Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalil se mi start PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
drixim
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 03 pro 2009 06:38
Bydliště: Vysočina
Kontaktovat uživatele:
Kontaktovat uživatele drixim

Zpomalil se mi start PC

#1 Příspěvek od drixim »

Dobrý den
přikládám log svého PC, který se mi při vypínání i startu neuvěřitelně zpomalil - každá akce cca 5min.
Děkuji předem.
LOG 1
Logfile of random's system information tool 1.08 (written by random/random)
Run by Bobek at 2010-09-21 13:05:10
Microsoft Windows 7 Ultimate
System drive C: has 380 GB (65%) free of 583 GB
Total RAM: 6133 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:05:24, on 21.9.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal

Running processes:
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Bobek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://extranet.cpas.cz/CookieAuth.dll ... &formdir=3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Kwyshell MidpX BHO - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Softonic English FF Toolbar - {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files (x86)\Softonic_English_FF\tbSoft.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Softonic English FF Toolbar - {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files (x86)\Softonic_English_FF\tbSoft.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Link to &MidpX - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2D06158FAC79A790.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://kdp.cpas.cz/EXT_FA/modules/smsx.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {29E333D2-AD69-41A7-82B3-25606ACF97FA} (KDP600.CsSysInfo Class) - https://kdp.cpas.cz/EXT_FA/modules/modules.cab
O16 - DPF: {6480028B-090D-40B2-92ED-A97015AA98BB} (KDP400.CsXML XStgPath Class) - https://kdp.cpas.cz/EXT_FA/modules/modules.cab
O16 - DPF: {6D484870-65FC-4AD5-8788-2C8F28A79416} (KDP400.CsXML CsSign Class) - https://kdp.cpas.cz/EXT_FA/modules/modules.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {BCCDF398-8835-4A2C-978A-31148A6CC3BE} (KDP400.CsXML XRtData Class) - https://kdp.cpas.cz/EXT_FA/modules/modules.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5176AF4-CC0D-408B-92CD-AF482DCA83A0} (KDP400.CsXML CsXML Class) - https://kdp.cpas.cz/EXT_FA/modules/modules.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASO3DiskOptimizer - Systweak Inc. - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files (x86)\Clarus\Samsung SecretZone\MSSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: Prime95 Service - Unknown owner - C:\Program Files (x86)\Prime95\prime95.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18202 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Alwil Software\Avast5\afwServ.exe"
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {ACE5C85B-DDFD-4C6D-8585-368586C92EBE}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe" -service
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
C:\Windows\AutoKMS.exe
"C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe"
C:\Windows\system32\CISVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe" -s
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Clarus\Samsung SecretZone\MSSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
cmd /c ""C:\ProgramData\AutoKMS\AutoKMS.cmd" "
\??\C:\Windows\system32\conhost.exe
cscript //nologo "C:\ProgramData\AutoKMS\Resources\LicenseManagement\OSPP.VBS" /sethst:127.0.0.1
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\System32\tcpsvcs.exe
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe" /TUStart /pid:3592
WLIDSvcM.exe 3652
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe" -s
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-17d1dc0b-9573-47f5-a217-0a15a643bc8b -SystemEventPortName:HostProcess-cc6961f7-10fb-472e-92c5-ff0a36ddb8fd -IoCancelEventPortName:HostProcess-4727e3bd-8099-4e40-98e6-7ad6740acfda -NonStateChangingEventPortName:HostProcess-760b4db2-79a8-4d11-9227-00db232abc16 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6d76f061-58bf-448e-aef0-4bc5ab9d220e
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=DnsImpact/_max_500ms_queue_prefetch/GlobalSdch/_global_enable_sdch/SocketLateBinding/_enable_late_binding/ --channel=5616.95c1c0.1414925303
"C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=DnsImpact/_max_500ms_queue_prefetch/GlobalSdch/_global_enable_sdch/SocketLateBinding/_enable_late_binding/ --channel=5616.94f460.1360611063
"C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=DnsImpact/_max_500ms_queue_prefetch/GlobalSdch/_global_enable_sdch/SocketLateBinding/_enable_late_binding/ --channel=5616.94f540.1316724099
"C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=DnsImpact/_max_500ms_queue_prefetch/GlobalSdch/_global_enable_sdch/SocketLateBinding/_enable_late_binding/ --channel=5616.95cd20.1723311360
"C:\Users\Bobek\AppData\Local\Google\Chrome\Application\chrome.exe" --lang=cs --plugin-data-dir="C:\Users\Bobek\AppData\Local\Google\Chrome\User Data\Default" --type=plugin --channel=5616.6ac3c60.581474542 --plugin-path=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
taskhost.exe $(Arg0)
"C:\Users\Bobek\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Daily 1).job
C:\Windows\tasks\Ad-Aware Update (Daily 2).job
C:\Windows\tasks\Ad-Aware Update (Daily 3).job
C:\Windows\tasks\Ad-Aware Update (Daily 4).job
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-06 132448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-09-17 391344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25 202080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-17 292528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}]
Kwyshell MidpX - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffa0793e-3980-4be4-8234-048fa665f700}]
Softonic English FF Toolbar - C:\Program Files (x86)\Softonic_English_FF\tbSoft.dll [2009-11-09 2331672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-09-17 391344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]
{ffa0793e-3980-4be4-8234-048fa665f700} - Softonic English FF Toolbar - C:\Program Files (x86)\Softonic_English_FF\tbSoft.dll [2009-11-09 2331672]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25 1496408]
{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - Kwyshell MidpX - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-17 292528]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-07-06 1833504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-06-19 640440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-09-08 47904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bluebirds]
C:\Users\Bobek\Bluebirds\BlueBirds.exe [2009-04-29 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-02-24 385928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2009-11-09 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender User Interface]
C:\Program Files\Windows Defender\MSASCui.exe [2009-07-14 961024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Bobek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk]
C:\PROGRA~2\Clarus\SAMSUN~1\ISFGuage.exe [2009-05-15 888832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-09-08 47904]
""= []
"TrojanScanner"=C:\Program Files (x86)\Trojan Remover\Trjscan.exe [2009-08-04 1068424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-09-21 13:05:10 ----D---- C:\rsit
2010-09-21 13:05:10 ----D---- C:\Program Files\trend micro
2010-09-21 12:38:40 ----A---- C:\Windows\SYSWOW64\ztvunrar36.dll
2010-09-21 12:38:40 ----A---- C:\Windows\SYSWOW64\ztvunace26.dll
2010-09-21 12:38:40 ----A---- C:\Windows\SYSWOW64\ztvcabinet.dll
2010-09-21 12:38:40 ----A---- C:\Windows\SYSWOW64\UNRAR3.dll
2010-09-21 12:38:40 ----A---- C:\Windows\SYSWOW64\unacev2.dll
2010-09-21 12:38:39 ----D---- C:\Users\Bobek\AppData\Roaming\Simply Super Software
2010-09-21 12:38:39 ----D---- C:\ProgramData\Simply Super Software
2010-09-21 12:38:39 ----D---- C:\Program Files (x86)\Trojan Remover
2010-09-21 08:38:10 ----D---- C:\Program Files (x86)\QuickTime
2010-09-20 23:57:18 ----D---- C:\Program Files\Yamicsoft
2010-09-20 19:47:13 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2010-09-19 06:57:25 ----D---- C:\Users\Bobek\AppData\Roaming\Smart PC Solutions
2010-09-19 06:55:36 ----D---- C:\Program Files (x86)\Smart PC Solutions
2010-09-17 20:59:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2010-09-17 20:59:42 ----A---- C:\Windows\SYSWOW64\inseng.dll
2010-09-17 20:59:42 ----A---- C:\Windows\system32\jscript9.dll
2010-09-17 20:59:42 ----A---- C:\Windows\system32\jscript.dll
2010-09-17 20:59:42 ----A---- C:\Windows\system32\inseng.dll
2010-09-17 20:59:41 ----A---- C:\Windows\SYSWOW64\jscript.dll
2010-09-17 20:59:41 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2010-09-17 20:59:41 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2010-09-17 20:59:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2010-09-17 20:59:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-09-17 20:59:41 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2010-09-17 20:59:41 ----A---- C:\Windows\system32\imgutil.dll
2010-09-17 20:59:41 ----A---- C:\Windows\system32\iexpress.exe
2010-09-17 20:59:41 ----A---- C:\Windows\system32\ieUnatt.exe
2010-09-17 20:59:41 ----A---- C:\Windows\system32\ieui.dll
2010-09-17 20:59:41 ----A---- C:\Windows\system32\iesysprep.dll
2010-09-17 20:59:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-09-17 20:59:39 ----A---- C:\Windows\SYSWOW64\mshta.exe
2010-09-17 20:59:39 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-09-17 20:59:39 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-09-17 20:59:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-09-17 20:59:39 ----A---- C:\Windows\system32\mshtml.dll
2010-09-17 20:59:39 ----A---- C:\Windows\system32\mshta.exe
2010-09-17 20:59:39 ----A---- C:\Windows\system32\msfeedssync.exe
2010-09-17 20:59:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-09-17 20:59:39 ----A---- C:\Windows\system32\msfeeds.dll
2010-09-17 20:59:38 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-09-17 20:59:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-09-17 20:59:38 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2010-09-17 20:59:38 ----A---- C:\Windows\system32\licmgr10.dll
2010-09-17 20:59:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-09-17 20:59:38 ----A---- C:\Windows\system32\IEAdvpack.dll
2010-09-17 20:59:38 ----A---- C:\Windows\system32\ie4uinit.exe
2010-09-17 20:59:37 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2010-09-17 20:59:37 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2010-09-17 20:59:37 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2010-09-17 20:59:37 ----A---- C:\Windows\system32\ieakui.dll
2010-09-17 20:59:36 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2010-09-17 20:59:36 ----A---- C:\Windows\SYSWOW64\icardie.dll
2010-09-17 20:59:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2010-09-17 20:59:36 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2010-09-17 20:59:36 ----A---- C:\Windows\SYSWOW64\admparse.dll
2010-09-17 20:59:36 ----A---- C:\Windows\system32\ieaksie.dll
2010-09-17 20:59:36 ----A---- C:\Windows\system32\ieakeng.dll
2010-09-17 20:59:36 ----A---- C:\Windows\system32\icardie.dll
2010-09-17 20:59:36 ----A---- C:\Windows\system32\dxtrans.dll
2010-09-17 20:59:36 ----A---- C:\Windows\system32\dxtmsft.dll
2010-09-17 20:59:36 ----A---- C:\Windows\system32\admparse.dll
2010-09-17 20:59:34 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-09-17 20:59:34 ----A---- C:\Windows\system32\iepeers.dll
2010-09-17 20:59:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2010-09-17 20:59:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-09-17 20:59:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2010-09-17 20:59:31 ----A---- C:\Windows\system32\iesetup.dll
2010-09-17 20:59:31 ----A---- C:\Windows\system32\iertutil.dll
2010-09-17 20:59:31 ----A---- C:\Windows\system32\iernonce.dll
2010-09-17 20:59:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-09-17 20:59:27 ----A---- C:\Windows\system32\iedkcs32.dll
2010-09-17 20:59:27 ----A---- C:\Windows\system32\ieapfltr.dll
2010-09-17 20:59:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-09-17 20:59:26 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2010-09-17 20:59:26 ----A---- C:\Windows\system32\ieframe.dll
2010-09-17 20:59:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2010-09-17 20:59:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-09-17 20:59:25 ----A---- C:\Windows\SYSWOW64\url.dll
2010-09-17 20:59:25 ----A---- C:\Windows\system32\vbscript.dll
2010-09-17 20:59:25 ----A---- C:\Windows\system32\urlmon.dll
2010-09-17 20:59:25 ----A---- C:\Windows\system32\url.dll
2010-09-17 20:59:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-09-17 20:59:24 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2010-09-17 20:59:24 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2010-09-17 20:59:24 ----A---- C:\Windows\system32\wininet.dll
2010-09-17 20:59:24 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-09-17 20:59:24 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-09-17 20:59:23 ----A---- C:\Windows\SYSWOW64\wextract.exe
2010-09-17 20:59:23 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2010-09-17 20:59:23 ----A---- C:\Windows\SYSWOW64\occache.dll
2010-09-17 20:59:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2010-09-17 20:59:23 ----A---- C:\Windows\SYSWOW64\msls31.dll
2010-09-17 20:59:23 ----A---- C:\Windows\system32\wextract.exe
2010-09-17 20:59:23 ----A---- C:\Windows\system32\webcheck.dll
2010-09-17 20:59:23 ----A---- C:\Windows\system32\occache.dll
2010-09-17 20:59:23 ----A---- C:\Windows\system32\msrating.dll
2010-09-17 20:59:23 ----A---- C:\Windows\system32\mshtmled.dll
2010-09-17 20:59:22 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2010-09-17 20:59:22 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-09-17 20:59:22 ----A---- C:\Windows\system32\msls31.dll
2010-09-17 20:59:22 ----A---- C:\Windows\system32\mshtmler.dll
2010-09-17 20:59:21 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2010-09-17 20:59:21 ----A---- C:\Windows\system32\pngfilt.dll
2010-09-17 20:57:58 ----A---- C:\Windows\system32\mfps.dll
2010-09-17 20:57:57 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2010-09-17 20:57:57 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2010-09-17 20:57:57 ----A---- C:\Windows\system32\WMVDECOD.DLL
2010-09-17 20:57:57 ----A---- C:\Windows\system32\mfreadwrite.dll
2010-09-17 20:57:56 ----A---- C:\Windows\system32\mf.dll
2010-09-17 20:57:55 ----A---- C:\Windows\SYSWOW64\mf.dll
2010-09-17 20:56:35 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2010-09-17 20:56:35 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2010-09-17 20:56:35 ----A---- C:\Windows\system32\d2d1.dll
2010-09-17 20:56:34 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2010-09-17 20:56:34 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2010-09-17 20:56:34 ----A---- C:\Windows\system32\FntCache.dll
2010-09-17 20:56:34 ----A---- C:\Windows\system32\DWrite.dll
2010-09-17 20:56:34 ----A---- C:\Windows\system32\d3d10warp.dll
2010-09-17 20:56:34 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-09-17 20:55:14 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2010-09-17 20:55:14 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-09-17 20:55:14 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-09-17 20:55:13 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2010-09-17 20:53:38 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-09-17 20:53:37 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2010-09-17 20:51:18 ----D---- C:\Program Files (x86)\Feedback Tool
2010-09-17 14:42:24 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2010-09-17 14:42:24 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2010-09-17 14:42:24 ----A---- C:\Windows\system32\uxtuneup.dll
2010-09-17 14:42:24 ----A---- C:\Windows\system32\authuitu.dll
2010-09-17 00:44:23 ----D---- C:\ProgramData\Elaborate Bytes
2010-09-17 00:43:28 ----D---- C:\Program Files (x86)\Elaborate Bytes
2010-09-17 00:11:36 ----A---- C:\Windows\SYSWOW64\systeminfo3.dll
2010-09-15 20:15:08 ----D---- C:\Program Files (x86)\Photosynth
2010-09-15 20:00:47 ----D---- C:\Program Files (x86)\MSECache
2010-09-14 22:06:28 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-14 21:49:23 ----D---- C:\Program Files (x86)\Microsoft Works
2010-09-14 21:48:46 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2010-09-14 21:48:20 ----D---- C:\Windows\PCHEALTH
2010-09-14 21:46:34 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-09-14 21:46:00 ----D---- C:\Program Files (x86)\Microsoft Office
2010-09-14 21:45:02 ----RHD---- C:\MSOCache
2010-09-14 21:04:42 ----A---- C:\Windows\AutoKMS.exe
2010-09-14 20:55:24 ----D---- C:\ProgramData\AutoKMS
2010-09-14 18:25:40 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-09-14 18:25:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-09-14 18:25:37 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2010-09-14 18:25:35 ----A---- C:\Windows\system32\drivers\aswFW.sys
2010-09-14 18:25:13 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-09-14 18:25:13 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2010-09-14 18:25:11 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-09-14 18:25:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-09-14 18:24:54 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2010-09-14 18:24:50 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-09-14 07:35:22 ----D---- C:\Program Files (x86)\WinAVI Video Converter
2010-09-07 08:57:49 ----D---- C:\Program Files\iTunes
2010-09-07 08:57:49 ----D---- C:\Program Files\iPod
2010-09-07 08:57:49 ----D---- C:\Program Files (x86)\iTunes
2010-09-06 14:30:34 ----D---- C:\Users\Bobek\AppData\Roaming\Leadertech
2010-09-02 21:26:36 ----D---- C:\Windows\SYSWOW64\drivers\uk-UA
2010-09-02 21:26:28 ----D---- C:\Windows\uk-UA
2010-09-02 21:26:27 ----D---- C:\Windows\system32\drivers\uk-UA
2010-09-02 21:19:31 ----D---- C:\Windows\lv-LV
2010-09-02 21:19:23 ----D---- C:\Windows\SYSWOW64\drivers\lv-LV
2010-09-02 21:19:14 ----D---- C:\Windows\system32\drivers\lv-LV
2010-09-02 21:12:30 ----D---- C:\Windows\SYSWOW64\zh-CHT
2010-09-02 21:12:13 ----D---- C:\Windows\SYSWOW64\drivers\zh-TW
2010-09-02 21:12:07 ----D---- C:\Windows\zh-TW
2010-09-02 21:12:04 ----D---- C:\Windows\system32\zh-CHT
2010-09-02 21:11:46 ----D---- C:\Windows\system32\drivers\zh-TW
2010-09-02 21:11:46 ----D---- C:\Windows\system32\drivers\zh-HK
2010-09-02 21:00:49 ----D---- C:\Windows\SYSWOW64\es
2010-09-02 21:00:49 ----D---- C:\Windows\SYSWOW64\drivers\es-ES
2010-09-02 21:00:49 ----D---- C:\Windows\SYSWOW64\0C0A
2010-09-02 21:00:22 ----D---- C:\Windows\system32\es
2010-09-02 21:00:22 ----D---- C:\Windows\system32\0C0A
2010-09-02 21:00:20 ----D---- C:\Windows\system32\drivers\es-ES
2010-09-02 20:59:48 ----D---- C:\Windows\es-ES
2010-09-02 20:48:45 ----D---- C:\Windows\SYSWOW64\he
2010-09-02 20:48:45 ----D---- C:\Windows\SYSWOW64\drivers\he-IL
2010-09-02 20:48:28 ----D---- C:\Windows\system32\he
2010-09-02 20:48:27 ----D---- C:\Windows\system32\drivers\he-IL
2010-09-02 20:48:04 ----D---- C:\Windows\he-IL
2010-09-02 20:39:45 ----D---- C:\Windows\tr-TR
2010-09-02 20:39:21 ----D---- C:\Windows\SYSWOW64\tr
2010-09-02 20:39:21 ----D---- C:\Windows\SYSWOW64\drivers\tr-TR
2010-09-02 20:38:52 ----D---- C:\Windows\system32\tr
2010-09-02 20:38:52 ----D---- C:\Windows\system32\drivers\tr-TR
2010-09-02 20:30:30 ----D---- C:\Windows\SYSWOW64\drivers\ko-KR
2010-09-02 20:30:11 ----D---- C:\Windows\SYSWOW64\ko
2010-09-02 20:30:07 ----D---- C:\Windows\ko-KR
2010-09-02 20:30:03 ----D---- C:\Windows\system32\drivers\ko-KR
2010-09-02 20:29:40 ----D---- C:\Windows\system32\ko
2010-09-02 20:20:59 ----D---- C:\Windows\SYSWOW64\drivers\da-DK
2010-09-02 20:20:41 ----D---- C:\Windows\SYSWOW64\da
2010-09-02 20:20:39 ----D---- C:\Windows\da-DK
2010-09-02 20:20:35 ----D---- C:\Windows\system32\drivers\da-DK
2010-09-02 20:20:04 ----D---- C:\Windows\system32\da
2010-09-02 20:12:24 ----D---- C:\Windows\pt-PT
2010-09-02 20:12:02 ----D---- C:\Windows\SYSWOW64\drivers\pt-PT
2010-09-02 20:12:01 ----D---- C:\Windows\SYSWOW64\pt
2010-09-02 20:11:38 ----D---- C:\Windows\system32\drivers\pt-PT
2010-09-02 20:11:32 ----D---- C:\Windows\system32\pt
2010-09-02 20:04:50 ----D---- C:\Windows\SYSWOW64\drivers\et-EE
2010-09-02 20:04:42 ----D---- C:\Windows\system32\drivers\et-EE
2010-09-02 20:04:25 ----D---- C:\Windows\et-EE
2010-09-02 19:58:59 ----D---- C:\Windows\SYSWOW64\drivers\bg-BG
2010-09-02 19:58:52 ----D---- C:\Windows\system32\drivers\bg-BG
2010-09-02 19:58:52 ----D---- C:\Windows\bg-BG
2010-09-02 19:52:36 ----D---- C:\Windows\SYSWOW64\zh-CHS
2010-09-02 19:52:36 ----D---- C:\Windows\SYSWOW64\drivers\zh-CN
2010-09-02 19:52:06 ----D---- C:\Windows\system32\zh-CHS
2010-09-02 19:52:04 ----D---- C:\Windows\system32\drivers\zh-CN
2010-09-02 19:51:30 ----D---- C:\Windows\zh-CN
2010-09-02 19:42:33 ----D---- C:\Windows\SYSWOW64\nl
2010-09-02 19:42:33 ----D---- C:\Windows\SYSWOW64\0413
2010-09-02 19:42:33 ----D---- C:\Windows\nl-NL
2010-09-02 19:42:14 ----D---- C:\Windows\SYSWOW64\drivers\nl-NL
2010-09-02 19:42:07 ----D---- C:\Windows\system32\nl
2010-09-02 19:42:07 ----D---- C:\Windows\system32\0413
2010-09-02 19:41:46 ----D---- C:\Windows\system32\drivers\nl-NL
2010-09-02 19:34:13 ----D---- C:\Windows\SYSWOW64\sv
2010-09-02 19:34:13 ----D---- C:\Windows\SYSWOW64\drivers\sv-SE
2010-09-02 19:33:47 ----D---- C:\Windows\system32\sv
2010-09-02 19:33:46 ----D---- C:\Windows\system32\drivers\sv-SE
2010-09-02 19:33:22 ----D---- C:\Windows\sv-SE
2010-09-02 19:26:20 ----D---- C:\Windows\de-DE
2010-09-02 19:26:01 ----D---- C:\Windows\SYSWOW64\0407
2010-09-02 19:26:00 ----D---- C:\Windows\SYSWOW64\drivers\de-DE
2010-09-02 19:26:00 ----D---- C:\Windows\SYSWOW64\de
2010-09-02 19:25:33 ----D---- C:\Windows\system32\0407
2010-09-02 19:25:31 ----D---- C:\Windows\system32\drivers\de-DE
2010-09-02 19:25:27 ----D---- C:\Windows\system32\de
2010-09-02 19:16:37 ----D---- C:\Windows\lt-LT
2010-09-02 19:16:29 ----D---- C:\Windows\SYSWOW64\drivers\lt-LT
2010-09-02 19:16:21 ----D---- C:\Windows\system32\drivers\lt-LT
2010-09-02 19:11:27 ----D---- C:\Windows\SYSWOW64\drivers\hr-HR
2010-09-02 19:11:20 ----D---- C:\Windows\system32\drivers\hr-HR
2010-09-02 19:11:20 ----D---- C:\Windows\hr-HR
2010-09-02 19:05:22 ----D---- C:\Windows\SYSWOW64\ru
2010-09-02 19:05:22 ----D---- C:\Windows\SYSWOW64\drivers\ru-RU
2010-09-02 19:04:52 ----D---- C:\Windows\system32\drivers\ru-RU
2010-09-02 19:04:44 ----D---- C:\Windows\system32\ru
2010-09-02 19:04:26 ----D---- C:\Windows\ru-RU
2010-09-02 18:58:02 ----D---- C:\Windows\it-IT
2010-09-02 18:57:43 ----D---- C:\Windows\SYSWOW64\drivers\it-IT
2010-09-02 18:57:43 ----D---- C:\Windows\SYSWOW64\0410
2010-09-02 18:57:40 ----D---- C:\Windows\SYSWOW64\it
2010-09-02 18:57:14 ----D---- C:\Windows\system32\drivers\it-IT
2010-09-02 18:57:14 ----D---- C:\Windows\system32\0410
2010-09-02 18:57:04 ----D---- C:\Windows\system32\it
2010-09-02 18:50:27 ----D---- C:\Windows\ja-JP
2010-09-02 18:49:58 ----D---- C:\Windows\SYSWOW64\ja
2010-09-02 18:49:58 ----D---- C:\Windows\SYSWOW64\drivers\ja-JP
2010-09-02 18:49:58 ----D---- C:\Windows\SYSWOW64\0411
2010-09-02 18:49:26 ----D---- C:\Windows\system32\ja
2010-09-02 18:49:26 ----D---- C:\Windows\system32\0411
2010-09-02 18:49:25 ----D---- C:\Windows\system32\drivers\ja-JP
2010-09-02 18:44:31 ----A---- C:\Windows\SYSWOW64\lzhfldr2.dll
2010-09-02 18:44:10 ----A---- C:\Windows\system32\lzhfldr2.dll
2010-09-02 18:42:29 ----D---- C:\Windows\SYSWOW64\no
2010-09-02 18:42:29 ----D---- C:\Windows\SYSWOW64\drivers\nb-NO
2010-09-02 18:42:10 ----D---- C:\Windows\nb-NO
2010-09-02 18:42:08 ----D---- C:\Windows\system32\no
2010-09-02 18:42:06 ----D---- C:\Windows\system32\drivers\nb-NO
2010-09-02 18:36:42 ----D---- C:\Windows\SYSWOW64\drivers\sl-SI
2010-09-02 18:36:31 ----D---- C:\Windows\sl-SI
2010-09-02 18:36:30 ----D---- C:\Windows\system32\drivers\sl-SI
2010-09-02 18:31:53 ----D---- C:\Windows\el-GR
2010-09-02 18:31:30 ----D---- C:\Windows\SYSWOW64\el
2010-09-02 18:31:30 ----D---- C:\Windows\SYSWOW64\drivers\el-GR
2010-09-02 18:31:08 ----D---- C:\Windows\system32\el
2010-09-02 18:31:07 ----D---- C:\Windows\system32\drivers\el-GR
2010-09-02 18:25:01 ----D---- C:\Windows\pt-BR
2010-09-02 18:24:43 ----D---- C:\Windows\SYSWOW64\drivers\pt-BR
2010-09-02 18:24:15 ----D---- C:\Windows\system32\drivers\pt-BR
2010-09-02 18:19:01 ----D---- C:\Windows\SYSWOW64\drivers\ro-RO
2010-09-02 18:19:01 ----D---- C:\Windows\ro-RO
2010-09-02 18:18:53 ----D---- C:\Windows\system32\drivers\ro-RO
2010-09-02 18:14:26 ----D---- C:\Windows\SYSWOW64\drivers\pl-PL
2010-09-02 18:14:07 ----D---- C:\Windows\SYSWOW64\pl
2010-09-02 18:14:05 ----D---- C:\Windows\pl-PL
2010-09-02 18:14:02 ----D---- C:\Windows\system32\drivers\pl-PL
2010-09-02 18:13:36 ----D---- C:\Windows\system32\pl
2010-09-02 18:03:04 ----D---- C:\Windows\fr-FR
2010-09-02 18:02:50 ----D---- C:\Windows\SYSWOW64\drivers\fr-FR
2010-09-02 18:02:50 ----D---- C:\Windows\SYSWOW64\040C
2010-09-02 18:02:49 ----D---- C:\Windows\SYSWOW64\fr
2010-09-02 18:02:49 ----D---- C:\Windows\SYSWOW64\drivers\ar-SA
2010-09-02 18:02:49 ----D---- C:\Windows\SYSWOW64\ar
2010-09-02 18:02:22 ----D---- C:\Windows\ar-SA
2010-09-02 18:02:13 ----D---- C:\Windows\system32\drivers\fr-FR
2010-09-02 18:02:13 ----D---- C:\Windows\system32\ar
2010-09-02 18:02:13 ----D---- C:\Windows\system32\040C
2010-09-02 18:02:11 ----D---- C:\Windows\system32\fr
2010-09-02 18:02:11 ----D---- C:\Windows\system32\drivers\ar-SA
2010-09-02 17:56:02 ----D---- C:\Windows\SYSWOW64\hu
2010-09-02 17:56:02 ----D---- C:\Windows\SYSWOW64\drivers\hu-HU
2010-09-02 17:55:40 ----D---- C:\Windows\system32\hu
2010-09-02 17:55:39 ----D---- C:\Windows\system32\drivers\hu-HU
2010-09-02 17:55:06 ----D---- C:\Windows\hu-HU
2010-09-02 17:50:41 ----D---- C:\Windows\SYSWOW64\drivers\sr-Latn-CS
2010-09-02 17:50:41 ----D---- C:\Windows\sr-Latn-CS
2010-09-02 17:50:33 ----D---- C:\Windows\system32\drivers\sr-Latn-CS
2010-09-02 17:47:15 ----D---- C:\Windows\SYSWOW64\drivers\sk-SK
2010-09-02 17:47:14 ----D---- C:\Windows\sk-SK
2010-09-02 17:47:07 ----D---- C:\Windows\system32\drivers\sk-SK
2010-09-02 17:43:47 ----D---- C:\Windows\SYSWOW64\drivers\th-TH
2010-09-02 17:43:38 ----D---- C:\Windows\system32\drivers\th-TH
2010-09-02 17:43:20 ----D---- C:\Windows\th-TH
2010-09-02 17:39:13 ----D---- C:\Windows\fi-FI
2010-09-02 17:38:48 ----D---- C:\Windows\SYSWOW64\fi
2010-09-02 17:38:48 ----D---- C:\Windows\SYSWOW64\drivers\fi-FI
2010-09-02 17:38:16 ----D---- C:\Windows\system32\fi
2010-09-02 17:38:16 ----D---- C:\Windows\system32\drivers\fi-FI
2010-08-29 17:15:34 ----D---- C:\Program Files (x86)\Prime95
2010-08-28 15:34:13 ----A---- C:\Windows\game.ini
2010-08-27 16:25:00 ----D---- C:\Program Files (x86)\Lavalys
2010-08-26 12:25:50 ----D---- C:\Program Files (x86)\Final Doomsday - Plutonia
2010-08-25 10:37:14 ----D---- C:\Program Files (x86)\Doomsday-Doom2
2010-08-25 07:21:10 ----D---- C:\Program Files (x86)\WinZip
2010-08-25 06:33:57 ----D---- C:\ProgramData\NVIDIA Corporation
2010-08-25 06:13:57 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-08-25 06:13:57 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-24 23:30:03 ----A---- C:\Windows\doom3.ini
2010-08-24 23:25:57 ----D---- C:\Program Files (x86)\DOOM 3
2010-08-23 14:43:13 ----D---- C:\Program Files (x86)\Plane Arcade
2010-08-23 13:59:50 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-08-23 13:59:50 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-08-23 13:59:50 ----A---- C:\Windows\SYSWOW64\java.exe
Zdraví a krásný den přeje Radim
Nahoru
drixim
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 03 pro 2009 06:38
Bydliště: Vysočina
Kontaktovat uživatele:
Kontaktovat uživatele drixim

Re: Zpomalil se mi start PC

#2 Příspěvek od drixim »

LOG2:
List of files/folders modified in the last 1 months======

2010-09-21 13:05:24 ----D---- C:\Windows\Prefetch
2010-09-21 13:05:18 ----D---- C:\Windows\Temp
2010-09-21 13:05:10 ----RD---- C:\Program Files
2010-09-21 13:04:56 ----AD---- C:\ProgramData\Temp
2010-09-21 13:04:07 ----D---- C:\Windows\system32\config
2010-09-21 13:00:52 ----D---- C:\Windows\Tasks
2010-09-21 12:58:48 ----AD---- C:\Windows
2010-09-21 12:58:45 ----D---- C:\Windows\Minidump
2010-09-21 12:44:53 ----D---- C:\Windows\system32\LogFiles
2010-09-21 12:38:40 ----D---- C:\Windows\SysWOW64
2010-09-21 12:38:39 ----RD---- C:\Program Files (x86)
2010-09-21 12:38:39 ----HD---- C:\ProgramData
2010-09-21 11:02:57 ----SHD---- C:\System Volume Information
2010-09-21 08:59:45 ----SHD---- C:\Boot
2010-09-21 08:38:21 ----SHD---- C:\Windows\Installer
2010-09-21 08:38:21 ----SHD---- C:\Config.Msi
2010-09-20 23:30:15 ----D---- C:\Windows\System32
2010-09-20 23:30:15 ----D---- C:\Windows\inf
2010-09-20 23:30:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-20 22:39:52 ----D---- C:\Users\Bobek\AppData\Roaming\Skype
2010-09-20 22:25:51 ----D---- C:\Windows\system32\NDF
2010-09-20 20:37:43 ----D---- C:\Windows\system32\Tasks
2010-09-20 20:34:50 ----D---- C:\Windows\system32\DriverStore
2010-09-20 20:34:50 ----D---- C:\Windows\system32\catroot
2010-09-20 19:56:56 ----D---- C:\_AcroTemp
2010-09-20 19:21:12 ----D---- C:\Users\Bobek\AppData\Roaming\skypePM
2010-09-20 15:04:21 ----D---- C:\Windows\system32\drivers
2010-09-20 15:04:21 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-09-18 22:10:49 ----D---- C:\Users\Bobek\AppData\Roaming\AnvSoft
2010-09-18 22:10:44 ----D---- C:\Program Files (x86)\AnvSoft
2010-09-18 19:39:50 ----D---- C:\Windows\rescache
2010-09-18 19:00:52 ----D---- C:\Program Files (x86)\Google
2010-09-18 18:09:08 ----D---- C:\Users\Bobek\AppData\Roaming\U3
2010-09-17 21:07:38 ----D---- C:\Windows\winsxs
2010-09-17 21:03:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-09-17 21:03:39 ----D---- C:\Program Files\Internet Explorer
2010-09-17 21:03:39 ----D---- C:\Program Files (x86)\Internet Explorer
2010-09-17 21:03:38 ----D---- C:\Windows\system32\cs-CZ
2010-09-17 21:03:36 ----D---- C:\Windows\SYSWOW64\pt-BR
2010-09-17 21:03:36 ----D---- C:\Windows\SYSWOW64\it-IT
2010-09-17 21:03:36 ----D---- C:\Windows\SYSWOW64\bg-BG
2010-09-17 21:03:35 ----D---- C:\Windows\SYSWOW64\uk-UA
2010-09-17 21:03:35 ----D---- C:\Windows\SYSWOW64\pt-PT
2010-09-17 21:03:35 ----D---- C:\Windows\SYSWOW64\pl-PL
2010-09-17 21:03:35 ----D---- C:\Windows\SYSWOW64\ko-KR
2010-09-17 21:03:35 ----D---- C:\Windows\SYSWOW64\he-IL
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\zh-HK
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\tr-TR
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\sl-SI
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\nl-NL
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\migration
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\hu-HU
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\hr-HR
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\fr-FR
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\fi-FI
2010-09-17 21:03:32 ----D---- C:\Windows\SYSWOW64\el-GR
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\zh-TW
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\zh-CN
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\th-TH
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\sv-SE
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\sk-SK
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\ru-RU
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\ro-RO
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\nb-NO
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\lv-LV
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\lt-LT
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\ja-JP
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\et-EE
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\es-ES
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\en-US
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\de-DE
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\da-DK
2010-09-17 21:03:31 ----D---- C:\Windows\SYSWOW64\ar-SA
2010-09-17 21:03:20 ----D---- C:\Windows\system32\zh-HK
2010-09-17 21:03:20 ----D---- C:\Windows\system32\uk-UA
2010-09-17 21:03:20 ----D---- C:\Windows\system32\tr-TR
2010-09-17 21:03:20 ----D---- C:\Windows\system32\th-TH
2010-09-17 21:03:20 ----D---- C:\Windows\system32\sr-Latn-CS
2010-09-17 21:03:20 ----D---- C:\Windows\system32\sl-SI
2010-09-17 21:03:20 ----D---- C:\Windows\system32\pt-PT
2010-09-17 21:03:20 ----D---- C:\Windows\system32\pt-BR
2010-09-17 21:03:20 ----D---- C:\Windows\system32\pl-PL
2010-09-17 21:03:20 ----D---- C:\Windows\system32\nl-NL
2010-09-17 21:03:20 ----D---- C:\Windows\system32\migration
2010-09-17 21:03:20 ----D---- C:\Windows\system32\ko-KR
2010-09-17 21:03:20 ----D---- C:\Windows\system32\it-IT
2010-09-17 21:03:20 ----D---- C:\Windows\system32\hu-HU
2010-09-17 21:03:20 ----D---- C:\Windows\system32\hr-HR
2010-09-17 21:03:20 ----D---- C:\Windows\system32\he-IL
2010-09-17 21:03:20 ----D---- C:\Windows\system32\fr-FR
2010-09-17 21:03:20 ----D---- C:\Windows\system32\fi-FI
2010-09-17 21:03:20 ----D---- C:\Windows\system32\el-GR
2010-09-17 21:03:20 ----D---- C:\Windows\system32\bg-BG
2010-09-17 21:03:20 ----D---- C:\Windows\PolicyDefinitions
2010-09-17 21:03:19 ----D---- C:\Windows\system32\zh-TW
2010-09-17 21:03:19 ----D---- C:\Windows\system32\zh-CN
2010-09-17 21:03:19 ----D---- C:\Windows\system32\sv-SE
2010-09-17 21:03:19 ----D---- C:\Windows\system32\sk-SK
2010-09-17 21:03:19 ----D---- C:\Windows\system32\ru-RU
2010-09-17 21:03:19 ----D---- C:\Windows\system32\ro-RO
2010-09-17 21:03:19 ----D---- C:\Windows\system32\nb-NO
2010-09-17 21:03:19 ----D---- C:\Windows\system32\lv-LV
2010-09-17 21:03:19 ----D---- C:\Windows\system32\lt-LT
2010-09-17 21:03:19 ----D---- C:\Windows\system32\ja-JP
2010-09-17 21:03:19 ----D---- C:\Windows\system32\et-EE
2010-09-17 21:03:19 ----D---- C:\Windows\system32\es-ES
2010-09-17 21:03:19 ----D---- C:\Windows\system32\en-US
2010-09-17 21:03:19 ----D---- C:\Windows\system32\de-DE
2010-09-17 21:03:19 ----D---- C:\Windows\system32\da-DK
2010-09-17 21:03:19 ----D---- C:\Windows\system32\ar-SA
2010-09-17 21:02:14 ----D---- C:\Windows\system32\catroot2
2010-09-17 20:50:51 ----D---- C:\Windows\Logs
2010-09-17 14:42:18 ----D---- C:\Program Files (x86)\TuneUp Utilities 2010
2010-09-17 13:29:15 ----D---- C:\Users\Bobek\AppData\Roaming\vlc
2010-09-17 00:38:10 ----D---- C:\Users\Bobek\AppData\Roaming\Vso
2010-09-17 00:38:09 ----A---- C:\Users\Bobek\AppData\Roaming\inst.exe
2010-09-15 13:44:36 ----D---- C:\ProgramData\Microsoft Help
2010-09-15 01:42:25 ----D---- C:\Windows\Microsoft.NET
2010-09-14 22:37:42 ----RSD---- C:\Windows\assembly
2010-09-14 22:27:09 ----D---- C:\Windows\debug
2010-09-14 22:15:03 ----A---- C:\Windows\system32\MRT.exe
2010-09-14 22:11:40 ----A---- C:\Windows\win.ini
2010-09-14 21:49:16 ----D---- C:\Program Files (x86)\MSBuild
2010-09-14 21:48:44 ----D---- C:\Windows\ShellNew
2010-09-14 21:48:25 ----RSD---- C:\Windows\Fonts
2010-09-14 21:47:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-09-14 21:46:40 ----D---- C:\Program Files\Microsoft Office
2010-09-14 21:22:23 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2010-09-14 21:18:51 ----SD---- C:\ProgramData\Microsoft
2010-09-14 17:50:19 ----D---- C:\Windows\SoftwareDistribution
2010-09-14 09:37:23 ----D---- C:\Program Files (x86)\Safari
2010-09-14 06:40:50 ----D---- C:\Program Files (x86)\CCleaner
2010-09-11 12:43:34 ----D---- C:\Program Files (x86)\Opera
2010-09-10 07:24:14 ----D---- C:\ProgramData\CanonIJPLM
2010-09-10 07:22:49 ----D---- C:\Windows\system32\FxsTmp
2010-09-07 08:57:49 ----D---- C:\ProgramData\Apple Computer
2010-09-06 16:15:31 ----D---- C:\ProgramData\CanonIJ
2010-09-02 21:43:02 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-09-02 21:26:39 ----D---- C:\Program Files\Windows Sidebar
2010-09-02 21:26:39 ----D---- C:\Program Files\Windows Mail
2010-09-02 21:26:38 ----D---- C:\Program Files\Windows Photo Viewer
2010-09-02 21:26:38 ----D---- C:\Program Files\Windows Media Player
2010-09-02 21:26:38 ----D---- C:\Program Files\Windows Journal
2010-09-02 21:26:38 ----D---- C:\Program Files\DVD Maker
2010-09-02 21:26:37 ----D---- C:\Program Files\Windows Defender
2010-09-02 21:26:37 ----D---- C:\Program Files\Common Files\System
2010-09-02 21:26:37 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-09-02 21:26:37 ----D---- C:\Program Files (x86)\Windows Mail
2010-09-02 21:26:36 ----D---- C:\Windows\SYSWOW64\migwiz
2010-09-02 21:26:36 ----D---- C:\Windows\SYSWOW64\drivers
2010-09-02 21:26:36 ----D---- C:\Windows\servicing
2010-09-02 21:26:36 ----D---- C:\Windows\ehome
2010-09-02 21:26:36 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2010-09-02 21:26:36 ----D---- C:\Program Files (x86)\Windows Media Player
2010-09-02 21:26:36 ----D---- C:\Program Files (x86)\Windows Defender
2010-09-02 21:26:30 ----D---- C:\Windows\SYSWOW64\WCN
2010-09-02 21:26:29 ----D---- C:\Windows\SYSWOW64\wbem
2010-09-02 21:26:28 ----D---- C:\Windows\system32\sysprep
2010-09-02 21:26:28 ----D---- C:\Windows\system32\oobe
2010-09-02 21:26:28 ----D---- C:\Windows\system32\migwiz
2010-09-02 21:26:13 ----D---- C:\Windows\system32\WCN
2010-09-02 21:26:12 ----D---- C:\Windows\system32\wbem
2010-09-02 21:12:30 ----D---- C:\Windows\SYSWOW64\winrm
2010-09-02 21:12:30 ----D---- C:\Windows\SYSWOW64\slmgr
2010-09-02 21:12:13 ----D---- C:\Windows\SYSWOW64\XPSViewer
2010-09-02 21:12:12 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2010-09-02 21:12:12 ----D---- C:\Windows\SYSWOW64\MUI
2010-09-02 21:12:12 ----D---- C:\Windows\SYSWOW64\DriverStore
2010-09-02 21:12:12 ----D---- C:\Windows\SYSWOW64\Dism
2010-09-02 21:12:10 ----D---- C:\Windows\SYSWOW64\com
2010-09-02 21:12:08 ----D---- C:\Windows\IME
2010-09-02 21:12:04 ----D---- C:\Windows\system32\winrm
2010-09-02 21:12:04 ----D---- C:\Windows\system32\slmgr
2010-09-02 21:12:04 ----D---- C:\Windows\system32\Boot
2010-09-02 21:11:46 ----D---- C:\Windows\system32\MUI
2010-09-02 21:11:46 ----D---- C:\Windows\system32\drivers\UMDF
2010-09-02 21:11:46 ----D---- C:\Windows\system32\Dism
2010-09-02 21:11:42 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2010-09-02 21:11:38 ----D---- C:\Windows\system32\com
2010-09-02 21:11:36 ----D---- C:\Windows\AppPatch
2010-09-02 21:00:49 ----D---- C:\Windows\SYSWOW64\sysprep
2010-09-02 21:00:49 ----D---- C:\Windows\SYSWOW64\Setup
2010-09-02 21:00:49 ----D---- C:\Windows\SYSWOW64\oobe
2010-09-02 21:00:49 ----D---- C:\Windows\SYSWOW64\drivers\UMDF
2010-09-02 21:00:26 ----D---- C:\Windows\DigitalLocker
2010-09-02 21:00:22 ----D---- C:\Windows\system32\WinBioPlugIns
2010-09-02 21:00:22 ----D---- C:\Windows\system32\Setup
2010-09-02 17:34:06 ----D---- C:\Windows\SYSWOW64\en
2010-09-02 17:34:06 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2010-09-02 17:33:40 ----D---- C:\Windows\en-US
2010-09-02 17:33:37 ----D---- C:\Windows\system32\en
2010-09-02 17:33:37 ----D---- C:\Windows\system32\drivers\en-US
2010-09-02 17:33:00 ----D---- C:\Windows\Speech
2010-09-01 16:35:14 ----D---- C:\WEPOS
2010-08-29 13:13:17 ----D---- C:\Users\Bobek\AppData\Roaming\Canon
2010-08-28 15:34:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-08-28 15:32:03 ----D---- C:\Program Files (x86)\Activision
2010-08-27 15:02:02 ----A---- C:\Windows\system32\TURegOpt.exe
2010-08-26 18:41:31 ----D---- C:\ProgramData\Codemasters
2010-08-26 18:39:29 ----D---- C:\Program Files (x86)\BRS
2010-08-26 18:39:04 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2010-08-26 18:39:04 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2010-08-26 18:39:04 ----A---- C:\Windows\system32\wrap_oal.dll
2010-08-26 18:39:04 ----A---- C:\Windows\system32\OpenAL32.dll
2010-08-26 09:51:20 ----D---- C:\Windows\Acronis
2010-08-25 07:22:45 ----D---- C:\ProgramData\WinZip
2010-08-25 06:36:34 ----D---- C:\ProgramData\NVIDIA
2010-08-25 06:33:45 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-25 06:24:31 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-08-24 09:00:01 ----D---- C:\Program Files (x86)\City Bus Simulator 2010 New York
2010-08-23 13:59:49 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2010-09-07 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2010-09-07 250448]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2008-07-31 24328]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2009-09-23 69152]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-08-12 276576]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys [2010-08-01 1477728]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-08-01 943712]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2010-09-07 125520]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2010-09-07 472656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-11-09 91568]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-08-01 252512]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-08-21 172704]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y62x64.sys [2009-06-12 287960]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-06 1824672]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 34032]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
R3 V0610Vid;Creative Live! Cam Socialize HD Driver; C:\Windows\system32\DRIVERS\V0610Vid.sys [2009-08-24 320576]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys []
S0 CLBStor;CyberLink InstantBurn UDF Reader Help Driver; C:\Windows\system32\drivers\CLBStor.sys []
S2 CLBUDFR;CyberLink UDF Filesystem; C:\Windows\system32\drivers\CLBUDFR.sys []
S3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2009-03-23 20992]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-06 61280]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-07-02 31624]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-09-17 913920]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-02-26 12288]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-02-26 173056]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-02-08 82816]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2009-06-17 15208]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe [2010-06-03 1055200]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-08-01 2480048]
R2 ASO3DiskOptimizer;ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [2009-10-15 242920]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-09-07 119200]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe [2005-01-04 65536]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-10-09 107912]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1181328]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-07-30 73728]
R2 MSR Service;Virtual Disk Service Manager; C:\Program Files (x86)\Clarus\Samsung SecretZone\MSSvc.exe [2009-05-12 102400]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-06-18 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2009-09-01 87344]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2008-09-24 244904]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-07-07 2156952]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-08-27 1403200]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe [2005-01-04 1527893]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-30 136176]
S2 Prime95 Service;Prime95 Service; C:\Program Files (x86)\Prime95\prime95.exe []
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-03-01 1030600]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-02 651720]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-31 182768]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 932640]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-17 607040]

-----------------EOF-----------------
Zdraví a krásný den přeje Radim
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zpomalil se mi start PC

#3 Příspěvek od motji »

Hezké odpoledne :)

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
drixim
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 03 pro 2009 06:38
Bydliště: Vysočina
Kontaktovat uživatele:
Kontaktovat uživatele drixim

Re: Zpomalil se mi start PC

#4 Příspěvek od drixim »

Ajajaj
já jsem udělal rychlý sken ( ještě než jste mi to napsala) a jelikož bylo vše myweb a funplace, tak jsem to vymazal.
Kopie logu je níže a nyní mi již 3 hodky běží sken úplny ( zatím 1 inf.).
Jak to doběhne, tak to sem ihned hodím bez mazaní. Omlouvám se.
Verze databáze: 4663

Windows 6.1.7600
Internet Explorer 9.0.7930.16406

21.9.2010 15:31:11
mbam-log-2010-09-21 (15-31-11).txt

Typ skenu: Rychlý sken
Skenované objekty: 153403
Uplynulý čas: 4 minuta(y), 20 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 25
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 6
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\Program Files (x86)\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infikované soubory:
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\Bobek\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
Zdraví a krásný den přeje Radim
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zpomalil se mi start PC

#5 Příspěvek od motji »

Až skončíte uplný sken, nic nemažte.
Podle nálezu mbamu to vidím ještě na combofix :o
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
drixim
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 03 pro 2009 06:38
Bydliště: Vysočina
Kontaktovat uživatele:
Kontaktovat uživatele drixim

Re: Zpomalil se mi start PC

#6 Příspěvek od drixim »

Dodělal jsem to a je to čisté.
PS mám 64bit - combofix už s tím umí ?
Zdraví a krásný den přeje Radim
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zpomalil se mi start PC

#7 Příspěvek od motji »

Neumí :roll: , já jsem dnes na ty 64b systémy slepá :oops: .
Jak to vypadá s počítačem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
drixim
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 03 pro 2009 06:38
Bydliště: Vysočina
Kontaktovat uživatele:
Kontaktovat uživatele drixim

Re: Zpomalil se mi start PC

#8 Příspěvek od drixim »

Start pořád pomalý
Zdraví a krásný den přeje Radim
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zpomalil se mi start PC

#9 Příspěvek od motji »

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
drixim
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 03 pro 2009 06:38
Bydliště: Vysočina
Kontaktovat uživatele:
Kontaktovat uživatele drixim

Re: Zpomalil se mi start PC

#10 Příspěvek od drixim »

Nevím, ale připadá mi že se to kouslo (otl) a nic se tam dobrou půlhodku nedje.
Zdraví a krásný den přeje Radim
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zpomalil se mi start PC

#11 Příspěvek od motji »

Tak musíte natvrdo restartovat pc. A pak ho spusťte ale bez skriptu.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
drixim
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 03 pro 2009 06:38
Bydliště: Vysočina
Kontaktovat uživatele:
Kontaktovat uživatele drixim

Re: Zpomalil se mi start PC

#12 Příspěvek od drixim »

při vypnutí mi to udělalo log ze scriptu a uložilo, tak sem dávám vše v raru protože každý log má 400tis. v raru 1jsou bez scriptu
Přílohy
Desktop.rar
(108.13 KiB) Staženo 115 x
Zdraví a krásný den přeje Radim
Nahoru
drixim
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 03 pro 2009 06:38
Bydliště: Vysočina
Kontaktovat uživatele:
Kontaktovat uživatele drixim

Re: Zpomalil se mi start PC

#13 Příspěvek od drixim »

teď při porovnání logů jsem zjistil že jsou stejné - asi se mi to uložilo automaticky a já to uložil znovu jako .....
Zdraví a krásný den přeje Radim
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zpomalil se mi start PC

#14 Příspěvek od motji »

:arrow: Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1100104945-3048821398-410265370-1001\..\URLSearchHook:  - Reg Error: Key error. File not found
O4 - HKU\S-1-5-21-1100104945-3048821398-410265370-1001..\Run: []  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - Reg Error: Key error. File not found
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{9de182db-ccab-11de-9aff-001cc0a3841a}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\SETUP.EXE -- File not found
O33 - MountPoints2\I\Shell\configure\command - "" = I:\SETUP.EXE -- File not found
O33 - MountPoints2\I\Shell\install\command - "" = I:\SETUP.EXE -- File not found
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Setup\rsrc\autorun.exe -- File not found
O33 - MountPoints2\J\Shell\dinstall\command - "" = J:\Directx\dxsetup.exe -- File not found
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\setup.exe -- File not found
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\Autorun.exe -- File not found
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\Autorun.exe -- File not found
[2010.09.20 23:30:15 | 000,700,002 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2010.09.20 23:30:15 | 000,699,090 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2010.09.20 23:30:15 | 000,696,782 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2010.09.20 23:30:15 | 000,695,148 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010.09.20 23:30:15 | 000,694,720 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2010.09.20 23:30:15 | 000,684,952 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2010.09.20 23:30:15 | 000,681,306 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2010.09.20 23:30:15 | 000,669,370 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2010.09.20 23:30:15 | 000,649,470 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.20 23:30:15 | 000,637,876 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2010.09.20 23:30:15 | 000,637,006 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.09.20 23:30:15 | 000,623,030 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2010.09.20 23:30:15 | 000,621,224 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.20 23:30:15 | 000,615,622 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat
[2010.09.20 23:30:15 | 000,557,504 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2010.09.20 23:30:15 | 000,467,606 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2010.09.20 23:30:15 | 000,454,092 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat
[2010.09.20 23:30:15 | 000,439,780 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2010.09.20 23:30:15 | 000,438,968 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2010.09.20 23:30:15 | 000,403,752 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2010.09.20 23:30:15 | 000,392,778 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2010.09.20 23:30:15 | 000,381,612 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2010.09.20 23:30:15 | 000,365,498 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2010.09.20 23:30:15 | 000,358,448 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2010.09.20 23:30:15 | 000,150,486 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2010.09.20 23:30:15 | 000,139,354 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2010.09.20 23:30:15 | 000,137,086 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010.09.20 23:30:15 | 000,135,984 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2010.09.20 23:30:15 | 000,135,176 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2010.09.20 23:30:15 | 000,134,756 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2010.09.20 23:30:15 | 000,132,482 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2010.09.20 23:30:15 | 000,131,766 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.20 23:30:15 | 000,130,312 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2010.09.20 23:30:15 | 000,129,278 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2010.09.20 23:30:15 | 000,125,950 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2010.09.20 23:30:15 | 000,124,556 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.09.20 23:30:15 | 000,123,746 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat
[2010.09.20 23:30:15 | 000,108,304 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2010.09.20 23:30:15 | 000,108,304 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.20 23:30:15 | 000,106,096 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2010.09.20 23:30:15 | 000,105,580 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2010.09.20 23:30:15 | 000,101,250 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2010.09.20 23:30:15 | 000,091,622 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2010.09.20 23:30:15 | 000,084,316 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2010.09.20 23:30:15 | 000,081,930 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2010.09.20 23:30:15 | 000,080,900 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2010.09.20 23:30:15 | 000,079,362 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat
[2010.09.20 23:30:15 | 000,071,010 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2010.09.02 21:11:17 | 000,117,840 | ---- | M] () -- C:\Windows\SysNative\prfi0404.dat
[2010.09.02 21:11:17 | 000,031,548 | ---- | M] () -- C:\Windows\SysNative\prfd0404.dat
[2010.09.02 20:59:32 | 000,341,432 | ---- | M] () -- C:\Windows\SysNative\perfi00A.dat
[2010.09.02 20:59:32 | 000,041,390 | ---- | M] () -- C:\Windows\SysNative\perfd00A.dat
[2010.09.02 20:47:46 | 000,229,316 | ---- | M] () -- C:\Windows\SysNative\perfi00D.dat
[2010.09.02 20:47:46 | 000,032,166 | ---- | M] () -- C:\Windows\SysNative\perfd00D.dat
[2010.09.02 20:38:32 | 000,285,034 | ---- | M] () -- C:\Windows\SysNative\perfi01F.dat
[2010.09.02 20:38:32 | 000,037,160 | ---- | M] () -- C:\Windows\SysNative\perfd01F.dat
[2010.09.02 20:29:24 | 000,157,694 | ---- | M] () -- C:\Windows\SysNative\perfi012.dat
[2010.09.02 20:29:24 | 000,031,548 | ---- | M] () -- C:\Windows\SysNative\perfd012.dat
[2010.09.02 20:19:45 | 000,306,636 | ---- | M] () -- C:\Windows\SysNative\perfi006.dat
[2010.09.02 20:19:45 | 000,039,236 | ---- | M] () -- C:\Windows\SysNative\perfd006.dat
[2010.09.02 20:11:19 | 000,336,656 | ---- | M] () -- C:\Windows\SysNative\prfi0816.dat
[2010.09.02 20:11:19 | 000,040,548 | ---- | M] () -- C:\Windows\SysNative\prfd0816.dat
[2010.09.02 19:51:17 | 000,111,310 | ---- | M] () -- C:\Windows\SysNative\prfi0804.dat
[2010.09.02 19:51:17 | 000,031,548 | ---- | M] () -- C:\Windows\SysNative\prfd0804.dat
[2010.09.02 19:41:21 | 000,341,322 | ---- | M] () -- C:\Windows\SysNative\perfi013.dat
[2010.09.02 19:41:21 | 000,043,068 | ---- | M] () -- C:\Windows\SysNative\perfd013.dat
[2010.09.02 19:33:10 | 000,037,052 | ---- | M] () -- C:\Windows\SysNative\perfd01D.dat
[2010.09.02 19:33:09 | 000,294,764 | ---- | M] () -- C:\Windows\SysNative\perfi01D.dat
[2010.09.02 19:25:05 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2010.09.02 19:25:05 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2010.09.02 19:04:12 | 000,336,704 | ---- | M] () -- C:\Windows\SysNative\perfi019.dat
[2010.09.02 19:04:12 | 000,039,446 | ---- | M] () -- C:\Windows\SysNative\perfd019.dat
[2010.09.02 18:56:49 | 000,335,478 | ---- | M] () -- C:\Windows\SysNative\perfi010.dat
[2010.09.02 18:56:49 | 000,037,534 | ---- | M] () -- C:\Windows\SysNative\perfd010.dat
[2010.09.02 18:48:54 | 000,141,988 | ---- | M] () -- C:\Windows\SysNative\perfi011.dat
[2010.09.02 18:48:54 | 000,031,548 | ---- | M] () -- C:\Windows\SysNative\perfd011.dat
[2010.09.02 18:41:31 | 000,298,300 | ---- | M] () -- C:\Windows\SysNative\perfi014.dat
[2010.09.02 18:41:31 | 000,036,156 | ---- | M] () -- C:\Windows\SysNative\perfd014.dat
[2010.09.02 18:30:48 | 000,369,984 | ---- | M] () -- C:\Windows\SysNative\perfi008.dat
[2010.09.02 18:30:48 | 000,045,182 | ---- | M] () -- C:\Windows\SysNative\perfd008.dat
[2010.09.02 18:23:54 | 000,323,154 | ---- | M] () -- C:\Windows\SysNative\prfi0416.dat
[2010.09.02 18:23:54 | 000,038,536 | ---- | M] () -- C:\Windows\SysNative\prfd0416.dat
[2010.09.02 18:13:12 | 000,038,710 | ---- | M] () -- C:\Windows\SysNative\perfd015.dat
[2010.09.02 18:13:11 | 000,337,158 | ---- | M] () -- C:\Windows\SysNative\perfi015.dat
[2010.09.02 18:01:22 | 000,344,522 | ---- | M] () -- C:\Windows\SysNative\perfi00C.dat
[2010.09.02 18:01:22 | 000,289,060 | ---- | M] () -- C:\Windows\SysNative\perfi001.dat
[2010.09.02 18:01:22 | 000,042,056 | ---- | M] () -- C:\Windows\SysNative\perfd001.dat
[2010.09.02 18:01:22 | 000,038,160 | ---- | M] () -- C:\Windows\SysNative\perfd00C.dat
[2010.09.02 17:54:50 | 000,287,518 | ---- | M] () -- C:\Windows\SysNative\perfi00E.dat
[2010.09.02 17:54:50 | 000,048,094 | ---- | M] () -- C:\Windows\SysNative\perfd00E.dat
[2010.09.02 17:37:57 | 000,279,790 | ---- | M] () -- C:\Windows\SysNative\perfi00B.dat
[2010.09.02 17:37:57 | 000,038,258 | ---- | M] () -- C:\Windows\SysNative\perfd00B.dat
@Alternate Data Stream - 48 bytes -> C:\Windows:0DA04F8A67D8571A
@Alternate Data Stream - 176 bytes -> C:\ProgramData\Temp:FB1B13D8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:CF778051
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:CB0AACC9

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Program Files (x86)\Trojan Remover

:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde :)


:arrow: tuto jednotku a soubor znáte?
D:\BlueBirds.exe



:arrow: Dejte soubor otestovat na http://www.virustotal.com

C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe


-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače



:arrow: Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázekzáložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

Obrázekzáložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy :arrow: ok :arrow: zavřít

Obrázek Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
drixim
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 03 pro 2009 06:38
Bydliště: Vysočina
Kontaktovat uživatele:
Kontaktovat uživatele drixim

Re: Zpomalil se mi start PC

#15 Příspěvek od drixim »

Virus total (0/43):
http://www.virustotal.com/file-scan/rep ... 1285132967
OTL log:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1100104945-3048821398-410265370-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1100104945-3048821398-410265370-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9de182db-ccab-11de-9aff-001cc0a3841a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9de182db-ccab-11de-9aff-001cc0a3841a}\ not found.
File K:\LaunchU3.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
File E:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ deleted successfully.
File I:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ not found.
File I:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ not found.
File I:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ deleted successfully.
File J:\Setup\rsrc\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ not found.
File J:\Directx\dxsetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ deleted successfully.
File K:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\ deleted successfully.
File L:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\M\ deleted successfully.
File M:\Autorun.exe not found.
C:\Windows\SysNative\perfh00C.dat moved successfully.
C:\Windows\SysNative\perfh00A.dat moved successfully.
C:\Windows\SysNative\perfh013.dat moved successfully.
C:\Windows\SysNative\perfh015.dat moved successfully.
C:\Windows\SysNative\perfh010.dat moved successfully.
C:\Windows\SysNative\prfh0816.dat moved successfully.
C:\Windows\SysNative\perfh019.dat moved successfully.
C:\Windows\SysNative\prfh0416.dat moved successfully.
C:\Windows\SysNative\perfh007.dat moved successfully.
C:\Windows\SysNative\perfh00E.dat moved successfully.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh01D.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfh01F.dat moved successfully.
C:\Windows\SysNative\perfh008.dat moved successfully.
C:\Windows\SysNative\perfh006.dat moved successfully.
C:\Windows\SysNative\perfh014.dat moved successfully.
C:\Windows\SysNative\perfh001.dat moved successfully.
C:\Windows\SysNative\perfh00B.dat moved successfully.
C:\Windows\SysNative\perfh012.dat moved successfully.
C:\Windows\SysNative\perfh011.dat moved successfully.
C:\Windows\SysNative\prfh0404.dat moved successfully.
C:\Windows\SysNative\prfh0804.dat moved successfully.
C:\Windows\SysNative\perfh00D.dat moved successfully.
C:\Windows\SysNative\perfc00E.dat moved successfully.
C:\Windows\SysNative\perfc00A.dat moved successfully.
C:\Windows\SysNative\perfc015.dat moved successfully.
C:\Windows\SysNative\prfc0816.dat moved successfully.
C:\Windows\SysNative\perfc013.dat moved successfully.
C:\Windows\SysNative\perfc019.dat moved successfully.
C:\Windows\SysNative\perfc00C.dat moved successfully.
C:\Windows\SysNative\perfc007.dat moved successfully.
C:\Windows\SysNative\prfc0416.dat moved successfully.
C:\Windows\SysNative\perfc010.dat moved successfully.
C:\Windows\SysNative\perfc01D.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc01F.dat moved successfully.
C:\Windows\SysNative\perfc011.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
C:\Windows\SysNative\perfc012.dat moved successfully.
C:\Windows\SysNative\prfc0804.dat moved successfully.
C:\Windows\SysNative\prfc0404.dat moved successfully.
C:\Windows\SysNative\perfc008.dat moved successfully.
C:\Windows\SysNative\perfc00B.dat moved successfully.
C:\Windows\SysNative\perfc006.dat moved successfully.
C:\Windows\SysNative\perfc001.dat moved successfully.
C:\Windows\SysNative\perfc014.dat moved successfully.
C:\Windows\SysNative\perfc00D.dat moved successfully.
C:\Windows\SysNative\prfi0404.dat moved successfully.
C:\Windows\SysNative\prfd0404.dat moved successfully.
C:\Windows\SysNative\perfi00A.dat moved successfully.
Zdraví a krásný den přeje Radim
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“