:42 | 000,001,053 | ---- | C] () -- C:\Users\nobody\Desktop\Trillian.lnk
[2010.11.12 20:52:22 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.11.12 20:51:14 | 000,001,488 | ---- | C] () -- C:\Users\nobody\Desktop\Thunderbird.lnk
[2010.11.12 20:42:38 | 000,017,577 | ---- | C] () -- C:\Windows\System32\netathur.inf
[2010.11.12 20:42:38 | 000,007,982 | ---- | C] () -- C:\Windows\System32\athurext.cat
[2010.11.12 20:40:29 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.11.12 20:23:26 | 000,000,965 | ---- | C] () -- C:\Users\nobody\Desktop\PF.lnk
[2010.11.12 20:23:20 | 000,000,705 | ---- | C] () -- C:\Users\nobody\Desktop\+-instalacky.lnk
[2010.11.12 20:23:02 | 000,000,861 | ---- | C] () -- C:\Users\nobody\Desktop\Dokumenty.lnk
[2010.11.12 20:22:42 | 000,000,480 | ---- | C] () -- C:\Users\nobody\Desktop\(C) Místní disk.lnk
[2010.11.12 20:22:42 | 000,000,458 | ---- | C] () -- C:\Users\nobody\Desktop\(F) DVD-RW.lnk
[2010.11.12 20:22:42 | 000,000,450 | ---- | C] () -- C:\Users\nobody\Desktop\(E) DATA.lnk
[2010.11.12 20:19:28 | 000,203,464 | RHS- | C] () -- C:\grldr
[2010.11.12 20:19:28 | 000,000,012 | RHS- | C] () -- C:\win7.ld
[2010.11.12 20:14:19 | 804,954,112 | -HS- | C] () -- C:\hiberfil.sys
[2010.11.12 20:13:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.11.12 20:13:30 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

========== LOP Check ==========

[2010.11.13 01:53:07 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\ACD Systems
[2010.11.12 20:33:16 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\ESET
[2010.11.18 07:11:52 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\IObit
[2010.11.15 01:44:04 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\NeoDownloader
[2010.11.12 21:13:34 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Opera
[2010.11.13 19:04:55 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Radmin
[2010.11.12 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Trillian
[2009.07.14 05:53:46 | 000,004,770 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AlcoholAutomount" = "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2010.08.20 12:03:08 | 000,033,120 | ---- | M] (Alcohol Soft Development Team)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"Google Update" = "C:\Users\nobody\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.11.13 17:51:18 | 000,136,176 | ---- | M] (Google Inc.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2010.11.21 11:16:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\OTL.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.11.13 01:53:07 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\ACD Systems
[2010.11.12 21:01:26 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Adobe
[2010.11.13 17:56:49 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Apple Computer
[2010.11.13 18:14:15 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Corel
[2010.11.12 20:33:16 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\ESET
[2010.11.19 07:04:56 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\GRETECH
[2010.11.12 20:21:13 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Identities
[2010.11.18 07:11:52 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\IObit
[2010.11.12 21:01:26 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Macromedia
[2010.11.21 00:08:47 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Malwarebytes
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Media Center Programs
[2010.11.15 09:12:27 | 000,000,000 | --SD | M] -- C:\Users\nobody\AppData\Roaming\Microsoft
[2010.11.12 20:51:26 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Mozilla
[2010.11.15 01:44:04 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\NeoDownloader
[2010.11.12 21:13:34 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Opera
[2010.11.13 17:14:32 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\PSpad
[2010.11.13 19:04:55 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Radmin
[2010.11.12 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Trillian
[2010.11.21 08:40:54 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\Winamp
[2010.11.13 02:40:16 | 000,000,000 | ---D | M] -- C:\Users\nobody\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.11.13 19:04:42 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\nobody\AppData\Roaming\Microsoft\Installer\{9B8A821E-1FCE-45D1-8BEC-738F5AAB20D8}\ARPPRODUCTICON.exe

< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

pl4toon · #9 Příspěvek od **pl4toon** » 21 lis 2010 12:59

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.11.14 00:10:42 | 000,436,792 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.11.21 02:33:46 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.21 02:33:46 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.21 02:32:40 | 000,110,414 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.11.21 02:32:40 | 000,096,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.21 02:32:40 | 000,601,532 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.11.21 02:32:40 | 000,585,948 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.21 02:32:40 | 001,386,864 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

< End of report >

pl4toon · #10 Příspěvek od **pl4toon** » 21 lis 2010 12:59

************************************
Log - Extras.Txt:
************************************

OTL Extras logfile created on: 21.11.2010 12:27:39 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 024,00 Mb Total Physical Memory | 439,00 Mb Available Physical Memory | 43,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 145,93 Gb Total Space | 115,85 Gb Free Space | 79,39% Space Free | Partition Type: NTFS
Drive D: | 40,38 Gb Total Space | 32,79 Gb Free Space | 81,19% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 22,56 Gb Free Space | 9,69% Space Free | Partition Type: NTFS
Drive G: | 538,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 673,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: NOBODY-PC | User Name: nobody | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1008637813-3475847375-2910435409-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 3.Manage] -- "C:\Program Files\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [KMPlayer.Enqueue] -- "C:\Program Files\The KMPlayer\KMPlayer.exe"/ADD "%1"
Directory [KMPlayer.Play] -- "C:\Program Files\The KMPlayer\KMPlayer.exe" "%1" (Pandora.TV)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\FlashFXP 4\FlashFXP.exe" = C:\Program Files\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (OpenSight Software, LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashFXP 4\FlashFXP.exe" = C:\Program Files\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (OpenSight Software, LLC)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{65094424-9351-40B8-939B-3676D67E48E0}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{05D18A0F-ED9D-4FBD-9BF5-AF632EB09CB3}" = CGS15_IPM_T2
"{1B280FAF-AE10-4E31-A41A-DB3917D651DC}" = ACDSee Pro 3
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{356658C7-8C60-4A43-AF50-75CA8E642934}" = CorelDRAW Graphics Suite X5 - CZ
"{3763A2B4-B07A-4E4D-994D-7D2C6AF0CF9E}" = Safari
"{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}" = TP-LINK Wireless Client Utility
"{539F9408-904B-4302-A975-F1C781D7D076}" = ESET Smart Security
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{65094424-9351-40B8-939B-3676D67E48E0}" = Corel Graphics - Windows Shell Extension
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v4.0
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9B8A821E-1FCE-45D1-8BEC-738F5AAB20D8}" = Radmin Viewer 3.4
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1" = NeoDownloader 2.4
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"ACDSee Pro 3 Build 355" = ACDSee Pro 3 Build 355 - Český překlad
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"BF2SP64" = BF2SP64
"CCleaner" = CCleaner
"FileMenu Tools_is1" = FileMenu Tools
"Fraps" = Fraps (remove only)
"Game Booster_is1" = Game Booster
"GOM Player" = GOM Player
"HD Tune_is1" = HD Tune 2.55
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"NFS: Most Wanted" = NFS: Most Wanted CZ
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PSPad editor_is1" = PSPad editor
"The KMPlayer" = The KMPlayer (remove only)
"Trillian" = Trillian
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"Worms Armageddon" = Worms Armageddon
"xp-AntiSpy" = xp-AntiSpy 3.97-2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1008637813-3475847375-2910435409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Bf2SP64 2.32" = Bf2SP64 2.32
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

************************************
Log - mbr.log:
************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 Disk: WDC_WD2000JS-00SGB0 rev.20.06C03 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

#11 Příspěvek od **motji** » 21 lis 2010 13:05

Vše vypadá v pořádku

.
Combofix nechci použít, ať neporuší něcov registrech.
Uvidíme, jestli kolega něco vymyslí.

Pokud by se objevila BSOD, tak dejte vědět.

pl4toon · #12 Příspěvek od **pl4toon** » 21 lis 2010 13:15

Takže mám čisto? To se mi ulevilo

Mno vlastně moc ne, protože to pak znamená, že ten WD disk je asi opravdu nějak špatnej. Takže pořídím pro jistotu nový disk.

Děkuji moc za analýzu

Taky bych se v tomhle chtěl někdy vyznat, pro mě je to hroznej myšmaš

MiliNess · #13 Příspěvek od **MiliNess** » 21 lis 2010 18:59

Dobrý den, ještě stáhněte CrystalDiskInfo (portable edition) spusťte ho a v nabídce Úpravy zvolte Kopírovat.
Data ze schránky sem pak vložte pomocí Ctrl+V

pl4toon · #14 Příspěvek od **pl4toon** » 22 lis 2010 08:03

Tu je to.

*************************************************---

----------------------------------------------------------------------------
CrystalDiskInfo 3.9.3 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition [6.1 Build 7600] (x86)
Date : 2010/11/22 8:01:40

-- Controller Map ----------------------------------------------------------
+ Řadič úložiště Intel(R) 82801GB/GR/GH (řada ICH7) s rozhraním Serial ATA - 27C0 [ATA]
+ ATA Channel 0 (0)
- ST3250310NS ATA Device
- WDC WD2000JS-00SGB0 ATA Device
+ ATA Channel 1 (1)
- HL-DT-ST DVDRAM GSA-H12L ATA Device
+ A6YH1ABG IDE Controller [SCSI]
- RGFYZCN ZO5MN8DQJGH SCSI CdRom Device
- RGFYZCN ZO5MN8DQJGH SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD2000JS-00SGB0 : 200.0 GB [0-0-0, pd1]
(2) ST3250310NS : 250.0 GB [1-0-1, pd1]

----------------------------------------------------------------------------
(1) WDC WD2000JS-00SGB0
----------------------------------------------------------------------------
Model : WDC WD2000JS-00SGB0
Firmware : 20.06C03
Serial Number : WD-WCANY1898532
Disk Size : 200.0 GB (8.4/137.4/200.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 390719855
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 6481 hod.
Power On Count : 1610 krát
Temparature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 199 199 _51 00000000237A Počet chyb čtení
03 192 178 _21 00000000150F Čas na roztočení ploten
04 _99 _99 __0 000000000681 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _92 _92 __0 000000001951 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 00000000064A Počet cyklů zapnutí zařízení
C2 108 _96 __0 00000000002A Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 177 __0 000000000000 Počet podezřelých sektorů
C6 200 165 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000001415 Počet chyb v kontrolním součtu UltraDMA
C8 200 __1 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 7A 42 FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 57 20 2D 44 43 57 4E 41
020: 31 59 39 38 35 38 32 33 00 00 00 40 32 00 30 32
030: 30 2E 43 36 33 30 44 57 20 43 44 57 30 32 30 30
040: 53 4A 30 2D 53 30 42 47 20 30 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 2F 01 40 00 00 00 00 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 06 07 00 00 44 00 40 00
0A0: FE 00 00 00 6B 74 61 7F 63 40 69 74 41 3C 63 40
0B0: 7F 20 20 00 00 00 00 00 FE FF 00 00 FE 80 00 00
0C0: 00 00 00 00 00 00 00 00 6F E9 49 17 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 40
0F0: 10 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 09 00 00 00 00 00 00 00 00 00 7C 16 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 3F 10 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 01 00 00 10 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 36

----------------------------------------------------------------------------
(2) ST3250310NS
----------------------------------------------------------------------------
Model : ST3250310NS
Firmware : SN06
Serial Number : 9SF1EW28
Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 488395055
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/150
Power On Hours : 1308 hod.
Power On Count : 65 krát
Temparature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _78 _63 _44 00000421FCEE Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000147 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _66 _60 _30 0000003E994A Počet chybných hledání
09 _99 _99 __0 00000000051C Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 _37 _20 000000000041 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _60 _55 _45 000029270028 Teplota toku vzduchu
C2 _40 _45 __0 000E00000028 Teplota
C3 _42 _38 __0 00000421FCEE Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 5A 0C FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 53 39 31 46 57 45 38 32 00 00 00 00 04 00 4E 53
030: 36 30 20 20 20 20 54 53 32 33 30 35 31 33 4E 30
040: 20 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 2F 00 40 00 02 00 02 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 02 05 00 00 40 00 40 00
0A0: F0 01 29 00 6B 34 01 7D 23 41 69 34 01 BC 23 41
0B0: 7F 20 19 00 19 00 00 00 FE FF 00 00 00 FE 00 00
0C0: 00 00 00 00 00 00 00 00 2F 51 1C 1D 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 50 00 C5 F5 19 97 C8
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1E 40
0F0: 1C 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 29 00 70 59 1C 1D 70 59 1C 1D 20 20 02 00 40 01
110: 00 01 00 50 06 3C 0A 3C 00 00 3C 00 00 00 08 00
120: 00 00 00 00 0F 00 80 02 00 00 00 00 0A 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 27 00 80
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 3D 10 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 20 1C 00 00 00 00 00 00 00 00 10 10 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 F2

MiliNess · #15 Příspěvek od **MiliNess** » 22 lis 2010 08:52

Ano ten WDC WD2000JS-00SGB0 má problémy při přenosu dat.
(C7 200 200 __0 000000001415 Počet chyb v kontrolním součtu UltraDMA)
Nejdříve bych zkusil vyměnit datový kabel mezi diskem a deskou. Po výměně
bych se znovu podíval v CrystalDiskInfo na ten atribut C7, zapsal si jeho stav (nyní je 1415)
a pokud by se za pár dní hodnota opět zvýšila, s diskem bych se rozloučil.
Jinak se myslím spoléháte na ovladač řadiče disku, který je integrovaný ve Windows.
Zkuste najít software pro chipset základní desky a nainstalovat ho.

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu