VIRY.CZ

poprosím o pomoc, notebook mi niekedy naštartuje rýchle, inokedy mu to trvá dlho. Niekedy je normálny, potom zase spomalený. Pri pripojení na net mu trvá niekedy aj 5 minút než ferefox nabehne. Potom počas pripojenia internet zamrzne a naskočí hláška, že skript nereaguje. Som na router napojený aj druhým pc, a ten ide normálne.
vďaka
tu je logový súbor z kombofix:
ComboFix 12-03-02.01 - Vladimír Lalák . 03. 2012 20:53:48.2.1 - FAT32x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.191 [GMT 1:00]
Running from: c:\documents and settings\Vladimír Lalák\My Documents\Preberanie\ComboFix.exe
AV: COMODO Antivirus *Enabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\oobe\msoobe.exe
c:\windows\system32\oobe\oobebaln.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-02-04 to 2012-03-04 )))))))))))))))))))))))))))))))
.
.
2012-03-03 16:39 . 2012-03-03 16:39 -------- d-----w- C:\FOUND.011
2012-02-16 15:06 . 2012-02-16 15:06 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2012-02-15 17:22 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-15 17:22 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2012-02-05 10:49 . 2012-02-05 10:49 -------- d-----w- c:\program files\MSECache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-17 21:00 . 2011-10-07 17:48 494968 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-01-12 16:53 . 2006-10-04 15:46 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-19 18:59 . 2011-10-07 17:48 97760 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 18:59 . 2011-10-07 17:48 31704 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 18:59 . 2011-10-07 17:48 18056 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 18:58 . 2011-10-07 17:47 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 18:58 . 2011-10-07 17:47 301224 ----a-w- c:\windows\system32\guard32.dll
2011-12-17 19:46 . 2006-10-04 15:46 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46 . 2006-10-04 15:46 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:46 . 2006-10-04 15:46 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22 . 2006-10-04 15:46 385024 ------w- c:\windows\system32\html.iec
2012-02-18 20:42 . 2011-11-10 17:06 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\Vladimír Lalák\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
InterVideo WinCinema Manager.lnk - g:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"g:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [7. 10. 2011 18:48 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [7. 10. 2011 18:48 494968]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [23. 11. 2011 11:27 1052472]
R3 DCamUSBGene;USB2.0 1.3M PC Cam;c:\windows\system32\drivers\USBGENE.sys [28. 11. 2006 23:33 142720]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{04684315-57E1-40AF-B934-45F5DDDC8121}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{23041FEC-0A1A-4254-B3BF-131915D47EAE}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\documents and settings\Vladimír Lalák\Application Data\Mozilla\Firefox\Profiles\83ag0ec5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_ActiveSetup-ccc-core-static - msiexec
AddRemove-Totalcmd - g:\totalcmd\tcuninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-04 21:06
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Abiosdsk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\abp480n5]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPIEC]
"ImagePath"="system32\DRIVERS\ACPIEC.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACS]
"ImagePath"="c:\windows\system32\acs.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\adpu160m]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aec]
"ImagePath"="system32\drivers\aec.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aha154x]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78u2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78xx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AliIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\amsint]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AR5211]
"ImagePath"="system32\DRIVERS\ar5211.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3350p]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3550]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET_1.1.4322]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET_2.0.50727]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aspnet_state]
"ImagePath"="%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AtcL002]
"ImagePath"="system32\DRIVERS\l251x86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atdisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ati HotKey Poller]
"ImagePath"="%SystemRoot%\system32\Ati2evxx.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ati2mtag]
"ImagePath"="system32\DRIVERS\ati2mtag.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atierecord]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atmarpc]
"ImagePath"="system32\DRIVERS\atmarpc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\audstub]
"ImagePath"="system32\DRIVERS\audstub.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\docume~1\VLADIM~1\LOCALS~1\Temp\catchme.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cbidf2k]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CCDECODE]
"ImagePath"="system32\DRIVERS\CCDECODE.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cd20xrnt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdaudio]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Changer]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CiSvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CLPSLS]
"ImagePath"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmBatt]
"ImagePath"="system32\DRIVERS\CmBatt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cmdAgent]
"ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cmderd]
"ImagePath"="System32\DRIVERS\cmderd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cmdGuard]
"ImagePath"="System32\DRIVERS\cmdguard.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Compbatt]
"ImagePath"="system32\DRIVERS\compbatt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentFilter]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentIndex]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cpqarray]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac2w2k]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac960nt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DCamUSBGene]
"ImagePath"="system32\DRIVERS\usbgene.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dpti2o]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventSystem]
"ServiceDll"="c:\windows\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fastfat]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fdc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fips]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Flpydisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FontCache3.0.0.0]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ftdisk]
"ImagePath"="system32\DRIVERS\ftdisk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ghaio]
"ImagePath"="\??\c:\program files\ASUS\NB Probe\SPM\ghaio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Gpc]
"ImagePath"="system32\DRIVERS\msgpc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gusvc]
"ImagePath"="\"c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\helpsvc]
"ServiceDll"="%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hkmsvc]
"ServiceDll"="%SystemRoot%\System32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpn]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omgmt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omp]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\idsvc]
"ImagePath"="\"c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Imapi]
"ImagePath"="system32\DRIVERS\imapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\inetaccs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ini910u]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inport]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RtkHDAud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntelIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ip6Fw]
"ImagePath"="system32\drivers\ip6fw.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpNat]
"ImagePath"="system32\DRIVERS\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IPSec]
"ImagePath"="system32\DRIVERS\ipsec.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IRENUM]
"ImagePath"="system32\DRIVERS\irenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ISAPISearch]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\isapnp]
"ImagePath"="system32\DRIVERS\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kbfiltr]
"ImagePath"="system32\DRIVERS\kbfiltr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KSecDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lbrtfdc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ldap]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LicenseService]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LightScribeService]
"ImagePath"="\"c:\program files\Common Files\LightScribe\LSSrvc.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmdd]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmsrvc]
"ImagePath"="c:\windows\system32\mnmsrvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Modem]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MODEMCSA]
"ImagePath"="system32\drivers\MODEMCSA.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MountMgr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mraid35x]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxDAV]
"ImagePath"="system32\DRIVERS\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxSmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC]
"ImagePath"="c:\windows\system32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Msfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSIServer]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MTsensor]
"ImagePath"="system32\DRIVERS\ATKACPI.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mup]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\napagent]
"ServiceDll"="%SystemRoot%\System32\qagentrt.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDIS]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDProxy]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBT]
"ImagePath"="system32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetTcpPortSharing]
"ImagePath"="\"c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Npfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ntfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Null]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ose]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Parport]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PartMgr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ParVdm]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCI]
"ImagePath"="system32\DRIVERS\pci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIDump]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIIde]
"ImagePath"="system32\DRIVERS\pciide.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Pcmcia]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDCOMP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDFRAME]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRELI]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRFRAME]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2hib]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfNet]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfOS]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfProc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1080]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ql10wnt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql12160]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1240]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1280]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPNP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPWD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgr]
"ImagePath"="c:\windows\system32\sessmgr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RTSTOR]
"ImagePath"="system32\drivers\RTSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ScsiPort]
"ImagePath"="%SystemRoot%\system32\drivers\scsiport.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Serial]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sfloppy]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Simbad]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\smserial]
"ImagePath"="system32\DRIVERS\smserial.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sparrow]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\spmgr]
"ImagePath"="c:\program files\ASUS\NB Probe\SPM\spmgr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srservice]
"ServiceDll"="%SystemRoot%\system32\srsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SwPrv]
"ImagePath"="c:\windows\system32\dllhost.exe /Processid:{BDA6EF68-197A-4D8A-ADDC-9DB4D2EB684B}"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swwd]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc810]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc8xx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_hi]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_u3]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SynTP]
"ImagePath"="system32\DRIVERS\SynTP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDPIPE]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDTCP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TlntSvr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TosIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSDDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Udfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ultra]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UMWdf]
"ImagePath"="c:\windows\system32\wdfmgr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usb]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbstor]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ViaIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VolSnap]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W3SVC]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WDICA]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Winsock]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinSock2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinTrust]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmdmPmSN]
"ServiceDll"="c:\windows\system32\mspmsnsv.dll"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wmi]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApSrv]
"ImagePath"="c:\windows\system32\wbem\wmiapsrv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WS2IFSL]
"ImagePath"="\SystemRoot\System32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WSIMD]
"ImagePath"="system32\DRIVERS\wsimd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuauserv]
"ServiceDll"="c:\windows\system32\wuauserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{04684315-57E1-40AF-B934-45F5DDDC8121}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{23041FEC-0A1A-4254-B3BF-131915D47EAE}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{BEB05FB5-5E81-44B0-9937-9274D97A3716}]
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(868)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(924)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'csrss.exe'(832)
c:\windows\system32\cmdcsr.dll
.
Completion time: 2012-03-04 21:10:35
ComboFix-quarantined-files.txt 2012-03-04 20:10
.
Pre-Run: 27 921 481 728 bytes free
Post-Run: 27 882 045 440 bytes free
.
- - End Of File - - 6D461069C21836EB61F3B504689CA59F

Dobrý večer

kdopak Vám poradil combofix?

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/03/11 14:30:48

-- Controller Map ----------------------------------------------------------
+ Standard Dual Channel PCI IDE Controller [ATA]
+ Primary IDE Channel (0)
- Hitachi HTS541680J9SA00
- Secondary IDE Channel (1)
+ Standard Dual Channel PCI IDE Controller [ATA]
+ Primary IDE Channel (0)
- MATSHITA DVD-RAM UJ-850S
- Secondary IDE Channel (1)

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS541680J9SA00 : 80.0 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS541680J9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS541680J9SA00
Firmware : SB2OC70P
Serial Number : SB2251SGKPTEWE
Disk Size : 80.0 GB (8.4/80.0/80.0)
Buffer Size : 7516 KB
Queue Depth : 32
# of Sectors : 156301488
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 1
Transfer Mode : SATA/150
Power On Hours : 5459 hod.
Power On Count : 1658 krát
Temparature : 49 C (120 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000900000000 Čas na roztočení ploten
04 _99 _99 __0 00000000068C Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _88 _88 __0 000000001553 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 __0 00000000067A Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000E Počet vypnutí disku
C1 100 100 __0 000000000E2E Počet cyklů načítání/vymazání
C2 112 112 __0 003800050031 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 53 42 32 32 35 31
020: 53 47 4B 50 54 45 57 45 00 03 3A B8 00 04 53 42
030: 32 4F 43 37 30 50 48 69 74 61 63 68 69 20 48 54
040: 53 35 34 31 36 38 30 4A 39 53 41 30 30 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 0F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 F8 B0 09 50 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 02 00 00 00 5E 00 00
0A0: 00 FC 00 1A 74 6B 7F 69 61 63 74 69 3C 49 61 63
0B0: 20 3F 00 15 00 00 40 80 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 F8 B0 09 50 00 00 00 00
0D0: 00 00 00 00 00 00 88 48 50 00 CC A5 1C F4 2E 14
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00
0F0: 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 0B 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 40 01 00 00 80 00 00 00
130: 32 4A 00 00 00 00 42 33 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 27 A5

Disk je v pořádku. Změnilo se něco po použití combofixu?

niekedy je normálny, niekedy zasekáva. Najlepšie je ho zapnúť a tak za 5 minút pustiť mozilu až potom, a zase tak 5 minút počkať inak dlho otvára mozilu a potom pri načítavaní napríklad google mu to dlho trvá niekedy aj aj 5 minút aby bol normálny chod

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

OTL Extras logfile created on: 26. 3. 2012 19:44:40 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Vladimír Lalák\My Documents\Preberanie
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

447,17 Mb Total Physical Memory | 110,07 Mb Available Physical Memory | 24,61% Memory free
1,03 Gb Paging File | 0,41 Gb Available in Paging File | 40,07% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 44,69 Gb Total Space | 25,92 Gb Free Space | 58,01% Space Free | Partition Type: FAT32
Drive D: | 25,89 Gb Total Space | 22,64 Gb Free Space | 87,44% Space Free | Partition Type: FAT32

Computer Name: ASUS06 | User Name: Vladimír Lalák | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3621570727-937943167-175084393-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"G:\Program Files\InterVideo\DVD6\WinDVD.exe" = G:\Program Files\InterVideo\DVD6\WinDVD.exe:*:Enabled:WinDVD

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FF2C26-DBCE-DADA-BEE5-0928E0F8F623}" = CCC Help German
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05F4ABAC-8697-2291-16D8-4BFD7DD78B59}" = CCC Help Japanese
"{07C85A90-668F-A807-5C67-975E0777A9E8}" = Catalyst Control Center Localization Russian
"{0EA06F05-4320-E4DC-4374-E6C0986C964D}" = Catalyst Control Center Localization Finnish
"{137C5C08-8B6F-497A-1529-502359B3BA88}" = Catalyst Control Center Localization Polish
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{17EE76BB-5264-8946-DA8F-D564ED25EDDD}" = CCC Help English
"{27599825-6BD9-1081-D1CC-0BFC01157204}" = CCC Help Hungarian
"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2E13776F-DEAF-7C83-C2A9-3BF073D51BFD}" = Catalyst Control Center Localization Swedish
"{3482A5D0-F16D-A6C9-397F-8D85EA61BF93}" = Catalyst Control Center Localization Norwegian
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C3CA756-9FB1-60D9-4435-6D9FEB42C637}" = Catalyst Control Center Localization Dutch
"{3E4039F8-5DA8-0414-B7E1-8DA8C8FC1565}" = Catalyst Control Center Localization Thai
"{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}" = USB2.0 1.3M WebCam
"{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear
"{48D4215F-414F-1554-8534-E3D8156C0666}" = Skins
"{4A0FAC3C-852D-C0A3-1715-6F844C184CF0}" = CCC Help Portuguese
"{4B29B49E-F274-58CE-25D2-791570F1619A}" = CCC Help French
"{4B546AE5-DF17-6D39-A846-A9ECD0153C9A}" = Catalyst Control Center Localization Greek
"{4EAB2511-0135-48CA-A47B-CE1E6836793A}" = COMODO Internet Security
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{57EF4BC7-0C52-1872-C0CE-AEAB996E5626}" = Catalyst Control Center Localization Korean
"{5B701396-48C3-A3FA-43DB-FF975446759C}" = Catalyst Control Center Localization French
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5ECA8F33-8F8E-1042-2082-5F02E64D6140}" = CCC Help Polish
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{68B84920-CD46-8C5B-DABE-EC0FF6F0C703}" = Catalyst Control Center Localization German
"{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}" = InterVideo WinDVD 6
"{6AF75C96-2093-51F4-0412-501CB317A7F9}" = CCC Help Thai
"{6D219284-A368-A0A5-AA55-8BAAE9EA60CC}" = Catalyst Control Center Localization Japanese
"{732442CA-AFFC-E75D-C586-2A3C71D8CFFE}" = CCC Help Finnish
"{767EE8DA-A2AA-00A9-1A21-9584E00867B8}" = Catalyst Control Center Core Implementation
"{815B5312-F7B5-EDD5-A899-B0228C3C7F3A}" = CCC Help Turkish
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{857D4360-762B-978B-76AD-491AA719E47A}" = ccc-core-static
"{86552A3A-0437-319B-46C5-569FC9F7ACA9}" = ccc-utility
"{89EAD7B4-1CAC-CC9E-F040-FE041A2EA77C}" = Catalyst Control Center Localization Spanish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BE3174F-3BFE-8822-4493-A0519D1E4E94}" = Catalyst Control Center Localization Portuguese
"{90120000-0020-041B-0000-0000000FF1CE}" = Balík Compatibility Pack pre systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91E3041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D7802F0-3C39-ED52-10D9-AE8A7FB5A94C}" = Catalyst Control Center Localization Hungarian
"{9F303CF8-2998-4541-C9F7-C3AAEC2B88B0}" = Catalyst Control Center Graphics Full Existing
"{A042FD6F-D051-ECE5-71C9-52ABFE36EBF9}" = Catalyst Control Center Localization Czech
"{A125DDDB-E0C0-08E0-F04C-7B5409DFFC79}" = Catalyst Control Center Graphics Light
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB1E9EC2-42E4-E801-83BB-AAFF86DDEC7E}" = CCC Help Czech
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{B02A3921-F7B7-C73F-395B-8172C9EE4006}" = Catalyst Control Center Localization Italian
"{BD17DEF2-8970-E4F5-337A-C10DE4D33F29}" = CCC Help Korean
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C5A2542D-CF79-3EE6-7673-2CEDA2338172}" = CCC Help Greek
"{C69B9631-B617-B714-7FE2-6FCD5B891ACD}" = Catalyst Control Center Localization Chinese Traditional
"{C6D7BC96-A608-0908-F6E7-53C118423087}" = CCC Help Chinese Standard
"{C8A4038E-4DA5-879D-A353-7443FC3EE22C}" = CCC Help Spanish
"{C9B7D4A2-7A42-96BC-DE77-6EB23F1116A8}" = CCC Help Swedish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE344E77-B015-C6D0-9A1B-0EA0043E7A52}" = CCC Help Russian
"{D9D45F79-D38C-9BCA-4023-6F3E365D5D25}" = CCC Help Dutch
"{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}" = Branding
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E4BCF2E7-B181-C240-B6EC-04A8FA633EEF}" = Catalyst Control Center Graphics Full New
"{E91EBA1F-DA25-58B2-365F-FB76BDC81F86}" = Catalyst Control Center Localization Turkish
"{EA2F03AD-BF9D-EECC-F24C-549046AEC17A}" = Catalyst Control Center Localization Danish
"{EE78C2A7-1413-105B-DC86-3F9FA6B10C2F}" = CCC Help Danish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AAE965-966C-104E-ECCD-9F111A83139C}" = CCC Help Italian
"{F3AEE6A8-5FA3-F9AA-8CA7-D1AAD6352065}" = Catalyst Control Center Localization Chinese Standard
"{F7F564DD-A790-D01A-5390-6D1386AA5621}" = CCC Help Norwegian
"{FD9B0D38-7B82-5A3A-E046-D8DBF3F06A93}" = CCC Help Chinese Traditional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner (remove only)
"COMODO GeekBuddy" = COMODO GeekBuddy
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow v1.1.3721 [2011-01-07]
"ie8" = Windows Internet Explorer 8
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 11.0 (x86 sk)" = Mozilla Firefox 11.0 (x86 sk)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Picasa 3" = Picasa 3
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3621570727-937943167-175084393-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29. 7. 2010 13:05:52 | Computer Name = ASUS06 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia opera.exe, verzia 10.54.3423.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 6. 8. 2010 11:22:01 | Computer Name = ASUS06 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional s aplikací FrontPage - Chyba
1706. Instalacní program nemuže najít požadované soubory. Zkontrolujte sítové pripojení
nebo jednotku CD-ROM. Informace o dalších možných rešeních tohoto problému získáte
zde: C:\Program Files\Microsoft Office\Office10\1029\SETUP.HLP.

Error - 3. 9. 2010 13:17:03 | Computer Name = ASUS06 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional s aplikací FrontPage - Chyba
1706. Instalacní program nemuže najít požadované soubory. Zkontrolujte sítové pripojení
nebo jednotku CD-ROM. Informace o dalších možných rešeních tohoto problému získáte
zde: C:\Program Files\Microsoft Office\Office10\1029\SETUP.HLP.

Error - 1. 10. 2010 10:12:46 | Computer Name = ASUS06 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional s aplikací FrontPage - Chyba
1706. Instalacní program nemuže najít požadované soubory. Zkontrolujte sítové pripojení
nebo jednotku CD-ROM. Informace o dalších možných rešeních tohoto problému získáte
zde: C:\Program Files\Microsoft Office\Office10\1029\SETUP.HLP.

Error - 1. 10. 2010 10:13:12 | Computer Name = ASUS06 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional s aplikací FrontPage - Chyba
1706. Instalacní program nemuže najít požadované soubory. Zkontrolujte sítové pripojení
nebo jednotku CD-ROM. Informace o dalších možných rešeních tohoto problému získáte
zde: C:\Program Files\Microsoft Office\Office10\1029\SETUP.HLP.

Error - 1. 10. 2010 13:34:12 | Computer Name = ASUS06 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional s aplikací FrontPage - Chyba
1706. Instalacní program nemuže najít požadované soubory. Zkontrolujte sítové pripojení
nebo jednotku CD-ROM. Informace o dalších možných rešeních tohoto problému získáte
zde: C:\Program Files\Microsoft Office\Office10\1029\SETUP.HLP.

Error - 1. 10. 2010 13:35:09 | Computer Name = ASUS06 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional s aplikací FrontPage - Chyba
1706. Instalacní program nemuže najít požadované soubory. Zkontrolujte sítové pripojení
nebo jednotku CD-ROM. Informace o dalších možných rešeních tohoto problému získáte
zde: C:\Program Files\Microsoft Office\Office10\1029\SETUP.HLP.

Error - 1. 10. 2010 13:35:52 | Computer Name = ASUS06 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional s aplikací FrontPage - Chyba
1706. Instalacní program nemuže najít požadované soubory. Zkontrolujte sítové pripojení
nebo jednotku CD-ROM. Informace o dalších možných rešeních tohoto problému získáte
zde: C:\Program Files\Microsoft Office\Office10\1029\SETUP.HLP.

Error - 1. 10. 2010 14:57:56 | Computer Name = ASUS06 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional s aplikací FrontPage - Chyba
1706. Instalacní program nemuže najít požadované soubory. Zkontrolujte sítové pripojení
nebo jednotku CD-ROM. Informace o dalších možných rešeních tohoto problému získáte
zde: C:\Program Files\Microsoft Office\Office10\1029\SETUP.HLP.

Error - 1. 10. 2010 15:16:24 | Computer Name = ASUS06 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional s aplikací FrontPage - Chyba
1706. Instalacní program nemuže najít požadované soubory. Zkontrolujte sítové pripojení
nebo jednotku CD-ROM. Informace o dalších možných rešeních tohoto problému získáte
zde: C:\Program Files\Microsoft Office\Office10\1029\SETUP.HLP.

[ System Events ]
Error - 27. 1. 2012 2:40:16 | Computer Name = ASUS06 | Source = Print | ID = 54
Description = Dokument Microsoft Word - zoznam.doc bol poškodený, a preto bol odstránený.
Súvisiaci ovládac: Epson AP-2000.

Error - 3. 3. 2012 12:41:07 | Computer Name = ASUS06 | Source = System Error | ID = 1003
Description = Kód chyby 1000008e, parameter1 c0000005, parameter2 f73d0ad4, parameter3
ed448a7c, parameter4 00000000.

< End of report >

musel som log rozdeliť na dva krát lebo mi písalo, že obsahuje 90322 znakov a maximálne má byť 80000 znakov

OTL logfile created on: 26. 3. 2012 19:44:40 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Vladimír Lalák\My Documents\Preberanie
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

447,17 Mb Total Physical Memory | 110,07 Mb Available Physical Memory | 24,61% Memory free
1,03 Gb Paging File | 0,41 Gb Available in Paging File | 40,07% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 44,69 Gb Total Space | 25,92 Gb Free Space | 58,01% Space Free | Partition Type: FAT32
Drive D: | 25,89 Gb Total Space | 22,64 Gb Free Space | 87,44% Space Free | Partition Type: FAT32

Computer Name: ASUS06 | User Name: Vladimír Lalák | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.03.26 19:37:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vladimír Lalák\My Documents\Preberanie\OTL.exe
PRC - [2012.03.19 19:59:48 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.03.11 22:13:22 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.03.11 22:13:02 | 006,749,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.11.23 11:27:04 | 001,052,472 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
PRC - [2011.11.23 11:27:04 | 000,992,056 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
PRC - [2008.04.14 01:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.07 17:59:14 | 000,033,136 | ---- | M] () -- C:\WINDOWS\ASScrPro.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.07.12 10:25:28 | 000,225,280 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007.07.10 17:33:58 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2007.07.10 10:59:56 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2007.07.05 16:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.07.03 10:48:02 | 007,708,672 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2007.05.23 16:56:14 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.05.03 17:42:56 | 000,376,921 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2007.05.03 17:42:38 | 000,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2007.04.17 13:39:42 | 000,077,824 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.01.16 16:13:14 | 000,106,496 | ---- | M] (ASUS) -- C:\WINDOWS\system32\ASUSTPE.exe
PRC - [2006.11.22 02:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006.11.02 08:27:32 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2005.07.06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\WINDOWS\system32\ACEngSvr.exe
PRC - [2005.01.12 03:01:32 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe

========== Modules (No Company Name) ==========

MOD - [2012.03.19 19:59:46 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.03.06 17:24:38 | 000,085,288 | ---- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Mozilla\Firefox\Profiles\83ag0ec5.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko11.dll
MOD - [2012.02.16 16:48:12 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
MOD - [2012.02.16 16:45:28 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012.02.16 16:30:14 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012.02.16 16:29:32 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012.02.16 16:27:50 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012.02.16 16:06:50 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012.02.15 21:09:58 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2012.02.15 21:09:54 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.12.19 19:59:44 | 000,068,424 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
MOD - [2011.11.23 11:27:10 | 004,284,728 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\Socket\Adaptor.dll
MOD - [2011.11.23 11:27:10 | 002,085,688 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\GuiListener\export.dll
MOD - [2011.11.23 11:27:10 | 001,764,664 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\Socket\Export.dll
MOD - [2011.11.23 11:27:10 | 000,339,768 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\RemoteDesktop\Export.dll
MOD - [2011.11.23 11:27:10 | 000,049,976 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\RemoteDesktop\ShHook.dll
MOD - [2011.11.23 11:27:08 | 000,464,184 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\CRF\export.dll
MOD - [2011.11.23 11:27:08 | 000,328,504 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\EventMonitor\export.dll
MOD - [2011.11.23 11:27:08 | 000,126,776 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\EventMonitor\EventMonitor.dll
MOD - [2011.11.23 11:27:06 | 001,131,320 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPS_RES.dll
MOD - [2011.11.23 11:27:06 | 000,020,280 | ---- | M] () -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLANG.dll
MOD - [2011.11.01 19:03:56 | 008,522,400 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.10.13 23:12:54 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.08.30 23:25:44 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\ViewerPS.dll
MOD - [2007.11.07 17:59:14 | 000,033,136 | ---- | M] () -- C:\WINDOWS\ASScrPro.exe
MOD - [2007.11.07 17:51:04 | 001,671,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2589.34579__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2007.11.07 17:51:04 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2589.34534__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2007.11.07 17:51:04 | 000,184,320 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2589.34592__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2007.11.07 17:51:04 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2589.34570__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2007.11.07 17:51:04 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2589.34591__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2007.11.07 17:51:04 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2589.34555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2007.11.07 17:51:02 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2589.34808__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2007.11.07 17:51:02 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2589.34761__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2007.11.07 17:51:02 | 000,015,360 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2589.34693__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2007.11.07 17:51:00 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2589.34851__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2007.11.07 17:50:00 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2589.34857__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2007.11.07 17:50:00 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2589.34584__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2007.11.07 17:50:00 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2589.34549__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:58 | 000,344,064 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2589.34776__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:58 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2589.34781__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2007.11.07 17:49:58 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2589.34773__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2007.11.07 17:49:58 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2589.34584__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2007.11.07 17:49:56 | 000,667,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2589.34707__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:56 | 000,573,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2589.34606__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:56 | 000,475,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2589.34698__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:56 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2589.34557__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:56 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2589.34795__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2007.11.07 17:49:56 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2589.34748__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:56 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2589.34613__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2007.11.07 17:49:56 | 000,262,144 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard\2.0.2589.34628__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:56 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2589.34599__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:56 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2589.34728__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2007.11.07 17:49:56 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2589.34694__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2007.11.07 17:49:56 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2589.34703__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2007.11.07 17:49:56 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2589.34702__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2007.11.07 17:49:56 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2589.34727__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2007.11.07 17:49:56 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2589.34612__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2007.11.07 17:49:56 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2589.34747__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2007.11.07 17:49:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime\2.0.2589.34633__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.dll
MOD - [2007.11.07 17:49:54 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2560.25959__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2007.11.07 17:49:54 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2560.25964__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2007.11.07 17:49:54 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2560.25974__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2007.11.07 17:49:54 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2560.26001__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2007.11.07 17:49:54 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2560.26002__90ba9c70f846762e\DEM.OS.dll
MOD - [2007.11.07 17:49:54 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2560.26010__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2007.11.07 17:49:54 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2007.11.07 17:49:52 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2560.25961__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2007.11.07 17:49:52 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2560.25971__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2537.29860__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2007.11.07 17:49:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2560.26012__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2560.26040__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2007.11.07 17:49:52 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2560.25973__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2560.25968__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared\2.0.2560.25989__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2560.25997__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2007.11.07 17:49:52 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2531.19989__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2007.11.07 17:49:52 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2007.11.07 17:49:52 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2007.11.07 17:49:50 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2560.26001__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2007.11.07 17:49:50 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2007.11.07 17:49:50 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2007.11.07 17:49:50 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2007.11.07 17:49:50 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2007.11.07 17:49:50 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2560.25986__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2007.11.07 17:49:50 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2007.11.07 17:49:50 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2560.26001__90ba9c70f846762e\APM.Foundation.dll
MOD - [2007.11.07 17:49:50 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2560.25960__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2007.11.07 17:49:50 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2531.19989__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2007.11.07 17:49:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2560.25970__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2007.11.07 17:49:34 | 000,466,944 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2589.34565__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2007.11.07 17:49:34 | 000,389,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2589.34827__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2007.11.07 17:49:34 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2589.34834__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2007.11.07 17:49:34 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2589.34533__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2007.11.07 17:49:34 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2589.34833__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2007.11.07 17:49:34 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2560.25980__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2007.11.07 17:49:34 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2560.25964__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2007.11.07 17:49:34 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2589.34878__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2007.11.07 17:49:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2560.26010__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2007.11.07 17:49:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2560.25982__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2007.11.07 17:49:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2560.25966__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2007.11.07 17:49:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2560.25981__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2007.11.07 17:49:32 | 001,404,928 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2589.34543__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2007.11.07 17:49:32 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2589.34533__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2007.11.07 17:49:32 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2560.25970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2007.11.07 17:49:32 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2589.34532__90ba9c70f846762e\AEM.Server.dll
MOD - [2007.11.07 17:49:32 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2007.11.07 17:49:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2560.26004__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2007.11.07 17:49:32 | 000,019,968 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2589.34834__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
MOD - [2007.07.12 10:25:28 | 000,225,280 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControl.exe
MOD - [2007.07.10 17:33:58 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
MOD - [2007.07.09 22:48:38 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2007.07.05 16:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
MOD - [2007.07.03 10:48:02 | 007,708,672 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
MOD - [2007.06.05 11:59:08 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\SPDISKEX.dll
MOD - [2007.05.23 16:56:14 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
MOD - [2007.04.17 13:39:42 | 000,077,824 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
MOD - [2007.01.10 14:22:38 | 000,016,384 | R--- | M] () -- c:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.11.22 02:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
MOD - [2006.11.22 02:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
MOD - [2006.11.22 02:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
MOD - [2006.11.22 02:31:30 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
MOD - [2006.11.22 02:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
MOD - [2006.11.22 02:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
MOD - [2006.11.22 02:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
MOD - [2006.11.22 02:31:28 | 000,057,344 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
MOD - [2006.11.22 02:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
MOD - [2006.11.22 02:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
MOD - [2006.04.04 10:24:24 | 000,036,864 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll
MOD - [2005.08.29 15:24:22 | 000,081,920 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll
MOD - [2005.04.07 19:25:46 | 000,077,824 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll
MOD - [2004.05.27 18:13:10 | 000,057,344 | ---- | M] () -- C:\Program Files\ATK Hotkey\CMSSC.DLL
MOD - [2003.11.28 02:11:04 | 000,135,168 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spos.dll
MOD - [2003.09.09 16:08:00 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.03.11 22:13:22 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011.11.23 11:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.05.03 17:42:38 | 000,364,629 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\VLADIM~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012.03.11 22:13:46 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.03.11 22:13:44 | 000,018,056 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2007.08.21 01:50:54 | 000,030,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l251x86.sys -- (AtcL002)
DRV - [2007.08.02 21:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.05.02 19:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.03.28 19:52:18 | 000,057,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2007.02.02 00:03:24 | 001,975,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.01.24 03:08:40 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2006.12.14 00:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.28 23:33:36 | 000,142,720 | ---- | M] (Genesys Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBGENE.sys -- (DCamUSBGene)
DRV - [2006.11.22 02:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.02 18:32:30 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\..\SearchScopes,DefaultScope = {3B01C57A-27F3-4AC6-95D1-CB1241D663F8}
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\..\SearchScopes\{3B01C57A-27F3-4AC6-95D1-CB1241D663F8}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.6.0.10
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.10 18:06:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.02.27 19:48:20 | 000,000,000 | ---D | M]

[2011.03.15 10:46:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vladimír Lalák\Application Data\Mozilla\Extensions
[2010.02.27 19:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vladimír Lalák\Application Data\Mozilla\Firefox\Profiles\83ag0ec5.default\extensions
[2011.04.30 15:57:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Vladimír Lalák\Application Data\Mozilla\Firefox\Profiles\83ag0ec5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.07 08:25:22 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\Vladimír Lalák\Application Data\Mozilla\Firefox\Profiles\83ag0ec5.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012.03.07 08:25:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vladimír Lalák\Application Data\Mozilla\Firefox\Profiles\83ag0ec5.default\extensions\trash
[2011.11.10 18:06:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\VLADIMÃR LALÃ¡K\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\83AG0EC5.DEFAULT\EXTENSIONS\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
[2012.03.19 19:59:50 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.05 05:00:54 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2011.11.05 05:00:54 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2011.11.05 05:00:54 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2011.11.05 05:00:54 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2011.11.05 05:00:54 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2011.11.05 05:00:54 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2012.03.03 17:35:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.EXE (ASYSTeK Computer INC.)
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe ()
O4 - HKLM..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe (ASUS)
O4 - HKLM..\Run: [ATKHOTKEY] C:\Program Files\ATK Hotkey\Hcontrol.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
O4 - HKU\S-1-5-21-3621570727-937943167-175084393-1006..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3621570727-937943167-175084393-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3621570727-937943167-175084393-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3621570727-937943167-175084393-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3621570727-937943167-175084393-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04684315-57E1-40AF-B934-45F5DDDC8121}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04684315-57E1-40AF-B934-45F5DDDC8121}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23041FEC-0A1A-4254-B3BF-131915D47EAE}: NameServer = 8.26.56.26,156.154.70.22
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.11.07 16:49:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.03.11 14:27:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CrystalDiskInfo
[2012.03.11 14:27:49 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012.03.04 21:10:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.03.03 17:39:28 | 000,000,000 | ---D | C] -- C:\FOUND.011
[2012.03.03 17:19:31 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.03.03 17:15:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.03.03 17:15:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.03.03 17:15:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.03.03 17:15:53 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.03.03 17:15:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012.03.03 17:14:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.03.26 19:47:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.03.26 19:40:40 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\Vladimír Lalák\Desktop\Odkaz na OTL.lnk
[2012.03.26 18:57:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.03.26 18:56:58 | 468,963,328 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.25 20:31:46 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012.03.25 12:49:10 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.03.25 12:48:56 | 000,212,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.03.14 23:40:42 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.03.11 22:13:48 | 000,097,760 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2012.03.11 22:13:46 | 000,494,968 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2012.03.11 22:13:46 | 000,031,704 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2012.03.11 22:13:44 | 000,018,056 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys
[2012.03.11 22:13:20 | 000,301,224 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2012.03.11 22:13:20 | 000,033,984 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll
[2012.03.11 14:27:54 | 000,001,553 | ---- | M] () -- C:\Documents and Settings\Vladimír Lalák\Desktop\CrystalDiskInfo.lnk
[2012.03.05 20:03:10 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.04 22:14:46 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Vladimír Lalák\My Documents\spider.sav
[2012.03.04 20:44:34 | 000,000,604 | ---- | M] () -- C:\Documents and Settings\Vladimír Lalák\Desktop\Odkaz na ComboFix.lnk
[2012.03.03 17:19:42 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.03.26 19:47:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.03.26 19:40:38 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\Vladimír Lalák\Desktop\Odkaz na OTL.lnk
[2012.03.14 23:40:24 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.03.11 14:27:52 | 000,001,553 | ---- | C] () -- C:\Documents and Settings\Vladimír Lalák\Desktop\CrystalDiskInfo.lnk
[2012.03.05 20:03:08 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.04 20:44:32 | 000,000,604 | ---- | C] () -- C:\Documents and Settings\Vladimír Lalák\Desktop\Odkaz na ComboFix.lnk
[2012.03.03 17:19:39 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.03.03 17:19:36 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012.03.03 17:15:53 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.03.03 17:15:53 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.03.03 17:15:53 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.03.03 17:15:53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.03.03 17:15:53 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.02.15 18:22:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.11.05 08:00:23 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2011.05.11 19:59:52 | 000,000,849 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2011.05.09 17:59:47 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2011.05.09 17:59:47 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2011.05.09 17:59:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2011.05.09 17:59:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2011.05.09 17:59:47 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2011.05.09 17:59:47 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2011.05.09 17:55:47 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2011.05.09 17:55:46 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2011.03.09 16:55:37 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.02.03 19:27:44 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.02.02 14:51:03 | 000,000,332 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndzfqpwp.dat
[2010.06.24 00:52:36 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\acovcnt.exe
[2010.06.14 00:06:28 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

========== LOP Check ==========

[2011.07.04 08:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011.11.30 09:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2010.02.26 16:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Opera
[2011.05.09 18:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\InterVideo
[2011.07.04 08:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\go
[2011.09.23 22:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\BSplayer

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"StartCCC" = c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe -- [2006.11.10 12:35:24 | 000,090,112 | ---- | M] ()

< >

< MD5 for: AGP440.SYS >
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.02.28 20:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2006.02.28 20:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2006.02.28 20:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\I386\AUTOCHK.EXE

< MD5 for: CDROM.SYS >
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011.02.08 02:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2006.02.28 20:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.02.28 20:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 01:11:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 01:11:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 01:11:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll

druhá časť logu OTL

< MD5 for: CSRSS.EXE >
[2008.04.14 01:12:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 01:12:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
[2006.02.28 20:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 01:11:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 01:11:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 01:11:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006.02.28 20:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 01:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 01:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 01:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.02.28 20:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: FASTFAT.SYS >
[2006.02.28 20:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008.04.13 20:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.13 20:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:hal.dll
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.02.28 20:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2006.02.28 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:Changer.sys
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010.07.17 10:52:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 19:36:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 19:36:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2006.02.28 20:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.02.28 20:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 20:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.02.28 20:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 01:12:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 01:12:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 01:12:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.02.28 20:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NTFS.SYS >
[2008.04.13 20:15:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ERDNT\cache\ntfs.sys
[2008.04.13 20:15:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 20:15:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
[2006.02.28 20:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys
[2006.02.28 20:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\I386\NTFS.SYS

< MD5 for: SCECLI.DLL >
[2006.02.28 20:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 01:12:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 01:12:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 01:12:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008.04.14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009.02.06 18:14:04 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.06 11:22:22 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.06 12:11:06 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.06 12:11:06 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009.02.06 12:11:06 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.06 12:11:06 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2006.02.28 20:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SMSS.EXE >
[2008.04.14 01:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 01:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2006.02.28 20:00:00 | 000,470,016 | ---- | M] (Microsoft Corporation) MD5=9A98937A980831729D21343754FF9D59 -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE
[2006.02.28 20:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\ERDNT\cache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2005.06.11 01:17:14 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=AD3D9D191AEA7B5445FE1D82FFBB4788 -- C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[2008.04.14 01:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 01:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2005.06.11 00:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2006.02.28 20:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006.01.13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 03:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2005.05.25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.02.28 20:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.02.28 20:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 01:12:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 01:12:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 01:12:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 01:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 01:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 01:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2006.02.28 20:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007.04.09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2006.02.28 20:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2006.02.28 20:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2004.02.17 01:19:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\drivers\1043_ASUSTEK_F5RL_V10.MRK
[2011.02.02 14:51:04 | 000,000,332 | ---- | M] () -- C:\WINDOWS\system32\drivers\ndzfqpwp.dat
[2008.04.14 01:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll
[2008.04.14 01:12:06 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2004.07.17 11:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2007.02.01 23:35:12 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2004.07.17 22:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2007.02.02 00:48:06 | 000,040,512 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativvpxx.vp
[2008.04.14 01:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2006.08.23 02:26:56 | 000,002,096 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativckxx.vp
[2007.01.19 00:35:52 | 000,000,929 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativcaxx.vp
[2007.01.19 00:35:52 | 000,655,842 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativcaxx.cpa
[2006.08.23 02:26:56 | 000,002,096 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativdkxx.vp
[2008.04.14 01:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 01:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 01:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 01:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 01:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2004.07.17 11:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 01:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008.04.14 01:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 01:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 01:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 01:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 01:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 01:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2011.11.05 08:00:24 | 000,000,272 | ---- | M] () -- C:\WINDOWS\system32\drivers\sfi.dat
[2006.11.24 04:56:56 | 000,108,393 | ---- | M] () -- C:\WINDOWS\system32\drivers\MI1320S.SET
[2007.11.07 11:05:36 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\drivers\1043_ASUSTeK_F5RL.alu

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2012.03.25 12:49:10 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2012.03.25 12:48:56 | 000,212,080 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2007.11.07 16:41:48 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[2007.11.07 16:41:48 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007.11.07 16:41:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[18 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Installer\{4EAB2511-0135-48CA-A47B-CE1E6836793A}\*.tmp files -> C:\WINDOWS\Installer\{4EAB2511-0135-48CA-A47B-CE1E6836793A}\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\95d2b7dbf00a9b575ef47eb33aac78a2\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\95d2b7dbf00a9b575ef47eb33aac78a2\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2007.11.07 17:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\InstallShield
[2007.11.07 17:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Adobe
[2007.11.07 17:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Macromedia
[2007.11.07 16:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Identities
[2007.11.07 16:42:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft
[2008.03.18 11:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\ATI
[2009.01.27 19:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\CyberLink
[2010.02.26 16:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Opera
[2010.02.27 19:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Mozilla
[2010.02.27 19:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Talkback
[2010.11.11 15:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\WinRAR
[2010.12.27 20:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Skype
[2011.02.03 19:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\skypePM
[2011.03.07 07:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\Malwarebytes
[2011.05.09 18:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\InterVideo
[2011.07.04 08:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\go
[2011.09.23 22:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vladimír Lalák\Application Data\BSplayer

< %APPDATA%\*.* >
[2007.11.07 16:42:48 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\desktop.ini
[2010.03.01 07:10:56 | 000,016,368 | ---- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\GDIPFONTCACHEV1.DAT

< %APPDATA%\*.exe /s >
[2007.11.07 17:48:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{01FF2C26-DBCE-DADA-BEE5-0928E0F8F623}\ARPPRODUCTICON.exe
[2007.11.07 17:49:06 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{05F4ABAC-8697-2291-16D8-4BFD7DD78B59}\ARPPRODUCTICON.exe
[2007.11.07 17:48:36 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{07C85A90-668F-A807-5C67-975E0777A9E8}\ARPPRODUCTICON.exe
[2007.11.07 17:48:12 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{0EA06F05-4320-E4DC-4374-E6C0986C964D}\ARPPRODUCTICON.exe
[2007.11.07 17:48:32 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{137C5C08-8B6F-497A-1529-502359B3BA88}\ARPPRODUCTICON.exe
[2007.11.07 17:48:58 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{17EE76BB-5264-8946-DA8F-D564ED25EDDD}\ARPPRODUCTICON.exe
[2007.11.07 17:49:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{27599825-6BD9-1081-D1CC-0BFC01157204}\ARPPRODUCTICON.exe
[2007.11.07 17:48:40 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{2E13776F-DEAF-7C83-C2A9-3BF073D51BFD}\ARPPRODUCTICON.exe
[2007.11.07 17:48:30 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{3482A5D0-F16D-A6C9-397F-8D85EA61BF93}\ARPPRODUCTICON.exe
[2007.11.07 17:48:26 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{3C3CA756-9FB1-60D9-4435-6D9FEB42C637}\ARPPRODUCTICON.exe
[2007.11.07 17:48:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{3E4039F8-5DA8-0414-B7E1-8DA8C8FC1565}\ARPPRODUCTICON.exe
[2007.11.07 17:49:14 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{4A0FAC3C-852D-C0A3-1715-6F844C184CF0}\ARPPRODUCTICON.exe
[2007.11.07 17:49:02 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{4B29B49E-F274-58CE-25D2-791570F1619A}\ARPPRODUCTICON.exe
[2007.11.07 17:48:06 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{4B546AE5-DF17-6D39-A846-A9ECD0153C9A}\ARPPRODUCTICON.exe
[2007.11.07 17:48:24 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{57EF4BC7-0C52-1872-C0CE-AEAB996E5626}\ARPPRODUCTICON.exe
[2007.11.07 17:48:14 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{5B701396-48C3-A3FA-43DB-FF975446759C}\ARPPRODUCTICON.exe
[2007.11.07 17:49:12 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{5ECA8F33-8F8E-1042-2082-5F02E64D6140}\ARPPRODUCTICON.exe
[2007.11.07 17:48:02 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{68B84920-CD46-8C5B-DABE-EC0FF6F0C703}\ARPPRODUCTICON.exe
[2007.11.07 17:49:18 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{6AF75C96-2093-51F4-0412-501CB317A7F9}\ARPPRODUCTICON.exe
[2007.11.07 17:48:22 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{6D219284-A368-A0A5-AA55-8BAAE9EA60CC}\ARPPRODUCTICON.exe
[2007.11.07 17:49:00 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{732442CA-AFFC-E75D-C586-2A3C71D8CFFE}\ARPPRODUCTICON.exe
[2007.11.07 17:49:20 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{815B5312-F7B5-EDD5-A899-B0228C3C7F3A}\ARPPRODUCTICON.exe
[2007.11.07 17:48:08 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{89EAD7B4-1CAC-CC9E-F040-FE041A2EA77C}\ARPPRODUCTICON.exe
[2007.11.07 17:48:34 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{8BE3174F-3BFE-8822-4493-A0519D1E4E94}\ARPPRODUCTICON.exe
[2007.11.07 17:48:16 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{9D7802F0-3C39-ED52-10D9-AE8A7FB5A94C}\ARPPRODUCTICON.exe
[2007.11.07 17:48:52 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{AB1E9EC2-42E4-E801-83BB-AAFF86DDEC7E}\ARPPRODUCTICON.exe
[2007.11.07 17:48:18 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{B02A3921-F7B7-C73F-395B-8172C9EE4006}\ARPPRODUCTICON.exe
[2007.11.07 17:49:08 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{BD17DEF2-8970-E4F5-337A-C10DE4D33F29}\ARPPRODUCTICON.exe
[2007.11.07 17:48:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{C5A2542D-CF79-3EE6-7673-2CEDA2338172}\ARPPRODUCTICON.exe
[2007.11.07 17:48:50 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{C69B9631-B617-B714-7FE2-6FCD5B891ACD}\ARPPRODUCTICON.exe
[2007.11.07 17:49:22 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{C6D7BC96-A608-0908-F6E7-53C118423087}\ARPPRODUCTICON.exe
[2007.11.07 17:49:00 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{C8A4038E-4DA5-879D-A353-7443FC3EE22C}\ARPPRODUCTICON.exe
[2007.11.07 17:49:16 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{C9B7D4A2-7A42-96BC-DE77-6EB23F1116A8}\ARPPRODUCTICON.exe
[2007.11.07 17:49:14 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{CE344E77-B015-C6D0-9A1B-0EA0043E7A52}\ARPPRODUCTICON.exe
[2007.11.07 17:49:10 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{D9D45F79-D38C-9BCA-4023-6F3E365D5D25}\ARPPRODUCTICON.exe
[2007.11.07 17:47:54 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe
[2007.11.07 17:47:54 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}\ARPPRODUCTICON.exe
[2007.11.07 17:48:44 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{E91EBA1F-DA25-58B2-365F-FB76BDC81F86}\ARPPRODUCTICON.exe
[2007.11.07 17:48:54 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{EE78C2A7-1413-105B-DC86-3F9FA6B10C2F}\ARPPRODUCTICON.exe
[2007.11.07 17:49:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{F2AAE965-966C-104E-ECCD-9F111A83139C}\ARPPRODUCTICON.exe
[2007.11.07 17:48:48 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{F3AEE6A8-5FA3-F9AA-8CA7-D1AAD6352065}\ARPPRODUCTICON.exe
[2007.11.07 17:49:10 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{F7F564DD-A790-D01A-5390-6D1386AA5621}\ARPPRODUCTICON.exe
[2007.11.07 17:49:24 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Vladimír Lalák\Application Data\Microsoft\Installer\{FD9B0D38-7B82-5A3A-E046-D8DBF3F06A93}\ARPPRODUCTICON.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-03-14 22:44:10

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.03.26 19:47:52 | 000,000,512 | ---- | M] () MD5=2B5D9A3FEF643E8C90ECE846F7F7156F -- C:\PhysicalMBR.bin

< End of report >

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\..\SearchScopes,DefaultScope = {3B01C57A-27F3-4AC6-95D1-CB1241D663F8}
IE - HKU\S-1-5-21-3621570727-937943167-175084393-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = File not found


:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko Run fix.
-Následně se pc restartuje.
- Log vložte zde

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-3621570727-937943167-175084393-1006\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3621570727-937943167-175084393-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002772_.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3769.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1513.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP264E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27F6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC50.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP62.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP453.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5D7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5F0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP661.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD33.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP140.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5A5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP35BA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP369A.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI197.tmp moved successfully.
C:\WINDOWS\Installer\MSI3E.tmp moved successfully.
C:\WINDOWS\Installer\MSI45.tmp moved successfully.
C:\WINDOWS\Installer\MSI46.tmp moved successfully.
C:\WINDOWS\Installer\MSI47.tmp moved successfully.
C:\WINDOWS\Installer\MSI48.tmp moved successfully.
C:\WINDOWS\Installer\MSI49.tmp moved successfully.
C:\WINDOWS\Installer\MSI4A.tmp moved successfully.
C:\WINDOWS\Installer\MSI4B.tmp moved successfully.
C:\WINDOWS\Installer\{4EAB2511-0135-48CA-A47B-CE1E6836793A}\upd81.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\95d2b7dbf00a9b575ef47eb33aac78a2\BIT13.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 75 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Vladimír Lalák
->Temp folder emptied: 56373472 bytes
->Temporary Internet Files folder emptied: 10542513 bytes
->FireFox cache emptied: 55933384 bytes
->Opera cache emptied: 111713591 bytes
->Flash cache emptied: 9611 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 11274611 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 235,00 mb

[EMPTYFLASH]

User: Default User
->Flash cache emptied: 0 bytes

User: All Users

User: NetworkService

User: LocalService

User: Vladimír Lalák
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.39.2 log created on 04012012_200708

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/04/01 20:23:54

-- Controller Map ----------------------------------------------------------

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS541680J9SA00 : 80.0 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS541680J9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS541680J9SA00
Firmware : SB2OC70P
Serial Number : SB2251SGKPTEWE
Disk Size : 80.0 GB (8.4/80.0/80.0)
Buffer Size : 7516 KB
Queue Depth : 32
# of Sectors : 156301488
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 1
Transfer Mode : SATA/150
Power On Hours : 5583 hod.
Power On Count : 1688 krát
Temparature : 54 C (129 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000800000000 Čas na roztočení ploten
04 _99 _99 __0 0000000006AA Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _88 _88 __0 0000000015CF Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 __0 000000000698 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000E Počet vypnutí disku
C1 100 100 __0 000000000E6B Počet cyklů načítání/vymazání
C2 101 101 __0 003800050036 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 53 42 32 32 35 31
020: 53 47 4B 50 54 45 57 45 00 03 3A B8 00 04 53 42
030: 32 4F 43 37 30 50 48 69 74 61 63 68 69 20 48 54
040: 53 35 34 31 36 38 30 4A 39 53 41 30 30 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 0F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 F8 B0 09 50 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 02 00 00 00 5E 00 00
0A0: 00 FC 00 1A 74 6B 7F 69 61 63 74 69 3C 49 61 63
0B0: 20 3F 00 15 00 00 40 80 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 F8 B0 09 50 00 00 00 00
0D0: 00 00 00 00 00 00 88 48 50 00 CC A5 1C F4 2E 14
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00
0F0: 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 0B 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 40 01 00 00 80 00 00 00
130: 32 4A 00 00 00 00 42 33 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 27 A5

Disk je v pořádku. Co počítač?

VIRY.CZ

spomalený notebook ASUS

spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS

Re: spomalený notebook ASUS