Zkus vypnout Bod obnovy, restartuj PC a zase ho zapni (já osobně ho mám vypnutý, protože ve většině případů je nanic)
Ještě se zeptám tu defragmentaci jsi dělal ?
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: kontrola logu
defragmentaci jsem dělal.
To s tim bodem obnovy taky + ještě jsem vše kompletně promazal, ale mam volných jen 1,7 GB.
Kam se to volné místo mohlo ,,ztratit''?
A ještě jedna otázečka: Proč jsem měl v jednu chvíli na systémovém disku volných přes 5 GB???
Rád bych toho zase nějak docílil.
Děkuji
To s tim bodem obnovy taky + ještě jsem vše kompletně promazal, ale mam volných jen 1,7 GB.
Kam se to volné místo mohlo ,,ztratit''?
A ještě jedna otázečka: Proč jsem měl v jednu chvíli na systémovém disku volných přes 5 GB???
Rád bych toho zase nějak docílil.
Děkuji
Re: kontrola logu
No po naší čistce odešlo spousta nepořádku a zbytečností.
To že se místo zase zaplnilo může být třeba aktualizací OS.
To že je PC pomalejší může být právě nedostatkem místa.
Když tak mi sem dej ještě aktuální log z Rsit.
To že se místo zase zaplnilo může být třeba aktualizací OS.
To že je PC pomalejší může být právě nedostatkem místa.
Když tak mi sem dej ještě aktuální log z Rsit.
Re: kontrola logu
tak Ccleaner používám pravidelně, ten toho moc nevymazal. Aktualizace OS mam naschval vypnuté, jinak bych už asi ani nenastartoval PC.
Ale nekecam, asi jeden den jsem měl volných 5GB. To mi je opravdu záhada, jak jsem k tomu dospěl a čím se to zase zaplnilo.
Díky.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Venda at 2011-08-16 23:35:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 2 GB (6%) free of 30 GB
Total RAM: 4061 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:36:10, on 16.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
D:\programy\systemove_programy\Avast\AvastUI.exe
D:\programy\systemove_programy\mozilla_firefox\firefox.exe
D:\programy\systemove_programy\mozilla_firefox\plugin-container.exe
C:\Program Files\trend micro\Venda.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\programy\systemove_programy\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\programy\systemove_programy\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "D:\programy\systemove_programy\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ICQ] "D:\programy\ICQ\ICQ7.5\ICQ.exe" silent loginmode=4
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\programy\ICQ\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\programy\ICQ\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19DEACE8-0A5C-4A6F-8EBA-EE0ECEED4FE1}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{19DEACE8-0A5C-4A6F-8EBA-EE0ECEED4FE1}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{19DEACE8-0A5C-4A6F-8EBA-EE0ECEED4FE1}: NameServer = 156.154.70.25,156.154.71.25
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - D:\programy\systemove_programy\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdagent) - COMODO - D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011 (mitsijm2011) - Unknown owner - D:\programy\Autodesk\Inventor\Inventor_2011\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6349 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"D:\programy\systemove_programy\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
D:\programy\Autodesk\Inventor\Inventor_2011\Moldflow\bin\mitsijm.exe
"D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"D:\programy\systemove_programy\Avast\AvastUI.exe" /nogui
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"D:\programy\systemove_programy\mozilla_firefox\firefox.exe"
"D:\programy\systemove_programy\mozilla_firefox\plugin-container.exe" --channel=4732.f5842e0.562546510 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" "Mozilla.Firefox.5.0" -omnijar D:\programy\systemove_programy\mozilla_firefox\omni.jar 4732 \\.\pipe\gecko-crash-server-pipe.4732 plugin
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Venda\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
=========Mozilla firefox=========
ProfilePath - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.jooo
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {097d3191-e6fa-4728-9826-b533d755359d}:0.7.12, {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2, smarterwiki@wikiatic.com:4.1.8, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.13, {43c35458-c907-439b-bcfd-07d373834689}:2.2.1, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009, fdm_ffext@freedownloadmanager.org:1.3.4, {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2, wrc@avast.com:20110101, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.9]
"Description"=VLC Multimedia Plugin
"Path"=D:\programy\video_programy\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\programy\Adobe_Reader\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
D:\programy\systemove_programy\mozilla_firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
D:\programy\systemove_programy\mozilla_firefox\components\
binary.manifest
browsercomps.dll
nsRLCT4Player.xpt
D:\programy\systemove_programy\mozilla_firefox\plugins\
CrazyTalk4Native.dll
ctdomemhelper.dll
ctframeplayerobject.dll
ctplayerobject.dll
imagickrt.dll
NPOFF12.DLL
nppdf32.dll
npRLCT4Player.dll
npwachk.dll
rlcontentclass.dll
RLMusicPacker.dll
RLMusicUnpacker.dll
RLVoicePacker.dll
RLVoiceUnpacker.dll
D:\programy\systemove_programy\mozilla_firefox\searchplugins\
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.jooo\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{43c35458-c907-439b-bcfd-07d373834689}
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - D:\programy\systemove_programy\Avast\aswWebRepIE64.dll [2011-07-04 978496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - D:\programy\systemove_programy\Avast\aswWebRepIE.dll [2011-07-04 820864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - D:\programy\systemove_programy\Avast\aswWebRepIE64.dll [2011-07-04 978496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - D:\programy\systemove_programy\Avast\aswWebRepIE.dll [2011-07-04 820864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cfp.exe [2011-07-05 9048392]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-10-31 1657128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=D:\programy\ICQ\ICQ7.5\ICQ.exe [2011-08-01 124480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\programy\Adobe_Reader\Reader\Reader_sl.exe [2011-06-08 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\programy\systemove_programy\DAEMON\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
D:\programy\systemove_programy\DellWebcam\Dell Webcam Central\WebcamDell.exe [2008-11-11 442536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
D:\programy\video_programy\PowerDVD DX\PDVDDXSrv.exe [2010-01-07 140520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=D:\programy\systemove_programy\Avast\avastUI.exe [2011-07-04 3493720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-05-09 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2011-08-16 23:35:39 ----D---- C:\rsit
2011-08-16 09:36:19 ----ASH---- C:\pagefile.sys
2011-08-12 17:47:08 ----SHD---- C:\$RECYCLE.BIN
2011-08-11 11:22:45 ----D---- C:\Windows\temp
2011-08-09 22:35:19 ----D---- C:\Users\Venda\AppData\Roaming\Malwarebytes
2011-08-09 22:34:53 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-08-09 22:34:52 ----D---- C:\ProgramData\Malwarebytes
2011-08-09 22:34:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-08-07 18:36:21 ----D---- C:\Users\Venda\AppData\Roaming\dvdcss
2011-08-07 14:01:22 ----D---- C:\Program Files\trend micro
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\WMWizard.dll
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\W9XdInst.dll
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\W9xDAPI.dll
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\LWCtPl.dll
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\drivers\LUsbSys.sys
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\drivers\LHidLo.sys
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\drivers\LHidHi.sys
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\drivers\ihidfilt.sys
2011-08-02 22:52:00 ----A---- C:\Windows\SYSWOW64\WmJoyFrc.dll
2011-08-02 22:52:00 ----A---- C:\Windows\SYSWOW64\LFLoad.sys
======List of files/folders modified in the last 1 month======
2011-08-16 23:36:05 ----D---- C:\Windows\Prefetch
2011-08-16 22:11:28 ----D---- C:\Users\Venda\AppData\Roaming\ICQ
2011-08-16 12:40:10 ----D---- C:\Users\Venda\AppData\Roaming\MiniLyrics
2011-08-16 12:33:28 ----D---- C:\Windows\system32\config
2011-08-16 12:11:48 ----SHD---- C:\System Volume Information
2011-08-16 12:07:57 ----D---- C:\Windows
2011-08-14 12:27:00 ----D---- C:\Windows\system32\drivers
2011-08-13 10:18:31 ----D---- C:\Users\Venda\AppData\Roaming\IDM
2011-08-12 20:31:59 ----D---- C:\Users\Venda\AppData\Roaming\DMCache
2011-08-12 17:41:22 ----A---- C:\Windows\system.ini
2011-08-12 17:41:03 ----D---- C:\Windows\system32\drivers\etc
2011-08-12 17:38:25 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-12 17:38:25 ----D---- C:\Windows\SysWOW64
2011-08-12 17:38:25 ----D---- C:\Windows\System32
2011-08-12 17:38:25 ----D---- C:\Windows\AppPatch
2011-08-12 17:38:24 ----D---- C:\Program Files\Common Files
2011-08-12 17:38:24 ----D---- C:\Program Files (x86)\Common Files
2011-08-10 22:46:59 ----D---- C:\Users\Venda\AppData\Roaming\uTorrent
2011-08-10 17:30:29 ----D---- C:\Windows\Downloaded Program Files
2011-08-09 22:34:52 ----D---- C:\ProgramData
2011-08-09 11:49:47 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-08-07 14:01:22 ----RD---- C:\Program Files
2011-08-03 00:07:33 ----D---- C:\Windows\inf
2011-08-03 00:07:29 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-08-02 23:49:23 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-08-02 22:52:38 ----D---- C:\Windows\system32\DriverStore
2011-08-02 22:52:38 ----D---- C:\Windows\system32\catroot
2011-08-02 15:03:45 ----D---- C:\Windows\system32\NDF
2011-08-01 02:08:24 ----D---- C:\Windows\system32\catroot2
2011-07-27 22:42:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-27 22:27:37 ----SD---- C:\Users\Venda\AppData\Roaming\Microsoft
2011-07-25 18:47:20 ----RD---- C:\Program Files (x86)
2011-07-24 17:53:42 ----D---- C:\ProgramData\Spyware Terminator
2011-07-24 12:40:35 ----D---- C:\Users\Venda\AppData\Roaming\Spyware Terminator
2011-07-18 11:25:07 ----D---- C:\Users\Venda\AppData\Roaming\XnView
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-05-13 513080]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 31064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 600920]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 288088]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 45400]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-07-05 252344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-07-05 41712]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-07-05 92688]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2011/05/14 18:56:04]; \??\D:\programy\video_programy\PowerDVD DX\000.fcl [2010-01-07 146928]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 64856]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2008-10-28 160704]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-13 254528]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-10-31 261680]
S3 anwu0nl5;anwu0nl5; C:\Windows\system32\drivers\anwu0nl5.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 avast! Antivirus;avast! Antivirus; D:\programy\systemove_programy\Avast\AvastSvc.exe [2011-07-04 42184]
R2 cmdagent;COMODO Internet Security Helper Service; D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cmdagent.exe [2011-07-05 2528096]
R2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011; D:\programy\Autodesk\Inventor\Inventor_2011\Moldflow\bin\mitsijm.exe [2011-04-09 678208]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe [2011-06-29 948775]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-05-10 1436424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-09 1255736]
-----------------EOF-----------------
Ale nekecam, asi jeden den jsem měl volných 5GB. To mi je opravdu záhada, jak jsem k tomu dospěl a čím se to zase zaplnilo.
Díky.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Venda at 2011-08-16 23:35:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 2 GB (6%) free of 30 GB
Total RAM: 4061 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:36:10, on 16.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
D:\programy\systemove_programy\Avast\AvastUI.exe
D:\programy\systemove_programy\mozilla_firefox\firefox.exe
D:\programy\systemove_programy\mozilla_firefox\plugin-container.exe
C:\Program Files\trend micro\Venda.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\programy\systemove_programy\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\programy\systemove_programy\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "D:\programy\systemove_programy\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ICQ] "D:\programy\ICQ\ICQ7.5\ICQ.exe" silent loginmode=4
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\programy\ICQ\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\programy\ICQ\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19DEACE8-0A5C-4A6F-8EBA-EE0ECEED4FE1}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{19DEACE8-0A5C-4A6F-8EBA-EE0ECEED4FE1}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{19DEACE8-0A5C-4A6F-8EBA-EE0ECEED4FE1}: NameServer = 156.154.70.25,156.154.71.25
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - D:\programy\systemove_programy\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdagent) - COMODO - D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011 (mitsijm2011) - Unknown owner - D:\programy\Autodesk\Inventor\Inventor_2011\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6349 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"D:\programy\systemove_programy\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
D:\programy\Autodesk\Inventor\Inventor_2011\Moldflow\bin\mitsijm.exe
"D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"D:\programy\systemove_programy\Avast\AvastUI.exe" /nogui
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"D:\programy\systemove_programy\mozilla_firefox\firefox.exe"
"D:\programy\systemove_programy\mozilla_firefox\plugin-container.exe" --channel=4732.f5842e0.562546510 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" "Mozilla.Firefox.5.0" -omnijar D:\programy\systemove_programy\mozilla_firefox\omni.jar 4732 \\.\pipe\gecko-crash-server-pipe.4732 plugin
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Venda\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
=========Mozilla firefox=========
ProfilePath - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.jooo
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {097d3191-e6fa-4728-9826-b533d755359d}:0.7.12, {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2, smarterwiki@wikiatic.com:4.1.8, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.13, {43c35458-c907-439b-bcfd-07d373834689}:2.2.1, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009, fdm_ffext@freedownloadmanager.org:1.3.4, {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2, wrc@avast.com:20110101, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.9]
"Description"=VLC Multimedia Plugin
"Path"=D:\programy\video_programy\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\programy\Adobe_Reader\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
D:\programy\systemove_programy\mozilla_firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
D:\programy\systemove_programy\mozilla_firefox\components\
binary.manifest
browsercomps.dll
nsRLCT4Player.xpt
D:\programy\systemove_programy\mozilla_firefox\plugins\
CrazyTalk4Native.dll
ctdomemhelper.dll
ctframeplayerobject.dll
ctplayerobject.dll
imagickrt.dll
NPOFF12.DLL
nppdf32.dll
npRLCT4Player.dll
npwachk.dll
rlcontentclass.dll
RLMusicPacker.dll
RLMusicUnpacker.dll
RLVoicePacker.dll
RLVoiceUnpacker.dll
D:\programy\systemove_programy\mozilla_firefox\searchplugins\
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.jooo\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{43c35458-c907-439b-bcfd-07d373834689}
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - D:\programy\systemove_programy\Avast\aswWebRepIE64.dll [2011-07-04 978496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - D:\programy\systemove_programy\Avast\aswWebRepIE.dll [2011-07-04 820864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - D:\programy\systemove_programy\Avast\aswWebRepIE64.dll [2011-07-04 978496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - D:\programy\systemove_programy\Avast\aswWebRepIE.dll [2011-07-04 820864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cfp.exe [2011-07-05 9048392]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-10-31 1657128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=D:\programy\ICQ\ICQ7.5\ICQ.exe [2011-08-01 124480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\programy\Adobe_Reader\Reader\Reader_sl.exe [2011-06-08 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\programy\systemove_programy\DAEMON\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
D:\programy\systemove_programy\DellWebcam\Dell Webcam Central\WebcamDell.exe [2008-11-11 442536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
D:\programy\video_programy\PowerDVD DX\PDVDDXSrv.exe [2010-01-07 140520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=D:\programy\systemove_programy\Avast\avastUI.exe [2011-07-04 3493720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-05-09 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2011-08-16 23:35:39 ----D---- C:\rsit
2011-08-16 09:36:19 ----ASH---- C:\pagefile.sys
2011-08-12 17:47:08 ----SHD---- C:\$RECYCLE.BIN
2011-08-11 11:22:45 ----D---- C:\Windows\temp
2011-08-09 22:35:19 ----D---- C:\Users\Venda\AppData\Roaming\Malwarebytes
2011-08-09 22:34:53 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-08-09 22:34:52 ----D---- C:\ProgramData\Malwarebytes
2011-08-09 22:34:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-08-07 18:36:21 ----D---- C:\Users\Venda\AppData\Roaming\dvdcss
2011-08-07 14:01:22 ----D---- C:\Program Files\trend micro
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\WMWizard.dll
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\W9XdInst.dll
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\W9xDAPI.dll
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\LWCtPl.dll
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\drivers\LUsbSys.sys
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\drivers\LHidLo.sys
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\drivers\LHidHi.sys
2011-08-02 22:52:01 ----A---- C:\Windows\SYSWOW64\drivers\ihidfilt.sys
2011-08-02 22:52:00 ----A---- C:\Windows\SYSWOW64\WmJoyFrc.dll
2011-08-02 22:52:00 ----A---- C:\Windows\SYSWOW64\LFLoad.sys
======List of files/folders modified in the last 1 month======
2011-08-16 23:36:05 ----D---- C:\Windows\Prefetch
2011-08-16 22:11:28 ----D---- C:\Users\Venda\AppData\Roaming\ICQ
2011-08-16 12:40:10 ----D---- C:\Users\Venda\AppData\Roaming\MiniLyrics
2011-08-16 12:33:28 ----D---- C:\Windows\system32\config
2011-08-16 12:11:48 ----SHD---- C:\System Volume Information
2011-08-16 12:07:57 ----D---- C:\Windows
2011-08-14 12:27:00 ----D---- C:\Windows\system32\drivers
2011-08-13 10:18:31 ----D---- C:\Users\Venda\AppData\Roaming\IDM
2011-08-12 20:31:59 ----D---- C:\Users\Venda\AppData\Roaming\DMCache
2011-08-12 17:41:22 ----A---- C:\Windows\system.ini
2011-08-12 17:41:03 ----D---- C:\Windows\system32\drivers\etc
2011-08-12 17:38:25 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-12 17:38:25 ----D---- C:\Windows\SysWOW64
2011-08-12 17:38:25 ----D---- C:\Windows\System32
2011-08-12 17:38:25 ----D---- C:\Windows\AppPatch
2011-08-12 17:38:24 ----D---- C:\Program Files\Common Files
2011-08-12 17:38:24 ----D---- C:\Program Files (x86)\Common Files
2011-08-10 22:46:59 ----D---- C:\Users\Venda\AppData\Roaming\uTorrent
2011-08-10 17:30:29 ----D---- C:\Windows\Downloaded Program Files
2011-08-09 22:34:52 ----D---- C:\ProgramData
2011-08-09 11:49:47 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-08-07 14:01:22 ----RD---- C:\Program Files
2011-08-03 00:07:33 ----D---- C:\Windows\inf
2011-08-03 00:07:29 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-08-02 23:49:23 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-08-02 22:52:38 ----D---- C:\Windows\system32\DriverStore
2011-08-02 22:52:38 ----D---- C:\Windows\system32\catroot
2011-08-02 15:03:45 ----D---- C:\Windows\system32\NDF
2011-08-01 02:08:24 ----D---- C:\Windows\system32\catroot2
2011-07-27 22:42:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-27 22:27:37 ----SD---- C:\Users\Venda\AppData\Roaming\Microsoft
2011-07-25 18:47:20 ----RD---- C:\Program Files (x86)
2011-07-24 17:53:42 ----D---- C:\ProgramData\Spyware Terminator
2011-07-24 12:40:35 ----D---- C:\Users\Venda\AppData\Roaming\Spyware Terminator
2011-07-18 11:25:07 ----D---- C:\Users\Venda\AppData\Roaming\XnView
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-05-13 513080]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 31064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 600920]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 288088]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 45400]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-07-05 252344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-07-05 41712]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-07-05 92688]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2011/05/14 18:56:04]; \??\D:\programy\video_programy\PowerDVD DX\000.fcl [2010-01-07 146928]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 64856]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2008-10-28 160704]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-13 254528]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-10-31 261680]
S3 anwu0nl5;anwu0nl5; C:\Windows\system32\drivers\anwu0nl5.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 avast! Antivirus;avast! Antivirus; D:\programy\systemove_programy\Avast\AvastSvc.exe [2011-07-04 42184]
R2 cmdagent;COMODO Internet Security Helper Service; D:\programy\systemove_programy\firewall\ComodoFirewall\COMODO\COMODO Internet Security\cmdagent.exe [2011-07-05 2528096]
R2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011; D:\programy\Autodesk\Inventor\Inventor_2011\Moldflow\bin\mitsijm.exe [2011-04-09 678208]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe [2011-06-29 948775]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-05-10 1436424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-09 1255736]
-----------------EOF-----------------
Re: kontrola logu
Žádní šmejdi tam už nejsou tak že tím to nebude.
Pravděpodobně to bude dělat Bod obnovy a z toho plyne, buď to risknout a jet bez něj
nebo snížit velikost místa kterou na to potřebuje a nebo místo si uvolnit sám přesunutím
některých věcí třeba na jiný disk.
Pravděpodobně to bude dělat Bod obnovy a z toho plyne, buď to risknout a jet bez něj
nebo snížit velikost místa kterou na to potřebuje a nebo místo si uvolnit sám přesunutím
některých věcí třeba na jiný disk.
Re: kontrola logu
Děkuji za pomoc.
Přispějete na provoz fóra?