Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Strašně pomalý pc, cpu zatížený víc než je třeba

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Paulos123
Návštěvník
Návštěvník
Příspěvky: 34
Registrován: 02 pro 2006 11:28
Kontaktovat uživatele:

Strašně pomalý pc, cpu zatížený víc než je třeba

#1 Příspěvek od Paulos123 »

Zdravím, posledních pár dnů mi počítač jede opravdu pomalu (např. rozbalování 700 mb souboru ve Winraru trvá 14min :(!!, předtím trvalo ani ne minutu - jinak pc mám 4jádro 2.6 Ghz, 2GB Ram, grafiku taky slušnou) nevím čím by to mohlo být způsobeno, ale něco asi pěkně vytěžuje cpu, tam kde nemá, přikládám log z RSIT.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Paulos at 2010-03-16 13:27:48
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 35 GB (71%) free of 50 GB
Total RAM: 2047 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:13, on 16.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
E:\Programs\Java\jre6\bin\jusched.exe
E:\Programs\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Panasonic\MotionSD STUDIO\SD_Browser\AutoLauncher.exe
E:\Programs\BinarySense\HDDlife 3\HDDlifePro.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\CTsvcCDA.exe
E:\Programs\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\Programs\BinarySense\HDDlife 3\HDDlifePro.exe
C:\Program Files\Common Files\BinarySense\hldasvc.exe
C:\Program Files\Common Files\BinarySense\hldasvc.exe
E:\Programs\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
E:\Programs\Sunbelt Software\Personal Firewall\SbPFLnch.exe
E:\Programs\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\wscntfy.exe
E:\Programs\Sunbelt Software\Personal Firewall\SbPFCl.exe
E:\Programs\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Programs\Last.fm\LastFM.exe
E:\Programs\Miranda IM Bagr pack\miranda32.exe
E:\Programs\Rapget.RS_Public_v1.0.4.0_cz\RapgetRS.exe
E:\Programs\WINRAR\WinRAR.exe
E:\Games\Valve\Steam\Steam.exe
C:\Documents and Settings\Paulos\Plocha\RSIT.exe
C:\Program Files\trend micro\Paulos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Programs\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programs\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Programs\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Programs\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Programs\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "E:\Programs\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Steam] "e:\games\valve\steam\steam.exe" -silent
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST" WISE_SETUP_EXE_PATH="d:\nvidia\win2k-xp\PhysX_9[1].09.0408_SystemSoftware.exe"
O4 - HKCU\..\RunOnce: [ICQ Lite] E:\Programs\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HDDlife.lnk = E:\Programs\BinarySense\HDDlife 3\HDDlifePro.exe
O4 - Global Startup: MotionSD STUDIO - SD Browser auto start -.lnk = C:\Program Files\Panasonic\MotionSD STUDIO\SD_Browser\AutoLauncher.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://E:\Programs\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programs\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programs\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\Common Files\BinarySense\hlAPP.dll" (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - E:\Programs\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - E:\Programs\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Programs\Java\jre6\bin\jqs.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - E:\Programs\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - E:\Programs\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 6875 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Programs\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Programs\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - E:\Programs\ICQToolbar\toolbaru.dll [2005-01-19 446464]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinSys2"=C:\WINDOWS\system32\winsys2.exe [2009-05-18 208896]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-04-30 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-04-30 13750272]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-03-27 17567744]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-12-08 2166784]
"SunJavaUpdateSched"=E:\Programs\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"egui"=E:\Programs\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=e:\games\valve\steam\steam.exe [2010-02-20 1217872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I C:\Program Files\Common Files\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI TRANSFORMS=C:\Program Files\Common Files\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST WISE_SETUP_EXE_PATH=d:\nvidia\win2k-xp\PhysX_9[1].09.0408_SystemSoftware.exe []
"ICQ Lite"=E:\Programs\ICQLite\ICQLite.exe [2006-07-11 3144800]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
MotionSD STUDIO - SD Browser auto start -.lnk - C:\Program Files\Panasonic\MotionSD STUDIO\SD_Browser\AutoLauncher.exe

C:\Documents and Settings\Paulos\Nabídka Start\Programy\Po spuštění
HDDlife.lnk - E:\Programs\BinarySense\HDDlife 3\HDDlifePro.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-17 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Programs\ICQLite\ICQLite.exe"="E:\Programs\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"E:\Programs\gtorrent\uTorrent.exe"="E:\Programs\gtorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-03-16 13:27:49 ----D---- C:\Program Files\trend micro
2010-03-16 13:27:48 ----D---- C:\rsit
2010-03-11 11:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-03-11 11:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-11 11:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2010-03-10 20:42:51 ----D---- C:\Documents and Settings\Paulos\Data aplikací\Miranda
2010-03-10 11:13:59 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-10 11:13:54 ----D---- C:\Program Files\MSBuild
2010-03-10 11:13:52 ----D---- C:\WINDOWS\system32\en-US
2010-03-10 11:13:44 ----D---- C:\Program Files\Reference Assemblies
2010-03-10 11:13:03 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-10 11:13:02 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-10 11:13:02 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-10 11:10:27 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-09 03:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-03-09 03:01:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-03-09 03:00:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-03-09 03:00:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-03-09 03:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-03-08 11:27:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-03-08 11:27:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-03-08 11:25:42 ----A---- C:\WINDOWS\system32\MRT.exe
2010-03-08 11:25:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-03-08 11:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-08 11:24:24 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-03-08 11:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-03-08 11:23:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-03-08 11:23:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-02 20:06:49 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-03-02 20:06:49 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-03-02 20:06:49 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-03-02 20:06:48 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-03-02 20:06:48 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-03-02 20:06:47 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-03-02 20:06:47 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-03-02 20:06:46 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-03-02 20:06:46 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-03-02 20:06:45 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-03-02 20:06:45 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-03-02 20:06:44 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-03-02 20:06:44 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-03-02 20:06:44 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-03-02 20:06:43 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-03-02 20:06:43 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-03-02 20:06:42 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-03-02 20:06:42 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-03-02 20:06:41 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-03-02 20:06:41 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-03-02 20:06:41 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-03-02 20:06:40 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-03-02 20:06:40 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-03-02 20:06:40 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-03-02 20:06:39 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-03-02 20:06:39 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-03-02 20:06:39 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-03-02 20:06:38 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-03-02 20:06:38 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-03-02 20:06:38 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-03-02 20:06:37 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-03-02 20:06:36 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-03-02 20:06:36 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-03-02 20:06:36 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-03-02 20:06:35 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-03-02 20:06:35 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-03-02 20:06:35 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-03-02 20:06:34 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-03-02 20:06:34 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-03-02 20:06:33 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-03-02 20:06:33 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-03-02 20:06:32 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-03-02 20:06:32 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-03-02 20:06:31 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-03-02 20:06:31 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-03-02 20:06:30 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-03-02 20:06:30 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-03-02 20:06:29 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-03-02 20:06:29 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-03-02 20:06:28 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-03-02 20:06:28 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-03-02 20:06:27 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-03-02 20:06:27 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-03-02 20:06:27 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-03-02 20:06:26 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-03-02 20:06:26 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-03-02 20:06:26 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-03-02 20:06:25 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-03-02 20:06:24 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-03-02 20:06:23 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-03-02 20:06:23 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-03-02 20:06:22 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-03-02 20:06:21 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-03-02 20:06:21 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-03-02 20:06:21 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-03-02 20:06:20 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-03-02 20:06:20 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-03-02 20:06:20 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-03-02 20:06:20 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-03-02 20:06:20 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-02 20:06:19 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-03-02 20:06:19 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-03-02 20:06:19 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-03-02 20:06:17 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-03-02 20:06:16 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-03-02 20:06:16 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-03-02 20:06:16 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-03-02 20:06:15 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-03-02 20:06:15 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-03-02 20:06:15 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-03-02 20:06:14 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-03-02 19:07:38 ----D---- C:\WINDOWS\Logs
2010-03-02 18:38:17 ----D---- C:\Documents and Settings\Paulos\Data aplikací\DAEMON Tools Lite
2010-03-02 18:38:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-02-21 13:50:02 ----A---- C:\WINDOWS\MotionSDSTUDIO.INI
2010-02-21 13:48:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Panasonic
2010-02-20 14:45:29 ----A---- C:\WINDOWS\system32\GenSvcInst.exe
2010-02-20 14:45:29 ----A---- C:\WINDOWS\system32\bgsvcgen.exe
2010-02-20 14:43:06 ----D---- C:\Program Files\Common Files\IviSDK
2010-02-20 14:41:49 ----D---- C:\Program Files\Common Files\CNC
2010-02-20 14:41:41 ----A---- C:\WINDOWS\system32\PDvAvi3.dll
2010-02-20 14:41:41 ----A---- C:\WINDOWS\system32\PDvAvi2.dll
2010-02-20 14:41:41 ----A---- C:\WINDOWS\system32\PAvFilt.dll
2010-02-20 14:41:41 ----A---- C:\WINDOWS\system32\DvWrite.dll
2010-02-20 14:41:41 ----A---- C:\WINDOWS\system32\DvRead.dll
2010-02-20 14:41:40 ----A---- C:\WINDOWS\system32\pdvcodec.dll
2010-02-20 14:41:36 ----A---- C:\WINDOWS\system32\PCodec.dll
2010-02-20 14:41:35 ----D---- C:\Program Files\Panasonic
2010-02-20 14:41:35 ----D---- C:\Program Files\Common Files\Panasonic

======List of files/folders modified in the last 1 months======

2010-03-16 13:28:09 ----D---- C:\WINDOWS\Temp
2010-03-16 13:27:49 ----RD---- C:\Program Files
2010-03-16 13:26:52 ----D---- C:\WINDOWS\Prefetch
2010-03-16 11:50:35 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-16 11:45:08 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-03-15 23:57:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-14 11:41:54 ----RSD---- C:\WINDOWS\assembly
2010-03-14 11:41:12 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-14 00:58:53 ----SHD---- C:\WINDOWS\Installer
2010-03-11 12:15:23 ----D---- C:\WINDOWS
2010-03-11 12:03:14 ----D---- C:\WINDOWS\system32
2010-03-11 12:03:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-11 12:01:08 ----D---- C:\WINDOWS\WinSxS
2010-03-11 11:52:54 ----HD---- C:\WINDOWS\inf
2010-03-11 11:52:50 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-11 11:52:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-11 11:51:57 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-11 11:51:51 ----A---- C:\WINDOWS\imsins.BAK
2010-03-11 11:51:09 ----D---- C:\Program Files\Movie Maker
2010-03-10 11:13:51 ----RSD---- C:\WINDOWS\Fonts
2010-03-10 11:13:21 ----D---- C:\WINDOWS\system32\spool
2010-03-10 11:11:18 ----D---- C:\Program Files\Internet Explorer
2010-03-08 21:44:59 ----D---- C:\WINDOWS\AppPatch
2010-03-08 13:04:38 ----D---- C:\Documents and Settings\Paulos\Data aplikací\gtk-2.0
2010-03-08 11:27:09 ----D---- C:\WINDOWS\system32\drivers
2010-03-02 20:06:51 ----D---- C:\WINDOWS\system32\DirectX
2010-03-02 18:43:52 ----A---- C:\WINDOWS\wincmd.ini
2010-02-21 13:52:53 ----D---- C:\Documents and Settings
2010-02-20 14:45:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-20 14:43:06 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-30 5063168]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-05-25 142336]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 at6coy5p;at6coy5p; C:\WINDOWS\system32\drivers\at6coy5p.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2006-12-28 122512]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 ekrn;ESET Service; E:\Programs\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2009-08-19 822936]
R2 JavaQuickStarterService;Java Quick Starter; E:\Programs\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-07-17 3576320]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-04-30 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-10-28 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-27 189744]
R2 SbPF.Launcher;SbPF.Launcher; E:\Programs\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-12-08 488960]
R2 SPF4;Sunbelt Personal Firewall 4; E:\Programs\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; E:\Programs\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#2 Příspěvek od Caroprd111 »

Zdravím :)

Na logu se pracuje, prosím o strpení.
Obrázek

Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#3 Příspěvek od Caroprd111 »

Obrázek Podle návodu http://www.viry.cz/forum/viewtopic.php?f=15&t=72743 aplikujte tento skript.

Kód: Vybrat vše

:processes
explorer.exe

:files
C:\WINDOWS\system32\winsys2.exe

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinSys2"=-

:commands
[EmptyTemp]
[ClearAllRestorePoints]
[Reboot]

Obrázek Doporučuji odinstalovat:
E:\Programs\gtorrent\uTorrent.exe

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Obrázek

Paulos123
Návštěvník
Návštěvník
Příspěvky: 34
Registrován: 02 pro 2006 11:28
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#4 Příspěvek od Paulos123 »

Zde je log po skriptování.

Po restartu a spuštění Windows pc nabíhal extrémně pomalu, ale to asi tak po tom předešlém procesu bývá vždy že?

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\WINDOWS\system32\WinSys2.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinSys2 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Paulos
->Temp folder emptied: 1238634354 bytes
->Temporary Internet Files folder emptied: 358292407 bytes
->Java cache emptied: 51616590 bytes
->FireFox cache emptied: 93393870 bytes
->Flash cache emptied: 95174 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 68436604 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13500546 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 567565806 bytes

Total Files Cleaned = 2 283,00 mb


Restore points cleared and new OTM Restore Point set!

OTM by OldTimer - Version 3.1.10.0 log created on 03162010_145051

Files moved on Reboot...

Registry entries deleted on Reboot...

Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#5 Příspěvek od Caroprd111 »

Restartujte PC a napište stav.
Obrázek

Paulos123
Návštěvník
Návštěvník
Příspěvky: 34
Registrován: 02 pro 2006 11:28
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#6 Příspěvek od Paulos123 »

Ted' zkouším extrahaci souboru a opět šíleně pomalá, 300 mb soubor na 11 minut, co tomu teda vlastně je doháje :(.........

Paulos123
Návštěvník
Návštěvník
Příspěvky: 34
Registrován: 02 pro 2006 11:28
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#7 Příspěvek od Paulos123 »

Caroprd111 píše:Restartujte PC a napište stav.
Restart jsem provedl po vyzvání programem, zkusím ho tedy ještě ted'.

Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#8 Příspěvek od Caroprd111 »

OK :)
Obrázek

Paulos123
Návštěvník
Návštěvník
Příspěvky: 34
Registrován: 02 pro 2006 11:28
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#9 Příspěvek od Paulos123 »

Restart nic nevyřešil, čas extrahace stále neúměrne pomalý, něco nepracuje jak má :(...ted' jsem ještě zkoušel kopírovat soubor na flashku přes usb 2.0....... 60 mb = 2 minuty, nechápu co to tedy je, bohužel se to děje opravdu jen pár dnů.....předtím vše jak má většinou

Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#10 Příspěvek od Caroprd111 »

Obrázek Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
  • Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
  • Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna :!:
  • Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
  • Během skenování může být počítač restartován.
Obrázek

Paulos123
Návštěvník
Návštěvník
Příspěvky: 34
Registrován: 02 pro 2006 11:28
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#11 Příspěvek od Paulos123 »

Here is it.

ComboFix 10-03-15.06 - Paulos 16.03.2010 16:22:54.1.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1659 [GMT 1:00]
Spuštěný z: c:\documents and settings\Paulos\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sunbelt Personal Firewall *disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\ieuinit.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-16 do 2010-03-16 )))))))))))))))))))))))))))))))
.

2010-03-16 13:50 . 2010-03-16 13:50 -------- d-----w- C:\_OTM
2010-03-16 12:27 . 2010-03-16 12:28 -------- d-----w- c:\program files\trend micro
2010-03-16 12:27 . 2010-03-16 12:28 -------- d-----w- C:\rsit
2010-03-02 18:07 . 2010-03-02 18:07 -------- d-----w- c:\windows\Logs
2010-03-02 17:39 . 2010-03-02 17:39 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-20 13:45 . 2006-12-28 20:18 56976 ----a-w- c:\windows\system32\GenSvcInst.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-11 11:03 . 2001-10-25 11:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-03-11 11:03 . 2001-10-25 11:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-03-10 10:13 . 2010-03-10 10:13 -------- d-----w- c:\program files\MSBuild
2010-03-10 10:13 . 2010-03-10 10:13 -------- d-----w- c:\program files\Reference Assemblies
2010-02-20 13:47 . 2010-02-20 13:41 -------- d-----w- c:\program files\Panasonic
2010-02-20 13:45 . 2010-02-20 13:41 -------- d-----w- c:\program files\Common Files\Panasonic
2010-02-20 13:45 . 2009-10-18 13:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-20 13:43 . 2010-02-20 13:41 -------- d-----w- c:\program files\Common Files\CNC
2010-02-20 13:43 . 2010-02-20 13:43 -------- d-----w- c:\program files\Common Files\IviSDK
2010-02-06 00:00 . 2009-12-04 19:15 -------- d-----w- c:\program files\OpenSource Flash Video Splitter
2010-02-04 09:01 . 2010-03-02 19:06 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 09:01 . 2010-03-02 19:06 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 09:01 . 2010-03-02 19:06 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 09:01 . 2010-03-02 19:06 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-02-02 18:00 . 2010-02-06 00:07 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-01-30 13:00 . 2009-12-08 17:22 -------- d-----w- c:\program files\Spyware Terminator
2010-01-18 17:39 . 2010-01-18 17:41 737280 ----a-w- c:\windows\iun6002.exe
2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:42 . 2004-08-17 13:49 663040 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:42 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-21 20:41 . 2004-07-17 09:36 11973 ----a-w- c:\windows\system32\drivers\secdrv.sys
2009-12-17 08:00 . 2009-10-18 18:10 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-04-08 20:50 . 2009-10-18 16:15 8463359 ----a-w- c:\program files\Vista-Codec-Package_5.1.9.exe
2009-04-08 20:49 . 2009-10-18 16:15 7278375 ----a-w- c:\program files\XP-Codec-Pack_2.4.6.exe
.

------- Sigcheck -------

[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\sfcfiles.dll
[-] 2007-01-08 . 32870B6F41858B75B2358F143DA9C794 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="e:\games\valve\steam\steam.exe" [2010-02-20 1217872]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"="MSIEXEC" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2009-04-30 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"RTHDCPL"="RTHDCPL.EXE" [2009-03-27 17567744]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-12-08 2166784]
"SunJavaUpdateSched"="e:\programs\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"egui"="e:\programs\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Paulos\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HDDlife.lnk - e:\programs\BinarySense\HDDlife 3\HDDlifePro.exe [2009-8-19 2252440]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
MotionSD STUDIO - SD Browser auto start -.lnk - c:\program files\Panasonic\MotionSD STUDIO\SD_Browser\AutoLauncher.exe [2010-2-20 66952]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Programs\\ICQLite\\ICQLite.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Programs\\gtorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5066:TCP"= 5066:TCP:uthyvhs

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [19.10.2009 18:44 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 3:54 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [8.12.2009 18:22 142592]
R2 ekrn;ESET Service;e:\programs\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [17.7.2009 14:32 3576320]
R2 SbPF.Launcher;SbPF.Launcher;e:\programs\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 6:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;e:\programs\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 6:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [19.10.2009 18:44 65576]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.3.2010 18:39 691696]
S2 grfwx;System Task;c:\windows\system32\svchost.exe -k netsvcs [17.8.2004 14:49 14336]
S2 mmazyqce;gsxdyg;c:\windows\system32\svchost.exe -k netsvcs [17.8.2004 14:49 14336]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [18.10.2009 16:54 1684736]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
mmazyqce
grfwx
.
.
------- Doplňkový sken -------
.
IE: &ICQ Toolbar Search - e:\programs\ICQToolbar\toolbaru.dll/SEARCH.HTML
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - c:\program files\Common Files\BinarySense\hlAPP.dll
FF - ProfilePath - c:\documents and settings\Paulos\Data aplikací\Mozilla\Firefox\Profiles\yadjlszx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: network.proxy.type - 4
FF - plugin: e:\programs\Java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: e:\programs\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: e:\programs\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: e:\programs\Real Alternative\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
e:\programs\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
e:\programs\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
e:\programs\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
e:\programs\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Xvid_is1 - e:\programs\Xvid-\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-16 16:31
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\grfwx]
"ServiceDll"="c:\windows\system32\ifrud.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mmazyqce]
"ServiceDll"="c:\windows\system32\ifrud.dll"
.
Celkový čas: 2010-03-16 16:35:25
ComboFix-quarantined-files.txt 2010-03-16 15:35

Před spuštěním: Volných bajtů: 41 106 243 584
Po spuštění: Volných bajtů: 41 076 293 632

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - E36AD0E71C25129ABF8E38565924E9F8

Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#12 Příspěvek od Caroprd111 »

Obrázek Pokud nemáte, přesuňte Combofix na plochu
  • Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

Kód: Vybrat vše

Driver::
grfwx
mmazyqce

NetSvc::
mmazyqce
grfwx

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5066:TCP"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=-
  • Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
  • Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:

    Obrázek
  • Po aplikaci na Vás vypadne další log,vložte ho sem
Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci



Obrázek Tohle otestujte na http://www.virustotal.com/cs/
c:\windows\system32\sfcfiles.dll
c:\windows\system32\GenSvcInst.exe


(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Obrázek


Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#14 Příspěvek od Caroprd111 »

OK :)

c:\windows\system32\sfcfiles.dll otestujte ještě jednou na virustotal.
Obrázek

Paulos123
Návštěvník
Návštěvník
Příspěvky: 34
Registrován: 02 pro 2006 11:28
Kontaktovat uživatele:

Re: Strašně pomalý pc, cpu zatížený víc než je třeba

#15 Příspěvek od Paulos123 »

ComboFix 10-03-15.06 - Paulos 16.03.2010 17:05:53.2.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1533 [GMT 1:00]
Spuštěný z: c:\documents and settings\Paulos\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Paulos\Plocha\CFScript.txt.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GRFWX
-------\Legacy_MMAZYQCE
-------\Service_grfwx
-------\Service_mmazyqce


((((((((((((((((((((((((( Soubory vytvořené od 2010-02-16 do 2010-03-16 )))))))))))))))))))))))))))))))
.

2010-03-16 13:50 . 2010-03-16 13:50 -------- d-----w- C:\_OTM
2010-03-16 12:27 . 2010-03-16 12:28 -------- d-----w- c:\program files\trend micro
2010-03-16 12:27 . 2010-03-16 12:28 -------- d-----w- C:\rsit
2010-03-02 18:07 . 2010-03-02 18:07 -------- d-----w- c:\windows\Logs
2010-03-02 17:39 . 2010-03-02 17:39 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-20 13:45 . 2006-12-28 20:18 56976 ----a-w- c:\windows\system32\GenSvcInst.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-11 11:03 . 2001-10-25 11:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-03-11 11:03 . 2001-10-25 11:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-03-10 10:13 . 2010-03-10 10:13 -------- d-----w- c:\program files\MSBuild
2010-03-10 10:13 . 2010-03-10 10:13 -------- d-----w- c:\program files\Reference Assemblies
2010-02-20 13:47 . 2010-02-20 13:41 -------- d-----w- c:\program files\Panasonic
2010-02-20 13:45 . 2010-02-20 13:41 -------- d-----w- c:\program files\Common Files\Panasonic
2010-02-20 13:45 . 2009-10-18 13:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-20 13:43 . 2010-02-20 13:41 -------- d-----w- c:\program files\Common Files\CNC
2010-02-20 13:43 . 2010-02-20 13:43 -------- d-----w- c:\program files\Common Files\IviSDK
2010-02-06 00:00 . 2009-12-04 19:15 -------- d-----w- c:\program files\OpenSource Flash Video Splitter
2010-02-04 09:01 . 2010-03-02 19:06 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 09:01 . 2010-03-02 19:06 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 09:01 . 2010-03-02 19:06 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 09:01 . 2010-03-02 19:06 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-02-02 18:00 . 2010-02-06 00:07 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-01-30 13:00 . 2009-12-08 17:22 -------- d-----w- c:\program files\Spyware Terminator
2010-01-18 17:39 . 2010-01-18 17:41 737280 ----a-w- c:\windows\iun6002.exe
2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:42 . 2004-08-17 13:49 663040 ------w- c:\windows\system32\wininet.dll
2009-12-22 05:42 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-21 20:41 . 2004-07-17 09:36 11973 ----a-w- c:\windows\system32\drivers\secdrv.sys
2009-12-17 08:00 . 2009-10-18 18:10 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-04-08 20:50 . 2009-10-18 16:15 8463359 ----a-w- c:\program files\Vista-Codec-Package_5.1.9.exe
2009-04-08 20:49 . 2009-10-18 16:15 7278375 ----a-w- c:\program files\XP-Codec-Pack_2.4.6.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-03-16_15.31.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-16 16:16 . 2010-03-16 16:16 16384 c:\windows\Temp\Perflib_Perfdata_3c0.dat
+ 2010-03-16 16:17 . 2010-03-16 16:17 16384 c:\windows\Temp\Perflib_Perfdata_354.dat
- 2010-03-16 14:56 . 2008-04-13 18:46 18944 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bthusb.sys
- 2010-03-16 14:56 . 2008-04-14 03:21 30208 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bthserv.dll
- 2010-03-16 14:56 . 2008-04-13 18:46 36480 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bthprint.sys
- 2010-03-16 14:56 . 2008-04-13 18:46 37888 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bthmodem.sys
- 2010-03-16 14:55 . 2008-04-13 18:46 17024 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bthenum.sys
- 2010-03-16 14:55 . 2008-04-14 03:21 20992 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bthci.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 78336 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\browsewm.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 77824 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\browser.dll
- 2010-03-16 14:55 . 2008-04-14 02:14 66048 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\browselc.dll
- 2010-03-16 14:55 . 2008-04-13 18:53 71552 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bridge.sys
- 2010-03-16 14:55 . 2008-04-14 03:22 71680 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\blastcln.exe
- 2010-03-16 14:55 . 2008-04-14 03:21 17408 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bidispl.dll
- 2010-03-16 14:55 . 2008-04-13 18:46 11776 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bdasup.sys
- 2010-03-16 14:55 . 2008-04-13 18:36 14208 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\battc.sys
- 2010-03-16 14:55 . 2008-04-14 03:21 29184 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\batmeter.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 52736 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\basesrv.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 84992 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\avifil32.dll
- 2010-03-16 14:55 . 2008-04-13 18:46 13696 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\avcstrm.sys
- 2010-03-16 14:55 . 2008-04-13 18:46 38912 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\avc.sys
- 2010-03-16 14:55 . 2008-04-14 03:22 11264 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\autolfn.exe
- 2010-03-16 14:55 . 2008-04-14 03:21 62464 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\authz.dll
- 2010-03-16 14:55 . 2008-04-14 03:22 16439 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\author.exe
- 2010-03-16 14:55 . 2008-04-14 03:21 20540 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\author.dll
- 2010-03-16 14:55 . 2008-04-14 03:22 14336 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\auditusr.exe
- 2010-03-16 14:55 . 2008-04-14 03:21 42496 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\audiosrv.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 17279 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atv10nt5.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 14143 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atv06nt5.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 25471 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atv04nt5.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 11359 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atv02nt5.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 21183 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atv01nt5.dll
- 2010-03-16 14:55 . 2008-04-14 03:22 12288 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\attrib.exe
- 2010-03-16 14:55 . 2008-04-14 03:21 30208 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atmlib.dll
- 2010-03-16 14:55 . 2008-04-13 18:51 55808 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atmlane.sys
- 2010-03-16 14:55 . 2008-04-13 18:51 59904 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atmarpc.sys
- 2010-03-16 14:55 . 2008-04-14 03:22 11264 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atmadm.exe
- 2010-03-16 14:55 . 2008-04-14 03:21 58880 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atl.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 32768 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ativtmxx.dll
- 2010-03-16 14:55 . 2004-08-03 21:29 63488 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atinxsxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 31744 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atinxbxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 73216 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atintuxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 13824 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atinttxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 28672 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atinsnxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 52224 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atinraxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 14336 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atinpdxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 13824 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atinmdxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 57856 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atinbtxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 34735 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1xsxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 29455 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1xbxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 36463 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1tuxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 21343 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1ttxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 26367 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1snxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 63663 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1rvxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 30671 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1raxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 12047 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1pdxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 11615 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1mdxx.sys
- 2010-03-16 14:55 . 2004-08-03 21:29 56623 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati1btxx.sys
- 2010-03-16 14:55 . 2008-04-13 18:40 96512 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atapi.sys
- 2010-03-16 14:55 . 2008-04-14 03:22 25088 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\at.exe
- 2010-03-16 14:55 . 2008-04-13 18:57 14336 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asyncmac.sys
- 2010-03-16 14:55 . 2008-04-14 03:21 65024 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asycfilt.dll
- 2010-03-16 14:55 . 2008-04-14 03:22 30208 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asr_fmt.exe
- 2010-03-16 14:55 . 2008-04-13 16:10 32768 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aspnet_wp.exe
- 2010-03-16 14:55 . 2008-04-13 16:10 32768 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aspnet_state.exe
- 2010-03-16 14:55 . 2008-04-13 16:10 24576 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aspnet_regiis.exe
- 2010-03-16 14:54 . 2008-04-13 16:09 20480 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aspnet_filter.dll
- 2010-03-16 14:54 . 2008-04-14 03:07 57344 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\70\msft\windows\mswincrt\msvcirt.dll
- 2010-03-16 14:54 . 2008-04-14 03:06 74802 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\60\msft\vcrtl\atl.dll
- 2010-03-16 14:54 . 2008-04-13 18:51 60800 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\arp1394.sys
- 2010-03-16 14:54 . 2004-08-03 21:31 36224 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\an983.sys
- 2010-03-16 14:54 . 2008-04-14 03:21 70656 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\amstream.dll
- 2010-03-16 14:54 . 2008-04-14 02:08 41600 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\amdk7.sys
- 2010-03-16 14:54 . 2008-04-14 02:08 41216 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\amdk6.sys
- 2010-03-16 14:54 . 2008-04-13 18:36 43008 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\amdagp.sys
- 2010-03-16 14:54 . 2008-04-14 03:21 17408 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\alrsvc.dll
- 2010-03-16 14:54 . 2008-04-13 18:36 42752 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\alim1541.sys
- 2010-03-16 14:54 . 2008-04-14 03:22 44544 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\alg.exe
- 2010-03-16 14:54 . 2008-04-14 03:22 98304 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ahui.exe
- 2010-03-16 14:54 . 2008-04-14 03:21 24064 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agtintl.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 20480 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0c0a.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 20992 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0816.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0804.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt041f.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt041d.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0419.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 20480 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0416.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0415.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0414.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 20992 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0413.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0412.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0411.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 20992 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0410.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19968 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt040e.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt040d.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 21504 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt040c.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt040b.dll
- 2010-03-16 14:54 . 2008-04-13 17:32 19968 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0409.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 22016 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0408.dll
- 2010-03-16 14:54 . 2007-04-02 18:26 21504 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0407.dll
- 2010-03-16 14:54 . 2007-04-02 18:25 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0406.dll
- 2010-03-16 14:54 . 2007-04-02 18:25 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0405.dll
- 2010-03-16 14:54 . 2007-04-02 18:25 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0404.dll
- 2010-03-16 14:54 . 2007-04-02 18:25 19456 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agt0401.dll
- 2010-03-16 14:54 . 2008-04-13 18:36 44928 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agpcpq.sys
- 2010-03-16 14:54 . 2008-04-13 18:36 42368 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agp440.sys
- 2010-03-16 14:54 . 2008-04-14 03:21 44032 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agentsr.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 24064 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agentpsh.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 49152 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agentmpx.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 57344 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agentdpv.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 42496 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agentdp2.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 24064 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agentanm.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 68096 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adsmsext.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 43520 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\admwprox.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 61440 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\admparse.dll
- 2010-03-16 14:53 . 2004-08-03 21:32 10880 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\admjoy.sys
- 2010-03-16 14:53 . 2008-04-14 03:22 16439 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\admin.exe
- 2010-03-16 14:53 . 2008-04-14 03:21 20540 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\admin.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 29696 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\admexs.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 98304 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\actxprxy.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 39424 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\acadproc.dll
- 2010-03-16 14:53 . 2004-08-03 21:32 84480 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ac97via.sys
- 2010-03-16 14:53 . 2008-04-13 18:46 48128 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\61883.sys
- 2010-03-16 14:53 . 2008-04-13 18:40 12288 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\4mmdat.sys
- 2010-03-16 14:53 . 2008-04-13 18:46 53376 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\1394bus.sys
- 2010-03-16 14:55 . 2008-04-14 03:21 7168 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bitsprx4.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 7168 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bitsprx3.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 8192 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bitsprx2.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 8704 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\batt.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 3775 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adv11nt5.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 3711 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adv09nt5.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 3135 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adv08nt5.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 3647 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adv07nt5.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 3615 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adv05nt5.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 3967 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adv02nt5.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 4255 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adv01nt5.dll
- 2010-03-16 14:53 . 2008-04-14 03:22 4096 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\actmovie.exe
- 2010-03-16 14:56 . 2008-04-14 02:15 272896 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bthport.sys
- 2010-03-16 14:56 . 2008-04-13 18:51 101120 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bthpan.sys
- 2010-03-16 14:55 . 2008-04-14 03:22 149504 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\bootcfg.exe
- 2010-03-16 14:55 . 2008-04-14 03:21 233472 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\azroles.dll
- 2010-03-16 14:55 . 2008-04-14 03:22 601088 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\autochk.exe
- 2010-03-16 14:55 . 2008-04-14 03:22 592896 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\autofmt.exe
- 2010-03-16 14:55 . 2008-04-14 03:22 614912 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\autoconv.exe
- 2010-03-16 14:55 . 2008-04-14 03:07 285696 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atmfd.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 516768 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ativvaxx.dll
- 2010-03-16 14:55 . 2004-08-03 21:29 104960 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\atinrvxx.sys
- 2010-03-16 14:55 . 2008-04-14 03:21 870784 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati3d1ag.dll
- 2010-03-16 14:55 . 2004-08-17 14:43 701440 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati2mtag.sys
- 2010-03-16 14:55 . 2004-08-17 14:43 326912 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati2mtaa.sys
- 2010-03-16 14:55 . 2008-04-14 03:21 201728 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati2dvag.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 377984 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati2dvaa.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 229376 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati2cqag.dll
- 2010-03-16 14:54 . 2008-04-13 16:09 200704 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aspnet_isapi.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 372736 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asp51.dll
- 2010-03-16 14:54 . 2008-04-14 03:07 343040 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\70\msft\windows\mswincrt\msvcrt.dll
- 2010-03-16 14:54 . 2008-04-14 03:07 401462 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\60\msft\vcrtl\msvcp60.dll
- 2010-03-16 14:54 . 2008-04-14 03:06 995383 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\60\msft\vcrtl\mfc42.dll
- 2010-03-16 14:54 . 2008-04-14 02:32 134656 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\52\msft\windows\net\rtcres\rtcres.dll
- 2010-03-16 14:54 . 2008-04-14 03:06 992256 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\52\msft\windows\net\rtcdll\rtcdll.dll
- 2010-03-16 14:54 . 2008-04-14 03:06 852992 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\52\msft\windows\net\dxmrtp\dxmrtp.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 330752 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aqueue.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 296448 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\appmgr.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 171008 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\appmgmts.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 125952 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\apphelp.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 109056 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\appconf.dll
- 2010-03-16 14:54 . 2008-04-14 03:22 256512 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agentsvr.exe
- 2010-03-16 14:54 . 2008-04-14 03:21 214016 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\agentctl.dll
- 2010-03-16 14:54 . 2008-04-13 19:19 138112 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\afd.sys
- 2010-03-16 14:54 . 2008-04-13 16:39 142592 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aec.sys
- 2010-03-16 14:54 . 2008-04-14 03:21 100352 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\advpack.dll
- 2010-03-16 14:54 . 2008-04-14 03:21 684032 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\advapi32.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 123392 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adsnw.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 263680 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adsnt.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 143360 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adsldpc.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 175616 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adsldp.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 290816 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\adsiis51.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 116224 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\acxtrnal.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 193536 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\activeds.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 245248 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\acspecfc.dll
- 2010-03-16 14:53 . 2008-04-14 02:05 188288 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\acpi.sys
- 2010-03-16 14:53 . 2008-04-14 03:21 116224 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aclui.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 141312 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aclua.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 451072 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aclayers.dll
- 2010-03-16 14:53 . 2008-04-14 03:22 185856 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\accwiz.exe
- 2010-03-16 14:53 . 2004-08-03 21:32 231552 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ac97ali.sys
- 2010-03-16 14:53 . 2008-04-14 03:21 136192 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\aaclient.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 100352 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\6to4svc.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 1025024 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\browseui.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 1888992 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati3duag.dll
- 2010-03-16 14:55 . 2008-04-14 03:21 1057760 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\ati3d2ag.dll
- 2010-03-16 14:54 . 2008-04-14 03:07 1054208 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\60\msft\windows\common\controls\comctl32.dll
- 2010-03-16 14:54 . 2008-04-14 03:06 1011774 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\60\msft\vcrtl\mfc42u.dll
- 2010-03-16 14:54 . 2008-04-14 03:06 1724416 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\asms\10\msft\windows\gdiplus\gdiplus.dll
- 2010-03-16 14:53 . 2008-04-14 03:21 1852928 c:\windows\SoftwareDistribution\Download\ae4ac74864a34bda5a1d4d2ed27ee4c8\acgenral.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="e:\games\valve\steam\steam.exe" [2010-02-20 1217872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2009-04-30 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"RTHDCPL"="RTHDCPL.EXE" [2009-03-27 17567744]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-12-08 2166784]
"SunJavaUpdateSched"="e:\programs\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"egui"="e:\programs\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
MotionSD STUDIO - SD Browser auto start -.lnk - c:\program files\Panasonic\MotionSD STUDIO\SD_Browser\AutoLauncher.exe [2010-2-20 66952]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Programs\\ICQLite\\ICQLite.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Programs\\gtorrent\\uTorrent.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.3.2010 18:39 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [19.10.2009 18:44 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 3:54 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [8.12.2009 18:22 142592]
R2 ekrn;ESET Service;e:\programs\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [17.7.2009 14:32 3576320]
R2 SbPF.Launcher;SbPF.Launcher;e:\programs\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 6:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;e:\programs\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 6:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [19.10.2009 18:44 65576]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [18.10.2009 16:54 1684736]
.
.
------- Doplňkový sken -------
.
IE: &ICQ Toolbar Search - e:\programs\ICQToolbar\toolbaru.dll/SEARCH.HTML
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - c:\program files\Common Files\BinarySense\hlAPP.dll
FF - ProfilePath - c:\documents and settings\Paulos\Data aplikací\Mozilla\Firefox\Profiles\yadjlszx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: network.proxy.type - 4
FF - plugin: e:\programs\Java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: e:\programs\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: e:\programs\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: e:\programs\Real Alternative\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
e:\programs\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
e:\programs\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
e:\programs\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
e:\programs\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
e:\programs\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
e:\programs\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-16 17:18
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x89E3F1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80ecfc3
\Driver\ACPI -> ACPI.sys @ 0xb7e74cb8
\Driver\atapi -> 0x89e3f1f8
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058241c
ParseProcedure -> ntkrnlpa.exe @ 0x8058155c
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058241c
ParseProcedure -> ntkrnlpa.exe @ 0x8058155c
NDIS: Realtek PCIe GBE Family Controller -> SendCompleteHandler -> NDIS.sys @ 0xb7d13ba0
PacketIndicateHandler -> NDIS.sys @ 0xb7d20b21
SendHandler -> NDIS.sys @ 0xb7cfe87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3808)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\browselc.dll
c:\windows\system32\nvapi.dll
e:\programs\WINRAR\rarext.dll
e:\programs\WINRAR\rarlng.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\bgsvcgen.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Common Files\BinarySense\hldasvc.exe
c:\program files\Common Files\BinarySense\hldasvc.exe
e:\programs\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
e:\programs\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-03-16 17:34:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-16 16:34
ComboFix2.txt 2010-03-16 15:35

Před spuštěním: Volných bajtů: 41 055 072 256
Po spuštění: Volných bajtů: 40 987 336 704

- - End Of File - - EF21D03323C9CA2EC995B1A8128D96B6




A na ten soubor sfcfiles.dll


Soubor sfcfiles.dll přijatý 2010.03.16 16:46:34 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: ___.
Odhadovaný čas začátku mezi ___ a ___ .
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.16 -
AhnLab-V3 5.0.0.2 2010.03.16 -
AntiVir 8.2.1.180 2010.03.16 -
Antiy-AVL 2.0.3.7 2010.03.16 -
Authentium 5.2.0.5 2010.03.16 -
Avast 4.8.1351.0 2010.03.16 -
Avast5 5.0.332.0 2010.03.16 -
AVG 9.0.0.787 2010.03.16 -
BitDefender 7.2 2010.03.16 -
CAT-QuickHeal 10.00 2010.03.15 -
ClamAV 0.96.0.0-git 2010.03.16 -
Comodo 4285 2010.03.16 -
DrWeb 5.0.1.12222 2010.03.16 -
eSafe 7.0.17.0 2010.03.16 -
eTrust-Vet 35.2.7365 2010.03.16 -
F-Prot 4.5.1.85 2010.03.16 -
F-Secure 9.0.15370.0 2010.03.16 -
GData 19 2010.03.16 -
Ikarus T3.1.1.80.0 2010.03.16 -
Jiangmin 13.0.900 2010.03.16 -
K7AntiVirus 7.10.998 2010.03.15 -
Kaspersky 7.0.0.125 2010.03.16 -
McAfee 5921 2010.03.15 -
McAfee+Artemis 5921 2010.03.15 -
McAfee-GW-Edition 6.8.5 2010.03.16 -
Microsoft 1.5605 2010.03.16 -
NOD32 4949 2010.03.16 -
Norman 6.04.08 2010.03.16 -
nProtect 2009.1.8.0 2010.03.16 -
Panda 10.0.2.6 2010.03.16 -
PCTools 7.0.3.5 2010.03.15 -
Prevx 3.0 2010.03.16 -
Rising 22.39.01.04 2010.03.16 -
Sophos 4.51.0 2010.03.16 -
Sunbelt 5916 2010.03.16 -
Symantec 20091.2.0.41 2010.03.16 -
TheHacker 6.5.2.0.234 2010.03.16 -
TrendMicro 9.120.0.1004 2010.03.16 -
VBA32 3.12.12.2 2010.03.16 -
ViRobot 2010.3.16.2230 2010.03.16 -
VirusBuster 5.0.27.0 2010.03.16 -
Rozšiřující informace
File size: 1548288 bytes
MD5...: 32870b6f41858b75b2358f143da9c794
SHA1..: aae144aaea6faeb33cb8ffa36610bfb6f8c3bda0
SHA256: 841c178f694ad01f1b387b43d8c82a11c1b128fc83298d2938026554036fb0d1
ssdeep: 3072:mr99o8gaaP3ZlRuuqCC/zqDR2z4yDx8waoaRQ09vqGa9VSaDJpJ8WFU:mgb
aECLzqaDxhy9vqGMSaDH
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x120d
timedatestamp.....: 0x41107c2b (Wed Aug 04 06:03:23 2004)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xcbf 0xe00 5.91 42137068c1332859090f264da2f41dad
.data 0x2000 0x16eb48 0x16ec00 3.27 96a6a64159d72f8bcbd8fe5d2c7a65c6
.rsrc 0x171000 0x418 0x600 2.54 c123fdd41b8b0efeb7beb0a0084a77f0
.reloc 0x172000 0x9a68 0x9c00 5.76 6255caf193acb80badcce29f8698e69c

( 1 imports )
> ntdll.dll: LdrDisableThreadCalloutsForDll, NtClose, NtQueryValueKey, NtOpenKey, RtlInitUnicodeString, RtlGetVersion, NtTerminateProcess, RtlUnhandledExceptionFilter, RtlUnwind, NtQueryVirtualMemory

( 1 exports )
SfcGetFiles
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Windows 2000 System File Checker
original name: sfcfiles.dll
internal name: sfcfiles.dll
file version.: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Odpovědět