prosim o kontrolu- cely se to seka

Zpráva

#31 Příspěvek od **motji** » 17 zář 2010 23:45

Prosím tě, ještě mi dej sem oba logy z OTL.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

Laydee · #32 Příspěvek od **Laydee** » 18 zář 2010 09:18

to mam vykoukany uz ve spravci uloh a ten programek nerekl o nic vic vlastne. Ono je to spis zatuhavani, ze program ktery by mel jet na tretinovem vykonu notebooku uplne v pohode, dostava na mojem notasku novy rozmer.
Priklad dam: program, hra, cokoliv ma doporucenou sestavu treba CPU 500Mhz, 515MB ram a grafika nejaka 5 let stara. A vsechno bezi ok.
Jenze na mojem notasku je to hruza. Seka, kouse a programy chteji hodne vykonu, pritom by to melo vsechno fungovat ok :/

#33 Příspěvek od **motji** » 18 zář 2010 11:15

Udělej ještě ten OTL

Laydee · #34 Příspěvek od **Laydee** » 18 zář 2010 11:22

tady je OTL, motji

)

OTL logfile created on: 9/18/2010 10:19:00 AM - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Laydenka\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 70.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 2.09 Gb Free Space | 1.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAYDENKA-NB
Current User Name: Laydenka
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/18 10:18:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe
PRC - [2010/07/24 03:06:44 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/07/24 03:06:43 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/06/26 20:17:47 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/06/21 22:42:15 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\Laydenka\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/04/01 13:33:20 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:32 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:10 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

========== Modules (SafeList) ==========

MOD - [2010/09/18 10:18:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010/06/26 20:17:47 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/06/19 17:00:43 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/04/01 13:33:20 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 10:28:10 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/09/20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/10/25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/08/18 09:02:00 | 000,222,208 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2008/08/01 11:11:20 | 000,158,208 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/06/19 16:46:54 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/05/29 02:26:12 | 002,307,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/28 08:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/02 13:35:02 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010/02/16 14:24:02 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/11/16 18:33:38 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009/10/26 15:36:22 | 001,202,688 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\smserial.sys -- (smserial)
DRV:64bit: - [2009/10/10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:10:49 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV:64bit: - [2009/07/14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/07/14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/25 17:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 16:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/02 10:59:08 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2008/05/02 10:58:50 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008/05/02 10:58:48 | 000,023,552 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008/05/02 10:58:48 | 000,018,432 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2007/08/09 01:21:00 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV - [2008/08/18 09:04:02 | 000,040,480 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\Windows\nvoclk64.sys -- (NVR0Dev)
DRV - [2008/08/01 11:08:28 | 000,040,480 | ---- | M] (NVidia Corp.) [Kernel | Auto | Running] -- C:\Windows\nvflsh64.sys -- (NVR0FLASHDev)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 6E 6D 54 B1 37 CB 01 [binary data]
IE - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: support@auto-hide-ip.com:1.0
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/29 17:35:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/17 19:27:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/20 08:06:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b4\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 2\components [2010/08/11 22:13:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 2\plugins [2010/08/16 18:41:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/07/26 17:12:30 | 000,000,000 | ---D | M]

[2010/06/26 17:39:27 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Extensions
[2010/06/26 17:39:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/09/18 00:23:50 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Firefox\Profiles\ed5akz0v.default\extensions
[2010/06/24 11:29:02 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Firefox\Profiles\ed5akz0v.default\extensions\support@auto-hide-ip.com
[2010/07/13 11:36:40 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Firefox\Profiles\ed5akz0v.default\extensions\tineye@ideeinc.com
[2010/08/06 08:37:52 | 000,001,819 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Firefox\Profiles\ed5akz0v.default\searchplugins\bing.xml
[2010/09/18 00:23:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/06/22 13:55:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/07 19:40:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/04/01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/04/01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/04/01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/04/01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/04/01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010/07/16 12:57:53 | 000,001,233 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 gosredirector.ea.com
O1 - Hosts: 127.0.0.1 blazeserver.blazeemu.org
O1 - Hosts: 127.0.0.1 gosgvaprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 gosiadprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 gossjcprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 demangler.ea.com
O1 - Hosts: 127.0.0.1 vmp.tools.gos.ea.com
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 127.0.0.1 71i.de
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000..\Run: [NVIDIA nTune] C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/18 10:18:10 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe
[2010/09/18 00:15:18 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\Desktop\ProcessExplorer
[2010/09/17 14:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2010/09/17 14:43:21 | 001,400,336 | ---- | C] (Crystal Dew World ) -- C:\Users\Laydenka\Desktop\CrystalDiskInfo3_6_0-en.exe
[2010/09/16 21:44:28 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\Desktop\bootkit_remover
[2010/09/16 19:56:46 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\Desktop\nv19045_Win7Vista64
[2010/09/16 17:48:09 | 130,121,904 | ---- | C] (NVIDIA Corporation ) -- C:\Users\Laydenka\Desktop\185.85_desktop_win7_64bit_international_whql.exe
[2010/09/16 17:27:19 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp71.dll
[2010/09/16 17:27:19 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr71.dll
[2010/09/16 17:27:18 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFC71.dll
[2010/09/16 17:27:00 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\AppData\Local\NVIDIA Corporation
[2010/09/16 17:26:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/09/16 17:24:52 | 000,501,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2010/09/16 16:44:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2010/09/16 16:43:47 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\Desktop\EVEREST ULTIMATE EDITION 5.30
[2010/09/15 21:42:54 | 000,000,000 | ---D | C] -- C:\dell
[2010/08/25 06:42:34 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/08/21 12:50:35 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\AppData\Roaming\Avira
[2010/08/21 12:46:39 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010/08/21 12:46:39 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010/08/21 12:46:39 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010/08/21 12:46:39 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010/08/21 12:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/08/21 12:46:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010/08/20 23:30:47 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\AppData\Roaming\vlc
[2010/08/20 23:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010/08/20 20:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Whiz
[2010/08/20 17:03:54 | 000,000,000 | ---D | C] -- C:\rsit
[2010/08/20 16:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/08/20 15:23:09 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/08/19 16:48:02 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2010/08/19 16:48:02 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2010/08/19 16:41:38 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2010/08/19 16:41:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2010/08/19 16:41:38 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2010/08/19 16:41:38 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2010/08/19 16:38:59 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2010/08/19 16:38:58 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2010/08/19 16:38:57 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2010/08/19 16:38:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2010/08/19 16:38:41 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld

========== Files - Modified Within 30 Days ==========

[2010/09/18 10:21:01 | 002,097,152 | -HS- | M] () -- C:\Users\Laydenka\NTUSER.DAT
[2010/09/18 10:18:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe
[2010/09/18 10:13:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/18 09:48:57 | 000,020,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/18 09:48:57 | 000,020,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/18 09:47:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270311530-2584071053-1987869603-1000UA.job
[2010/09/18 09:41:31 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/18 09:41:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/18 09:41:08 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/18 00:59:25 | 001,187,766 | -H-- | M] () -- C:\Users\Laydenka\AppData\Local\IconCache.db
[2010/09/18 00:28:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/18 00:14:45 | 001,729,668 | ---- | M] () -- C:\Users\Laydenka\Desktop\ProcessExplorer.zip
[2010/09/17 23:01:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270311530-2584071053-1987869603-1000Core.job
[2010/09/17 14:43:52 | 000,001,984 | ---- | M] () -- C:\Users\Laydenka\Desktop\CrystalDiskInfo.lnk
[2010/09/17 14:43:33 | 001,400,336 | ---- | M] (Crystal Dew World ) -- C:\Users\Laydenka\Desktop\CrystalDiskInfo3_6_0-en.exe
[2010/09/16 21:43:43 | 000,040,375 | ---- | M] () -- C:\Users\Laydenka\Desktop\bootkit_remover.rar
[2010/09/16 19:38:11 | 162,392,405 | ---- | M] () -- C:\Users\Laydenka\Desktop\nv19045_Win7Vista64.zip
[2010/09/16 19:37:58 | 000,832,273 | ---- | M] () -- C:\Users\Laydenka\Desktop\RSITx64.exe
[2010/09/16 18:57:31 | 000,001,011 | ---- | M] () -- C:\Users\Laydenka\Desktop\CCleaner.lnk
[2010/09/16 17:50:41 | 130,121,904 | ---- | M] (NVIDIA Corporation ) -- C:\Users\Laydenka\Desktop\185.85_desktop_win7_64bit_international_whql.exe
[2010/09/16 16:44:24 | 000,001,126 | ---- | M] () -- C:\Users\Laydenka\Desktop\EVEREST Ultimate Edition.lnk
[2010/09/15 21:23:37 | 000,524,288 | ---- | M] () -- C:\Users\Laydenka\Desktop\F3TAS.228
[2010/08/31 07:19:12 | 002,441,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/08/21 12:44:02 | 044,092,512 | ---- | M] () -- C:\Users\Laydenka\Desktop\avira_antivir_personal_en.exe
[2010/08/20 23:30:40 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/08/20 19:46:54 | 000,504,320 | ---- | M] () -- C:\Users\Laydenka\Desktop\WININQUIRY.exe
[2010/08/20 17:25:47 | 000,000,190 | -HS- | M] () -- C:\Windows\setup_9.0.0.722_15.09.2010_16-24drv.spi
[2010/08/20 08:06:43 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/19 19:48:33 | 000,179,651 | ---- | M] () -- C:\Users\Laydenka\Documents\pinfect.zip
[2010/08/19 17:11:54 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/19 17:11:54 | 000,631,314 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/08/19 17:11:54 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/19 17:11:54 | 000,121,922 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/08/19 17:11:54 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/19 16:52:01 | 016,536,320 | ---- | M] () -- C:\Windows\REGBK00.ZIP
[2010/08/19 16:44:38 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2010/08/19 16:42:47 | 000,003,704 | ---- | M] () -- C:\Users\Laydenka\Documents\cc_20100819_164227.reg
[2010/08/19 16:38:58 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2010/08/19 16:38:57 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2010/08/19 16:38:56 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe

========== Files Created - No Company Name ==========

[2010/09/18 00:14:23 | 001,729,668 | ---- | C] () -- C:\Users\Laydenka\Desktop\ProcessExplorer.zip
[2010/09/17 14:43:52 | 000,001,984 | ---- | C] () -- C:\Users\Laydenka\Desktop\CrystalDiskInfo.lnk
[2010/09/16 21:43:41 | 000,040,375 | ---- | C] () -- C:\Users\Laydenka\Desktop\bootkit_remover.rar
[2010/09/16 19:37:50 | 000,832,273 | ---- | C] () -- C:\Users\Laydenka\Desktop\RSITx64.exe
[2010/09/16 19:34:56 | 162,392,405 | ---- | C] () -- C:\Users\Laydenka\Desktop\nv19045_Win7Vista64.zip
[2010/09/16 18:57:31 | 000,001,011 | ---- | C] () -- C:\Users\Laydenka\Desktop\CCleaner.lnk
[2010/09/16 16:44:24 | 000,001,126 | ---- | C] () -- C:\Users\Laydenka\Desktop\EVEREST Ultimate Edition.lnk
[2010/09/15 21:23:36 | 000,524,288 | ---- | C] () -- C:\Users\Laydenka\Desktop\F3TAS.228
[2010/08/29 12:41:57 | 000,001,846 | ---- | C] () -- C:\Users\Laydenka\Desktop\GameLauncher – zástupce.lnk
[2010/08/29 12:41:57 | 000,001,638 | ---- | C] () -- C:\Users\Laydenka\Desktop\Need for Speed™ Undercover.lnk
[2010/08/29 12:41:57 | 000,000,681 | ---- | C] () -- C:\Users\Laydenka\Desktop\Quake 4.lnk
[2010/08/29 12:41:57 | 000,000,591 | ---- | C] () -- C:\Users\Laydenka\Desktop\Command & Conquer Generals.lnk
[2010/08/29 12:41:57 | 000,000,218 | ---- | C] () -- C:\Users\Laydenka\Desktop\Counter-Strike.url
[2010/08/29 12:41:39 | 000,002,221 | ---- | C] () -- C:\Users\Laydenka\Desktop\Need For Speed World.lnk
[2010/08/29 12:41:39 | 000,001,630 | ---- | C] () -- C:\Users\Laydenka\Desktop\QIP Infium JadrisPack.lnk
[2010/08/21 12:43:11 | 044,092,512 | ---- | C] () -- C:\Users\Laydenka\Desktop\avira_antivir_personal_en.exe
[2010/08/20 23:30:40 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/08/20 19:46:31 | 000,504,320 | ---- | C] () -- C:\Users\Laydenka\Desktop\WININQUIRY.exe
[2010/08/20 18:54:53 | 000,524,288 | RH-- | C] () -- C:\F3T.BIN
[2010/08/20 17:25:47 | 000,000,190 | -HS- | C] () -- C:\Windows\setup_9.0.0.722_15.09.2010_16-24drv.spi
[2010/08/19 19:48:33 | 000,179,651 | ---- | C] () -- C:\Users\Laydenka\Documents\pinfect.zip
[2010/08/19 16:48:04 | 016,536,320 | ---- | C] () -- C:\Windows\REGBK00.ZIP
[2010/08/19 16:42:40 | 000,003,704 | ---- | C] () -- C:\Users\Laydenka\Documents\cc_20100819_164227.reg
[2010/08/19 16:40:08 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2010/08/19 16:38:57 | 000,000,522 | ---- | C] () -- C:\Windows\SysWow64\Microsoft.VC80.CRT.manifest
[2010/08/05 21:20:39 | 000,000,565 | ---- | C] () -- C:\Users\Laydenka\AppData\Roaming\myMPQ.ini
[2010/08/02 15:40:05 | 000,001,612 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010/07/22 16:03:56 | 000,002,555 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/06/19 19:51:06 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\libmySQL.dll
[2010/06/19 19:51:06 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\TrackerNET.dll
[2010/06/19 19:48:30 | 000,000,056 | ---- | C] () -- C:\Windows\sierra.ini
[2009/11/16 18:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll

========== LOP Check ==========

[2010/09/18 00:19:50 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\AIMP
[2010/08/12 21:00:17 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\AnvSoft
[2010/06/19 18:00:01 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Ashampoo
[2010/06/24 11:28:52 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\AutoHideIP
[2010/06/19 19:46:18 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\DAEMON Tools Lite
[2010/06/26 11:26:07 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Facebook
[2010/06/22 16:19:54 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\GHISLER
[2010/08/19 16:50:04 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\ICQ
[2010/08/04 15:16:45 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\LANGMaster
[2010/06/26 20:13:50 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Leadertech
[2010/07/03 11:38:37 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Need for Speed World
[2010/06/26 17:39:25 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Thunderbird
[2010/09/18 10:19:20 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\uTorrent
[2010/06/22 13:59:10 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\VitySoft
[2010/07/14 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\VSO
[2010/08/18 15:06:02 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Laydee · #35 Příspěvek od **Laydee** » 18 zář 2010 11:23

OTL Extras logfile created on: 9/18/2010 10:19:00 AM - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Laydenka\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 70.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 2.09 Gb Free Space | 1.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAYDENKA-NB
Current User Name: Laydenka
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{397878FC-1B1B-EED7-04A8-3184CE494A3B}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C1A128BD-CDCA-4111-B812-DC4D7C10F305}" = Windows Live Zabezpečení rodiny
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"SMSERIAL" = Motorola SM56 Speakerphone Modem

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.2 Build #3129 Banner Remover 1.0
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM)
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FDD487C-A777-4BB5-BD23-56BECE1FF099}" = Windows Live Movie Maker
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F69C969-2942-4E7B-B594-75B37664B8BA}" = NVIDIA System Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1" = VSO Image Resizer 4.0.0.36
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D6A1D7F6-79CB-4159-AF03-F21F28080B97}" = Windows Live Toolbar
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"Any Video Converter Professional_is1" = Any Video Converter Professional 3.0.1
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1
"ASIO4ALL" = ASIO4ALL
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Combat Arms EU" = Combat Arms EU
"CrystalDiskInfo_is1" = CrystalDiskInfo 3.6.0
"EA Download Manager" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"FL Studio 9" = FL Studio 9
"FreeKiSS_is1" = FreeKiSS
"Half-Life" = Half-Life
"Hardcore" = Hardcore
"HLSW_is1" = HLSW v1.0.0.44
"IL Download Manager" = IL Download Manager
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM)
"InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"Landi 2003 - jazykový kurz" = Landi 2003 - jazykový kurz
"LANGMaster eduExplorer" = LANGMaster eduExplorer
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Mozilla Firefox (4.0b4)" = Mozilla Firefox (4.0b4)
"Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6)
"PoiZone" = PoiZone
"QIP Infium JadrisPack 3.3.0" = QIP Infium JadrisPack 3.3.0
"QIP Infium JadrisPack 4.1.0" = QIP Infium JadrisPack 4.1.0
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"RocketDock_is1" = RocketDock 1.3.5
"Sawer" = Sawer
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/18/2010 12:52:29 PM | Computer Name = Laydenka-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce korenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybe: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/19/2010 10:18:52 AM | Computer Name = Laydenka-NB | Source = VSS | ID = 4001
Description =

Error - 8/19/2010 10:18:52 AM | Computer Name = Laydenka-NB | Source = System Restore | ID = 8193
Description =

Error - 8/19/2010 10:39:28 AM | Computer Name = Laydenka-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce korenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybe: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/19/2010 10:39:28 AM | Computer Name = Laydenka-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce korenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybe: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/19/2010 10:50:01 AM | Computer Name = Laydenka-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce korenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybe: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/19/2010 10:50:02 AM | Computer Name = Laydenka-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce korenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybe: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/20/2010 10:21:12 AM | Computer Name = Laydenka-NB | Source = Application Error | ID = 1000
Description = Název chybující aplikace: burningstudio10.exe, verze: 10.0.1.55, casové
razítko: 0x4bfd2365 Název chybujícího modulu: acdw.dll, verze: 2.0.0.0, casové razítko:
0x4bfd1d14 Kód výjimky: 0xc0000005 Posun chyby: 0x000fc1b1 ID chybujícího procesu:
0xb70 Cas spuštení chybující aplikace: 0x01cb407227a88cb0 Cesta k chybující aplikaci:
C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\burningstudio10.exe Cesta
k chybujícímu modulu: C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\acdw.dll
ID
zprávy: 2e9fea30-ac66-11df-98d9-001bfc0bf5af

Error - 8/20/2010 10:22:45 AM | Computer Name = Laydenka-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce korenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybe: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/20/2010 10:22:45 AM | Computer Name = Laydenka-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce korenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybe: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

< End of report >

Laydee · #36 Příspěvek od **Laydee** » 18 zář 2010 11:30

copa je tohle? PRC - [2010/06/26 20:17:47 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

Ja asi tak tusim, ale ve spravci uloh to neni videt a je to videt az v tom process exploreru. Akorat nevim jak to odinstalovat, pac to nema zadnyho zastupce atdd. Mnooo, jsem to dala zastavit. Po restartu to zkusim vymazat v tom process exploreru

A copa ten bootkit remover?

#37 Příspěvek od **motji** » 18 zář 2010 12:19

Otestuj na www.virustotal.com
C:\Users\Laydenka\Desktop\WININQUIRY.exe
C:\F3T.BIN

Laydee · #38 Příspěvek od **Laydee** » 18 zář 2010 14:50

Po povidani s Motji na ICQ, jsme se nejak tak domluvily, ze je lepci mit 32 bitove Windows. Mam to napsat sem, ze mi Milinessi poradis co a jak

I kdyz v tom preinstalovani nevidim moc tezkeho

zalohovat, formatovat, instalovat a je to. Nebo ne?

MiliNess · #39 Příspěvek od **MiliNess** » 18 zář 2010 23:57

A nechcete s tím reinstalem ještě počkat?
Já mám raději 64 bitové verze, ale hůře se to kontroluje, jelikož pro ně není moc nástrojů.
Na druhou stranu tam některé rootkity nemají šanci vůbec a ty co mají (TDL3, Alureon, TDSS) používají mnohem primitivnější metody infiltrace.

V první řadě bych si stáhnul Autoruns http://technet.microsoft.com/en-us/sysi ... 63902.aspx
a pročesal bych programy, které se spouštějí po startu.

Pokud se vám do toho bude chtít, zítra vám napíšu postup jak nastavit nástroj "Sledování systému"
Ten vytvoří přehledný log, ze kterého mohu vyčíst spoustu věcí.

#40 Příspěvek od **motji** » 19 zář 2010 07:23

Ještě s tím formátem počkej

, mluvili jsme o tom jako teoretické možnosti

. Ty jsi mi psala, že když uděláš formát, všechno jede ok, ale jak doinstaluješ programy, začnou problémy. Takže bych viděla problém právě v nějakém programu, který může být nekompatibilní, nebo se hádat s nějakým jiným.
Vyzkoušej počítač v nouzovém režimu, jestli jsou v něm také problémy.

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
IE - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1270311530-2584071053-1987869603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

MiliNess · #41 Příspěvek od **MiliNess** » 19 zář 2010 22:51

Tak to sledování systému:
Spustit->napište perfmon.msc a odentrujte->Sady kolekcí dat->klik pravým myšítkem na Definované uživatelem->Nová položka->Sada kolekcí dat->Vytvořit ručně->Další->zaškrtnout Čítač výkonu->Další->Ukázkový interval nastavit na 1 sekunda->Přidat->v horním okně Dostupné čítače rozbalte Proces a označte %času procesoru->
v Instance vybraného objektu označte všechny procesy v seznamu (klikněte na první proces který je pod <Všechny instance> držte stisknutý shift a kurzorovou klávesou "šipka dolů" je všechny označte)->pak stiskněte Přidat->v horním okně rozbalte Procesor a označte %času DPC, %času přerušení a %času procesoru v dolním okně označte <všechny instance> ->stiskněte Přidat->OK->Další->Další->Spustit tuto sadu kolekcí nyní->Dokončit
V pravém okně byste měla vidět Nová sada kolekcí dat a stav Spuštěno. (pokud to nebude spuštěno, klikněte tam pravým myšítkem a zvolte Spustit)
V levém okně rozbalte Systém->klikněte pravým myšítkem na System Performance a zvolte Spustit.
Nechte to běžet tak 30min a pak Nová sada kolekcí dat i System Performance zastavte.

Vlezte do složky C:\PerfLogs která se vám vytvoří a proklikejte se k souboru DataCollector01.blg v podsložce Admin a někam si ho překopírujte.
Pak se proklikejte k souborům ve složce System a také si je někam překopírujte.
Pak je všechny zabalte a upněte na http://www.leteckaposta.cz

Laydee · #42 Příspěvek od **Laydee** » 21 zář 2010 14:19

Taaaaaak, sledovani systemu spusteno

) za par minutek dodam soubory. Hm, tak nez sem to sepsala, tak uz sledovani systemu je vypnuto a soubory tuuuu http://leteckaposta.cz/648552293

Motjiiii, nevim jestli to ja, nebo to samo, alee ten OTL se ani nerestartoval

ono se to cely seklo a dal nic. Zadny log atdd. Mnoo, po znovu zapnuti jsem zjistila, ze mam na nekterych slozkach zamek a nemuzu se tam vlastne dostat do tech slozek. Napriklad: $Recycle.Bin, Documents and Settings, Config.Msi, MSOCache, Recovery, System Volume Information. Nevim jestli jsem to prave neudelala ja nebo to OTL. Nevim jak to mam vratit zpatky

Ukazka http://img440.imageshack.us/img440/5222/zamek.png.
Dalsi vec co se nakym zpusobem pokazila a ted koukam, ze to zase funguje normalne, takze bez obrazku. Kdyz jsem klikla na neco v prohlizeci pravym tlacitkem, tak mi vyjela hoodne velka nabidka, co s tym chci delat. Priklad : jsem oznacila treba kousek textu a pri otevriti nabidky kde je normalne cca. 10 polozek, tak jich tam bylo asi 30

vcetne ulozit jako audio, video atdd. Ted to funguje dobre zase.
Tak prece je to pokazene viz obrazek :http://img96.imageshack.us/img96/6687/tralalaa.jpg
Dalsi vec jeee, ze se mi pres FF neslo sem na forum prihlasit. Prihlasit jde, ale nasledne se sam od sebe odhlasi tajne

Takze vam pisu pres Chrome.
A ted to nejzajimavejsi:
z nejakeho nepochopitelneho duvodu po tom restartu tvrdem po OTL, ten windows byl dobry tak na reinstall. Jsem uz premyslela, ze cely notasek pujdu utopit do more

Jsem ho ve vzteku restartovala s myslenkou ze ho utopim a co se nestalo. Cely windows zacal pracovat jak Svycarske hodinky = zadny vyrazny sekani a vsechno funguje zhruba tak jak bych si to asi predstavovala.

To sou mi veci.

#43 Příspěvek od **motji** » 21 zář 2010 16:02

Ten Tvůj notásek je samá záhada

.
Zkus si promazat cookies, třeba přes CCleaner. Pak by Ti mělo jít přihlásit se přes FF.

Ty složky se zámečkem jsu normálně skryté složky, OTL je odkryl, pak to dáme do pořádku

Poprosím Tě o nový log ze Rsitu.

Laydee · #44 Příspěvek od **Laydee** » 21 zář 2010 16:39

Mi povidej

nevim co si o tom myslet uz

tady je log

Logfile of random's system information tool 1.08 (written by random/random)
Run by Laydenka at 2010-09-21 17:38:45
Microsoft Windows 7 Ultimate
System drive C: has 2 GB (1%) free of 153 GB
Total RAM: 2047 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:38:50 PM, on 9/21/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Laydenka\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AIMP2\AIMP2.exe
C:\Users\Laydenka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laydenka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Laydenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe resetprofile
O4 - HKCU\..\Run: [Google Update] "C:\Users\Laydenka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8545 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000005c4
\??\C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe" /StartService
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe" /StartService
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
WLIDSvcM.exe 2268
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Users\Laydenka\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\AIMP2\AIMP2.exe"
"C:\Users\Laydenka\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Laydenka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_0/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_done/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=4912.065C2900.1106976106 /prefetch:3
"C:\Users\Laydenka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270311530-2584071053-1987869603-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270311530-2584071053-1987869603-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-06 82464]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-06 15960096]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-10-26 1702400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"NVIDIA nTune"=C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe [2008-08-18 145408]
"Google Update"=C:\Users\Laydenka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-19 136176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=1
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-19 13:45:20 ----D---- C:\_OTL
2010-09-17 14:43:50 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2010-09-16 22:12:38 ----A---- C:\Windows\ntbtlog.txt
2010-09-16 18:47:48 ----A---- C:\Windows\SYSWOW64\pi_data.txt
2010-09-16 18:47:29 ----A---- C:\Windows\SYSWOW64\pi_rec.txt
2010-09-16 17:27:19 ----A---- C:\Windows\system32\msvcr71.dll
2010-09-16 17:27:19 ----A---- C:\Windows\system32\msvcp71.dll
2010-09-16 17:27:18 ----A---- C:\Windows\system32\MFC71.dll
2010-09-16 17:26:55 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-09-16 17:24:52 ----A---- C:\Windows\system32\NVUNINST.EXE
2010-09-16 16:44:20 ----D---- C:\Program Files (x86)\Lavalys
2010-09-15 21:42:54 ----D---- C:\dell
2010-08-25 06:42:34 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-08-25 06:42:34 ----A---- C:\Windows\system32\oleaut32.dll

======List of files/folders modified in the last 1 months======

2010-09-21 17:38:48 ----D---- C:\Program Files\trend micro
2010-09-21 17:38:47 ----D---- C:\Windows\Temp
2010-09-21 16:00:03 ----D---- C:\Program Files (x86)\Steam
2010-09-21 15:48:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-09-21 15:10:42 ----D---- C:\PerfLogs
2010-09-21 13:51:57 ----D---- C:\Users\Laydenka\AppData\Roaming\ICQ
2010-09-21 10:32:43 ----D---- C:\Users\Laydenka\AppData\Roaming\AIMP
2010-09-21 09:24:40 ----D---- C:\Windows\system32\config
2010-09-19 21:15:30 ----D---- C:\Windows\Prefetch
2010-09-19 20:33:00 ----D---- C:\Program Files (x86)\HLSW
2010-09-19 20:31:40 ----D---- C:\Windows\system32\catroot2
2010-09-19 19:33:28 ----D---- C:\Windows\System32
2010-09-19 19:33:28 ----D---- C:\Windows\inf
2010-09-19 19:33:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-19 19:25:31 ----D---- C:\Windows
2010-09-19 18:29:22 ----D---- C:\Windows\system32\drivers
2010-09-19 18:23:58 ----D---- C:\Windows\system32\NDF
2010-09-19 15:41:26 ----D---- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 2
2010-09-18 19:29:12 ----D---- C:\stazeno
2010-09-18 12:20:50 ----D---- C:\Users\Laydenka\AppData\Roaming\uTorrent
2010-09-18 11:09:57 ----SHD---- C:\System Volume Information
2010-09-17 15:06:14 ----D---- C:\Windows\system32\Tasks
2010-09-17 14:43:50 ----RD---- C:\Program Files (x86)
2010-09-16 19:14:39 ----HD---- C:\Config.Msi
2010-09-16 19:13:09 ----D---- C:\Windows\debug
2010-09-16 19:02:47 ----D---- C:\Windows\SYSWOW64\drivers
2010-09-16 18:58:55 ----SHD---- C:\Windows\Installer
2010-09-16 18:58:51 ----HD---- C:\ProgramData
2010-09-16 18:57:30 ----D---- C:\Program Files (x86)\CCleaner
2010-09-16 18:48:21 ----D---- C:\Windows\SysWOW64
2010-09-16 18:01:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-09-16 17:24:31 ----D---- C:\NVIDIA
2010-09-15 21:51:22 ----D---- C:\Windows\Downloaded Program Files
2010-09-02 00:37:25 ----D---- C:\Program Files (x86)\QIP Infium PafoPack 9040
2010-08-31 07:19:12 ----A---- C:\Windows\system32\iertutil.dll
2010-08-31 06:32:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-08-28 04:49:25 ----D---- C:\Windows\system32\drivers\etc
2010-08-26 21:45:13 ----D---- C:\Windows\twain_32
2010-08-25 06:46:57 ----D---- C:\Windows\AppPatch
2010-08-22 19:21:23 ----D---- C:\Program Files (x86)\Windows Doctor

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-19 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-02 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 81072]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 47632]
R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\Windows\nvflsh64.sys [2008-08-01 40480]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 24064]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclk64.sys [2008-08-18 40480]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 109056]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-10-26 1202688]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 cpuz132;cpuz132; \??\C:\Users\Laydenka\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 61288]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nTuneService;Performance Service; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [2008-08-18 222208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-06 364064]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-06-26 66872]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 UpdateCenterService;Update Center Service; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [2008-08-01 158208]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-25 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Služba Windows Live Zabezpecení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-06-19 395048]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736]

-----------------EOF-----------------

#45 Příspěvek od **motji** » 21 zář 2010 16:47

Ještě znovu spustte OTL, klikněte na tlačítko vyčisti, uklidí po sobě

A ted mi nahlas, co Ti tedy ještě nejde

VIRY.CZ

prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka