prosím o kontrolu logu

Zpráva

buro_Nz · #1 Příspěvek od **buro_Nz** » 02 úno 2011 19:20

PC sami zdá že je občas spomalený

Logfile of random's system information tool 1.08 (written by random/random)
Run by BuRo at 2011-02-02 19:16:30
Microsoft Windows 7 Ultimate
System drive C: has 33 GB (14%) free of 238 GB
Total RAM: 4095 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:16:32, on 2. 2. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files (x86)\EXPERTool\TBPANEL.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\A4tech\Amoumain.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\ASUS Xonar DS Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\BuRo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {725C3B01-3D43-0A54-13EA-44FD47110999} - C:\Windows\SysWow64\nvcuuvenc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSIAfterburner] "C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Realtek HD Audio Manager - odkaz.lnk = C:\Windows\system32\RTSnMg64.cpl
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Smart-X7 7.80.Lnk = C:\Program Files\A4tech\Amoumain.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11206 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe"
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Windows\system\HsMgr64.exe" Envoke
"C:\Program Files (x86)\EXPERTool\TBPANEL.exe" /A
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"taskhost.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe" /StartService
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\A4tech\Amoumain.exe"
"C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\ASUS Xonar DS Audio\Customapp\ASUSAUDIOCENTER.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\Stardock\ObjectDock\Dock64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" -s
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\plugin-container.exe" --channel=1120.8cb74e0.1618471488 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 1120 plugin \\.\pipe\gecko-crash-server-pipe.1120
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\BuRo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\At1.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{725C3B01-3D43-0A54-13EA-44FD47110999}]
Groove GFS Browser Helper - C:\Windows\SysWow64\nvcuuvenc.dll [2010-06-08 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-02-18 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-01-20 8866120]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"=C:\Program Files (x86)\EXPERTool\TBPanel.exe [2009-03-17 2181672]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2011-01-20 395640]
"NVIDIA nTune"=C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-07-03 98304]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2009-01-29 23975720]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\BuRo\AppData\Roaming\QipGuard\QipGuard.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\qttask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2010-11-16 422912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk]
C:\PROGRA~2\ArcSoft\TotalMedia Theatre 5\TotalMedia Server\TM Server.exe [2010-11-10 519744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^BuRo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"MSIAfterburner"=C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe [2010-06-07 44344]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Smart-X7 7.80.Lnk - C:\Program Files\A4tech\Amoumain.exe

C:\Users\BuRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Realtek HD Audio Manager - odkaz.lnk -
Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-02 19:16:30 ----D---- C:\rsit
2011-01-19 14:32:49 ----D---- C:\Users\BuRo\AppData\Roaming\Rovio
2011-01-12 14:24:01 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-01-12 14:24:01 ----A---- C:\Windows\system32\odbc32.dll
2011-01-07 13:48:01 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-01-07 13:48:01 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-01-07 13:48:01 ----A---- C:\Windows\SYSWOW64\java.exe

======List of files/folders modified in the last 1 months======

2011-02-02 19:16:32 ----D---- C:\Windows\Prefetch
2011-02-02 19:16:31 ----D---- C:\Program Files\trend micro
2011-02-02 19:16:30 ----D---- C:\Windows\Temp
2011-02-02 19:16:27 ----D---- C:\Users\BuRo\AppData\Roaming\uTorrent
2011-02-02 19:08:14 ----D---- C:\Users\BuRo\AppData\Roaming\Skype
2011-02-02 15:20:43 ----D---- C:\Windows\system32\config
2011-02-02 14:20:34 ----D---- C:\ProgramData\NVIDIA
2011-02-02 14:20:14 ----D---- C:\Windows
2011-02-01 23:44:13 ----SHD---- C:\System Volume Information
2011-02-01 20:58:18 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-02-01 20:58:17 ----D---- C:\Windows\Minidump
2011-02-01 20:58:17 ----D---- C:\Windows\debug
2011-01-31 16:05:42 ----D---- C:\Users\BuRo\AppData\Roaming\skypePM
2011-01-30 13:13:42 ----D---- C:\Program Files (x86)\Warcraft III
2011-01-20 15:56:54 ----D---- C:\Program Files (x86)\uTorrent
2011-01-16 09:57:20 ----D---- C:\Windows\system32\catroot2
2011-01-16 06:52:43 ----D---- C:\Program Files (x86)\MSI Afterburner
2011-01-15 14:16:21 ----D---- C:\Program Files (x86)\WOW
2011-01-13 13:33:29 ----D---- C:\ProgramData\COMODO
2011-01-13 13:25:46 ----D---- C:\Windows\System32
2011-01-13 13:25:45 ----D---- C:\Windows\SysWOW64
2011-01-12 23:57:51 ----A---- C:\Windows\system32\MRT.exe
2011-01-12 23:57:37 ----D---- C:\Windows\winsxs
2011-01-12 18:36:08 ----A---- C:\Windows\SYSWOW64\guard32.dll
2011-01-12 18:36:08 ----A---- C:\Windows\system32\guard64.dll
2011-01-12 14:23:40 ----HD---- C:\ProgramData
2011-01-12 14:23:10 ----D---- C:\Windows\system32\catroot
2011-01-11 21:29:40 ----D---- C:\Windows\inf
2011-01-11 21:29:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-07 13:48:21 ----SHD---- C:\Windows\Installer
2011-01-07 13:48:21 ----HD---- C:\Config.Msi
2011-01-07 13:47:57 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-30 503352]
R1 Amfilter;Compatible Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfltx64.sys [2007-10-15 12288]
R1 ArcSec;ArcSec; C:\Windows\system32\drivers\ArcSec.sys [2010-09-21 312184]
R1 archlp;archlp; C:\Windows\system32\drivers\archlp.sys [2010-01-12 142848]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-01-12 250008]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-01-12 39888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-01-12 89840]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2010-08-05 202960]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2010-08-05 53968]
R2 6077757b;6077757b; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
R3 Amusbprt;USB HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbx64.sys [2008-02-13 17920]
R3 Cardex;Cardex; \??\C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [2007-03-16 15648]
R3 cmudaxp;ASUS Xonar DS Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2010-09-16 1266688]
R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclk64.sys [2007-07-03 17952]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2010-06-07 14648]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-07-23 34032]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2010-08-05 164240]
S2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys []
S3 DCamUSBET;ET USB 2710 Camera; C:\Windows\system32\DRIVERS\etDevice64.sys [2007-07-23 527744]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Users\BuRo\DaViDs-DoKuMeNtY\app\Everest\kerneld.amd64 [2009-05-31 25728]
S3 FiltUSBET;ET USB Device Lower Filter; C:\Windows\system32\DRIVERS\etFilter64.sys [2007-06-14 281088]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-07-23 13352]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\plugins\UI\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-07-23 27176]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-12-15 33344]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-06-13 1474072]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-02-26 12288]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-02-26 173056]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ScanUSBET;ET USB Still Image Capture Device; C:\Windows\system32\DRIVERS\etScan64.sys [2007-07-23 9216]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 UCOREW64;UCOREW64; \??\C:\Users\BuRo\Desktop\Bios\FlashUty\NB\AFUWIN\UCOREW64.SYS []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2010-01-21 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2010-01-21 27648]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2010-01-21 33280]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-08-05 144720]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2010-06-14 4608]
S3 WinUsb;Sony Ericsson USB Device sa0101 Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-01-20 2466032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nTuneService;nTune Service; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [2007-07-03 179712]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-07 159336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-08-25 75064]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-07 240232]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-06 136176]
S2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2010-08-10 840960]
S2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-27 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-27 655624]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-09-29 616448]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2010-08-10 506112]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 02 úno 2011 22:02

Zdravim a pekny den preji

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

buro_Nz · #3 Příspěvek od **buro_Nz** » 03 úno 2011 16:12

Dobrý deň prajem
Aplikáciu mám po anglicky, všetky body som splnil, ale neviem si rady, vy ste napísali mám kliknúť na tlačítko prehľadať, nuž ja tu mám "run scan,run fix, quick scan" na ktoré z týchto možností mám kliknúť ?

#4 Příspěvek od **vyosek** » 03 úno 2011 19:02

Omlouvam se, na lokalizaci do SK pracujem - autor slibil brezen ci duben ze ji zakomponuje

Dejte Run Scan

buro_Nz · #5 Příspěvek od **buro_Nz** » 03 úno 2011 19:28

Tu je OLT
OTL logfile created on: 3. 2. 2011 19:09:10 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\BuRo\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 32,30 Gb Free Space | 13,87% Space Free | Partition Type: NTFS
Drive F: | 47,17 Gb Total Space | 4,83 Gb Free Space | 10,23% Space Free | Partition Type: NTFS
Drive G: | 27,35 Gb Total Space | 4,10 Gb Free Space | 15,01% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 636,50 Gb Free Space | 68,33% Space Free | Partition Type: NTFS

Computer Name: BURO-PC | User Name: BuRo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011/02/03 16:03:36 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\BuRo\Desktop\OTL.exe
PRC - [2011/01/20 13:48:29 | 000,395,640 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010/12/12 17:22:34 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/12 17:22:34 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/07 11:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010/10/01 16:50:42 | 001,564,672 | ---- | M] (CMedia) -- C:\Program Files\ASUS Xonar DS Audio\Customapp\AsusAudioCenter.exe
PRC - [2010/09/15 01:01:34 | 006,384,640 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/08/25 13:57:38 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/06/07 16:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/06/07 04:56:14 | 000,113,976 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
PRC - [2010/06/07 04:56:06 | 000,347,448 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2010/02/19 16:00:24 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
PRC - [2009/05/15 06:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/03/17 16:24:22 | 002,181,672 | ---- | M] (Gainward Co.) -- C:\Program Files (x86)\EXPERTool\TBPANEL.exe
PRC - [2008/07/11 14:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe
PRC - [2008/03/03 22:54:30 | 000,196,608 | ---- | M] () -- C:\Program Files\A4tech\Amoumain.exe
PRC - [2007/04/30 18:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe

========== Modules (SafeList) ==========

MOD - [2011/02/03 16:03:36 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\BuRo\Desktop\OTL.exe
MOD - [2011/01/12 18:36:08 | 000,285,480 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2010/09/17 12:52:56 | 000,217,088 | ---- | M] (C-Media Electronics Inc.) -- C:\Windows\SysWOW64\HsSrv.dll
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010/05/16 05:40:16 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
MOD - [2009/07/14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2007/04/30 18:18:50 | 000,112,400 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\DockShellHook.dll
MOD - [2007/04/06 12:38:52 | 000,032,768 | ---- | M] () -- C:\Windows\SysWOW64\Amhooker.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/01/20 13:28:36 | 002,466,032 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2010/10/27 16:19:03 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/08/10 10:51:02 | 000,840,960 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV:64bit: - [2010/08/10 10:50:45 | 000,506,112 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\SysNative\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/11/12 15:44:18 | 000,034,560 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/12/07 11:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/10/27 16:18:56 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/10/26 16:05:24 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010/09/29 08:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/08/25 13:57:38 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/06/07 16:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/02/19 16:00:24 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS)
SRV - [2009/09/20 10:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/15 06:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/11/12 15:44:18 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2007/07/03 11:37:40 | 000,179,712 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/09/30 14:49:24 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/09/21 09:07:08 | 000,312,184 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcSec.sys -- (ArcSec)
DRV:64bit: - [2010/09/16 10:41:12 | 001,266,688 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)
DRV:64bit: - [2010/09/07 15:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/08/05 13:02:56 | 000,144,720 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2010/07/23 16:21:43 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2010/07/23 16:21:20 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2010/07/23 16:21:20 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2010/07/09 13:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/06/14 11:17:04 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vncmirror.sys -- (vncmirror)
DRV:64bit: - [2010/02/26 13:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010/02/26 13:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010/02/26 13:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010/02/26 13:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010/02/26 13:21:22 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010/02/26 13:21:20 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010/01/21 01:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2010/01/21 01:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2010/01/21 01:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2010/01/12 15:19:10 | 000,142,848 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcHlp.sys -- (archlp)
DRV:64bit: - [2009/12/15 21:33:26 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/06/20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/02/13 16:20:16 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt)
DRV:64bit: - [2007/10/15 11:37:22 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter)
DRV:64bit: - [2007/07/23 22:00:18 | 000,009,216 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\etScan64.sys -- (ScanUSBET)
DRV:64bit: - [2007/07/23 21:59:12 | 000,527,744 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\etDevice64.sys -- (DCamUSBET)
DRV:64bit: - [2007/06/14 17:11:12 | 000,281,088 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\etFilter64.sys -- (FiltUSBET)
DRV:64bit: - [2007/04/17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2007/04/17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (6077757b)
DRV:64bit: - [2005/03/29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010/06/07 04:56:10 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009/05/31 15:07:12 | 000,025,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\BuRo\DaViDs-DoKuMeNtY\app\Everest\kerneld.amd64 -- (EverestDriver)
DRV - [2007/07/03 11:33:12 | 000,017,952 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\Windows\nvoclk64.sys -- (NVR0Dev)
DRV - [2007/03/16 09:11:20 | 000,015,648 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys -- (Cardex)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 15 1B 02 EE 66 A2 CA 01 [binary data]
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/firefox"
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {54BB9F3F-07E5-486c-9B39-C7398B99391C}:3.1.2009110201
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m ... e=UTF-8&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/10/25 00:58:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 17:22:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/12 17:22:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2009/10/24 14:18:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BuRo\AppData\Roaming\mozilla\Extensions
[2011/02/03 17:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions
[2010/04/27 16:59:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/19 12:56:01 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010/03/04 00:44:17 | 000,000,000 | ---D | M] (Linkification) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010/03/04 11:47:58 | 000,000,000 | ---D | M] ("Text Link") -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}
[2009/10/24 14:18:16 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}(2)
[2010/10/15 05:59:31 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/10/24 14:18:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2009/10/24 14:18:16 | 000,000,000 | ---D | M] (PicLens) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\piclens@cooliris(2).com
[2009/10/24 14:18:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\piclens@cooliris.com-trash
[2011/01/29 05:32:39 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-2.xml
[2008/09/25 18:54:28 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-3.xml
[2008/09/28 08:33:50 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-4.xml
[2008/11/15 04:55:18 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-5.xml
[2008/12/17 14:26:38 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-6.xml
[2008/12/18 19:34:34 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-7.xml
[2008/11/18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin.xml
[2009/10/25 22:20:10 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/12/01 22:08:48 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/04/10 16:41:41 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010/05/06 13:42:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/27 13:15:07 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/07 13:48:02 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

O1 HOSTS File: ([2010/04/14 13:27:44 | 000,001,052 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Groove GFS Browser Helper) - {725C3B01-3D43-0A54-13EA-44FD47110999} - C:\Windows\SysWOW64\nvcuuvenc.dll ()
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [Cmaudio8788] C:\Windows\Syswow64\cmicnfgp.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe ()
O4:64bit: - HKLM..\Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe ()
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MSIAfterburner] C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-310661712-217614850-3862975745-1001..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)
O4 - HKU\S-1-5-21-310661712-217614850-3862975745-1001..\Run: [NVIDIA nTune] C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKU\S-1-5-21-310661712-217614850-3862975745-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\BuRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realtek HD Audio Manager - odkaz.lnk = File not found
O4 - Startup: C:\Users\BuRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2512289f-9596-11df-b2d1-00235404d864}\Shell - "" = AutoRun
O33 - MountPoints2\{2512289f-9596-11df-b2d1-00235404d864}\Shell\AutoRun\command - "" = D:\Startme.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.I420 - File not found
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011/02/03 16:03:32 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\BuRo\Desktop\OTL.exe
[2011/02/02 19:16:30 | 000,000,000 | ---D | C] -- C:\rsit
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011/02/03 19:00:00 | 000,000,496 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2011/02/03 18:49:00 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/03 16:03:36 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\BuRo\Desktop\OTL.exe
[2011/02/03 15:25:40 | 000,021,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/03 15:25:40 | 000,021,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/03 15:20:22 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/03 15:19:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/03 15:19:54 | 3220,475,904 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/02 22:57:05 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/02/02 19:16:07 | 000,832,273 | ---- | M] () -- C:\Users\BuRo\Desktop\RSITx64.exe
[2011/02/01 21:05:58 | 000,005,456 | ---- | M] () -- C:\Users\BuRo\Desktop\cc_20110201_210555.reg
[2011/01/31 16:54:08 | 000,028,749 | ---- | M] () -- C:\Users\BuRo\Desktop\26-29.docx
[2011/01/31 16:53:33 | 000,041,794 | ---- | M] () -- C:\Users\BuRo\Desktop\21-25sjl.docx
[2011/01/31 16:52:43 | 000,033,292 | ---- | M] () -- C:\Users\BuRo\Desktop\16-20.docx
[2011/01/31 16:52:05 | 000,025,910 | ---- | M] () -- C:\Users\BuRo\Desktop\11-15sjl.docx
[2011/01/31 16:50:13 | 000,023,748 | ---- | M] () -- C:\Users\BuRo\Desktop\6-10sjl.docx
[2011/01/31 16:49:41 | 000,032,094 | ---- | M] () -- C:\Users\BuRo\Desktop\1-5 sjl.docx
[2011/01/30 17:48:14 | 000,056,142 | ---- | M] () -- C:\Users\BuRo\Desktop\Family-Guy-It-s-a-Trap-(0000166577).srt
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/02 19:16:06 | 000,832,273 | ---- | C] () -- C:\Users\BuRo\Desktop\RSITx64.exe
[2011/02/01 21:05:57 | 000,005,456 | ---- | C] () -- C:\Users\BuRo\Desktop\cc_20110201_210555.reg
[2011/01/31 16:54:08 | 000,028,749 | ---- | C] () -- C:\Users\BuRo\Desktop\26-29.docx
[2011/01/31 16:53:33 | 000,041,794 | ---- | C] () -- C:\Users\BuRo\Desktop\21-25sjl.docx
[2011/01/31 16:52:43 | 000,033,292 | ---- | C] () -- C:\Users\BuRo\Desktop\16-20.docx
[2011/01/31 16:50:54 | 000,025,910 | ---- | C] () -- C:\Users\BuRo\Desktop\11-15sjl.docx
[2011/01/31 16:50:13 | 000,023,748 | ---- | C] () -- C:\Users\BuRo\Desktop\6-10sjl.docx
[2011/01/31 16:49:40 | 000,032,094 | ---- | C] () -- C:\Users\BuRo\Desktop\1-5 sjl.docx
[2011/01/30 17:48:14 | 000,056,142 | ---- | C] () -- C:\Users\BuRo\Desktop\Family-Guy-It-s-a-Trap-(0000166577).srt
[2010/12/07 20:45:16 | 000,000,008 | RHS- | C] () -- C:\ProgramData\C588007FD7.sys
[2010/12/07 18:35:24 | 000,005,798 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/12/07 18:35:24 | 000,000,008 | RHS- | C] () -- C:\ProgramData\1EA6319402.sys
[2010/10/26 17:44:33 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2010/10/26 17:44:32 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2010/10/26 17:44:26 | 000,042,386 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2010/10/26 17:43:43 | 000,000,904 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2010/10/26 17:43:41 | 000,004,969 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2010/10/26 17:09:54 | 000,000,516 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2010/07/16 12:08:02 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\nvcuuvenc.dll
[2010/06/17 21:46:46 | 000,000,952 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2010/04/17 16:18:01 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/04/02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/12/27 13:57:33 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/12/09 15:38:15 | 000,007,599 | ---- | C] () -- C:\Users\BuRo\AppData\Local\Resmon.ResmonCfg
[2009/12/05 14:13:30 | 000,000,000 | ---- | C] () -- C:\Users\BuRo\AppData\Roaming\downloads.m3u
[2009/11/28 17:36:18 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009/11/13 00:20:14 | 000,000,208 | ---- | C] () -- C:\Users\BuRo\AppData\Roaming\default.rss
[2009/11/13 00:19:53 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/10/25 12:04:23 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\Amhooker.dll
[2009/10/25 00:55:17 | 000,000,797 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/10/25 00:26:11 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/03/17 12:09:34 | 000,007,237 | ---- | C] () -- C:\Windows\cadx2.ini
[2007/12/28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007/03/12 11:01:30 | 000,273,408 | ---- | C] () -- C:\Windows\NVGfxOgl.dll

========== LOP Check ==========

[2010/10/26 17:44:46 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\ASUS
[2009/10/25 01:25:07 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\DAEMON Tools Lite
[2010/02/04 21:11:10 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Dev-Cpp
[2009/10/25 22:11:57 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\ESET
[2009/10/25 00:38:15 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\InterVideo
[2009/10/25 20:07:29 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\LangSoft
[2010/02/01 16:26:20 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Leadertech
[2010/08/16 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\nHancer
[2010/07/23 10:52:22 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Nokia
[2010/02/12 18:30:31 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\PC Suite
[2011/01/19 14:32:49 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Rovio
[2010/11/04 23:30:42 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Sony
[2010/11/27 18:20:07 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\TeamViewer
[2009/10/25 01:41:32 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\TuneUp Software
[2010/04/14 13:27:44 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Ubisoft
[2011/02/03 19:12:28 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\uTorrent
[2011/02/03 19:00:00 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2011/02/02 22:57:05 | 000,000,330 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2010/12/22 19:44:31 | 000,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"GAINWARD" = C:\Program Files (x86)\EXPERTool\TBPanel.exe /A -- [2009/03/17 16:24:22 | 002,181,672 | ---- | M] (Gainward Co.)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" -- [2011/01/20 13:48:29 | 000,395,640 | ---- | M] (BitTorrent, Inc.)
"NVIDIA nTune" = "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear -- [2007/07/03 11:37:32 | 000,098,304 | ---- | M] (NVIDIA)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized -- [2009/01/29 14:01:36 | 023,975,720 | R--- | M] (Skype Technologies S.A.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009/07/14 02:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/10/29 13:17:30 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Adobe
[2009/10/25 00:49:54 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Apple Computer
[2010/12/24 00:02:28 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\ArcSoft
[2010/10/26 17:44:46 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\ASUS
[2010/12/07 19:11:26 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Corel
[2009/10/25 01:25:07 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\DAEMON Tools Lite
[2010/02/04 21:11:10 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Dev-Cpp
[2009/12/06 23:22:50 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Digsby
[2009/10/25 22:11:57 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\ESET
[2010/11/21 16:13:19 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Hamachi
[2009/11/24 12:29:01 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\HP
[2009/10/24 13:32:21 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Identities
[2009/10/25 00:38:15 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\InterVideo
[2009/10/25 20:07:29 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\LangSoft
[2010/02/01 16:26:20 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Leadertech
[2009/10/24 14:22:49 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Macromedia
[2009/12/19 23:57:47 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Malwarebytes
[2009/07/14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Media Center Programs
[2010/08/16 15:12:46 | 000,000,000 | --SD | M] -- C:\Users\BuRo\AppData\Roaming\Microsoft
[2009/10/24 14:18:15 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Mozilla
[2009/12/11 16:56:54 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Nero
[2010/08/16 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\nHancer
[2010/07/23 10:52:22 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Nokia
[2010/08/09 00:04:18 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\NVIDIA
[2010/02/12 18:30:31 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\PC Suite
[2011/01/19 14:32:49 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Rovio
[2010/06/03 16:40:16 | 000,000,000 | RH-D | M] -- C:\Users\BuRo\AppData\Roaming\SecuROM
[2011/02/03 18:38:16 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Skype
[2011/01/31 16:05:42 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\skypePM
[2010/11/04 23:30:42 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Sony
[2010/11/27 18:20:07 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\TeamViewer
[2009/10/25 01:41:32 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\TuneUp Software
[2010/04/14 13:27:44 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Ubisoft
[2011/02/03 19:12:28 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\uTorrent
[2009/10/24 17:17:59 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Ventrilo
[2010/10/27 13:44:40 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\Winamp
[2009/10/24 14:16:25 | 000,000,000 | ---D | M] -- C:\Users\BuRo\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010/11/04 23:28:58 | 000,010,134 | R--- | M] () -- C:\Users\BuRo\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
[2010/09/16 22:50:29 | 000,090,126 | R--- | M] () -- C:\Users\BuRo\AppData\Roaming\Microsoft\Installer\{1047B3FE-E1EB-4E03-97DE-C5037C2CE9CF}\ARPPRODUCTICON.exe
[2010/09/16 22:50:29 | 000,090,126 | R--- | M] () -- C:\Users\BuRo\AppData\Roaming\Microsoft\Installer\{1047B3FE-E1EB-4E03-97DE-C5037C2CE9CF}\NewShortcut11_68DB536614814277B3A9DA63A279DB29.exe
[2010/09/16 22:50:29 | 000,090,126 | R--- | M] () -- C:\Users\BuRo\AppData\Roaming\Microsoft\Installer\{1047B3FE-E1EB-4E03-97DE-C5037C2CE9CF}\NewShortcut1_68DB536614814277B3A9DA63A279DB29.exe

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009/07/14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009/07/14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

buro_Nz · #6 Příspěvek od **buro_Nz** » 03 úno 2011 19:29

pokračovanie, nezmestilo sa to do jedného

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009/07/14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009/07/14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< End of report >

buro_Nz · #7 Příspěvek od **buro_Nz** » 03 úno 2011 19:29

a tu je Extras
OTL Extras logfile created on: 3. 2. 2011 19:09:10 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\BuRo\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 32,30 Gb Free Space | 13,87% Space Free | Partition Type: NTFS
Drive F: | 47,17 Gb Total Space | 4,83 Gb Free Space | 10,23% Space Free | Partition Type: NTFS
Drive G: | 27,35 Gb Total Space | 4,10 Gb Free Space | 15,01% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 636,50 Gb Free Space | 68,33% Space Free | Partition Type: NTFS

Computer Name: BURO-PC | User Name: BuRo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CC95E3FF-822B-47CD-9B4D-C89536615461}" = Oracle VM VirtualBox 3.2.8
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"C-Media Oxygen HD Audio Driver" = ASUS Xonar DS Audio Driver
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Shop for HP Supplies" = Shop for HP Supplies
"WheelMouse" = Smart-X7 7.80

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1047B3FE-E1EB-4E03-97DE-C5037C2CE9CF}" = TubeHunter
"{153C7D89-9CF4-4719-A551-C5BF45236DB5}" = redist
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 23
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{38468127-9E6F-4FC9-B5F7-42D4AD437D96}" = Unigine Heaven Benchmark v2.1
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B407A54-6CF2-42B5-B419-E900B2E36972}" = 1500
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{737369DC-08E8-4787-A78C-F86943247BDF}" = LOST PLANET 2
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7f47a7b1-f3a3-47c5-aee2-93fb70aaf983}" = Nero 9 Trial
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}" = ArcSoft TotalMedia Theatre 5
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A2101ACC-DC36-42AA-A576-6FD6A8D466DA}" = 1500_Help
"{A31A5DFC-3439-48FC-99BB-5174168AE471}" = COMODO livePCsupport
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4C6B32D-5088-40AF-B74D-CDABEF144F04}" = 1500Trb
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.1 - Czech
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5F47039-9B19-4AC3-9A4A-E1CA3068E59F}" = ArcSoft TotalMedia Theatre 3
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.078
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Afterburner" = MSI Afterburner 1.6.1
"avast5" = avast! Free Antivirus
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CCleaner" = CCleaner
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Eurobattle.net1.24b" = Eurobattle.net
"EXPERTool_is1" = EXPERTool 7.3
"Fraps" = Fraps
"Garena" = Garena 2010
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"Hamachi" = Hamachi 1.0.2.5
"HijackThis" = HijackThis 2.0.2
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}" = ArcSoft TotalMedia Theatre 5
"InstallShield_{B5F47039-9B19-4AC3-9A4A-E1CA3068E59F}" = ArcSoft TotalMedia Theatre 3
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ObjectDock" = ObjectDock
"OpenAL" = OpenAL
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"Update Service" = Update Service
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19. 11. 2010 12:10:23 | Computer Name = BuRo-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Error in manifest or policy file
"" on line . A component version required by the application conflicts with another
component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error - 20. 11. 2010 9:14:54 | Computer Name = BuRo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 20. 11. 2010 9:15:04 | Computer Name = BuRo-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Error in manifest or policy file
"" on line . A component version required by the application conflicts with another
component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error - 20. 11. 2010 21:33:05 | Computer Name = BuRo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 20. 11. 2010 21:33:14 | Computer Name = BuRo-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Error in manifest or policy file
"" on line . A component version required by the application conflicts with another
component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error - 21. 11. 2010 13:31:01 | Computer Name = BuRo-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: Skype.exe, verzia: 4.2.0.187, časová značka:
0x4c7f99c9 Názov chybového modulu: Skype.exe, verzia: 4.2.0.187, časová značka:
0x4c7f99c9 Kód výnimky: 0xc000000d Odstup chyby: 0x00694f3b Identifikácia chybného
procesu: 0x9e4 Čas spustenia chybnej aplikácie: 0x01cb899fb9a83691 Cesta chybnej aplikácie:
C:\Program Files (x86)\Skype\Phone\Skype.exe Cesta chybného modulu: C:\Program Files
(x86)\Skype\Phone\Skype.exe Identifikácia hlásenia: 1b3946c4-f595-11df-b14f-00235404d864

Error - 21. 11. 2010 13:41:38 | Computer Name = BuRo-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: Skype.exe, verzia: 4.2.0.187, časová značka:
0x4c7f99c9 Názov chybového modulu: Skype.exe, verzia: 4.2.0.187, časová značka:
0x4c7f99c9 Kód výnimky: 0xc000000d Odstup chyby: 0x00694f3b Identifikácia chybného
procesu: 0x9a0 Čas spustenia chybnej aplikácie: 0x01cb89a306da89e6 Cesta chybnej aplikácie:
C:\Program Files (x86)\Skype\Phone\Skype.exe Cesta chybného modulu: C:\Program Files
(x86)\Skype\Phone\Skype.exe Identifikácia hlásenia: 9726f826-f596-11df-89a2-00235404d864

Error - 22. 11. 2010 13:16:36 | Computer Name = BuRo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 22. 11. 2010 13:16:47 | Computer Name = BuRo-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Error in manifest or policy file
"" on line . A component version required by the application conflicts with another
component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error - 22. 11. 2010 16:14:40 | Computer Name = BuRo-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: Skype.exe, verzia: 4.2.0.187, časová značka:
0x4c7f99c9 Názov chybového modulu: Skype.exe, verzia: 4.2.0.187, časová značka:
0x4c7f99c9 Kód výnimky: 0xc000000d Odstup chyby: 0x00694f3b Identifikácia chybného
procesu: 0xd20 Čas spustenia chybnej aplikácie: 0x01cb8a571d283471 Cesta chybnej aplikácie:
C:\Program Files (x86)\Skype\Phone\Skype.exe Cesta chybného modulu: C:\Program Files
(x86)\Skype\Phone\Skype.exe Identifikácia hlásenia: 2245d8f5-f675-11df-bb6d-00235404d864

[ System Events ]
Error - 31. 1. 2011 7:12:37 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby regi zlyhalo kvôli nasledujúcej chybe: %%183

Error - 1. 2. 2011 9:16:21 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension bola ukončená s nasledujúcou chybou:
%%127

Error - 1. 2. 2011 9:16:28 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby TBPanel zlyhalo kvôli nasledujúcej chybe: %%2

Error - 1. 2. 2011 9:16:31 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby regi zlyhalo kvôli nasledujúcej chybe: %%183

Error - 2. 2. 2011 9:20:15 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension bola ukončená s nasledujúcou chybou:
%%127

Error - 2. 2. 2011 9:20:27 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby TBPanel zlyhalo kvôli nasledujúcej chybe: %%2

Error - 2. 2. 2011 9:20:32 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby regi zlyhalo kvôli nasledujúcej chybe: %%183

Error - 3. 2. 2011 10:20:03 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension bola ukončená s nasledujúcou chybou:
%%127

Error - 3. 2. 2011 10:20:15 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby TBPanel zlyhalo kvôli nasledujúcej chybe: %%2

Error - 3. 2. 2011 10:20:20 | Computer Name = BuRo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby regi zlyhalo kvôli nasledujúcej chybe: %%183

[ TuneUp Events ]
Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10. 8. 2010 5:25:44 | Computer Name = BuRo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

< End of report >

#8 Příspěvek od **vyosek** » 03 úno 2011 20:24

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

¨:otl
DRV:64bit: - [2010/09/30 14:49:24 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/09/21 09:07:08 | 000,312,184 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcSec.sys -- (ArcSec)
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 15 1B 02 EE 66 A2 CA 01 [binary data]
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q="
[2010/02/19 12:56:01 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011/01/29 05:32:39 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-2.xml
[2008/09/25 18:54:28 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-3.xml
[2008/09/28 08:33:50 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-4.xml
[2008/11/15 04:55:18 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-5.xml
[2008/12/17 14:26:38 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-6.xml
[2008/12/18 19:34:34 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-7.xml
[2008/11/18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin.xml
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\BuRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realtek HD Audio Manager - odkaz.lnk = File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{2512289f-9596-11df-b2d1-00235404d864}\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell - "" = AutoRun
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
"Skype"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"AdobeCS4ServiceManager"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-

:files
C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\At*.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Run Fix
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

buro_Nz · #9 Příspěvek od **buro_Nz** » 03 úno 2011 20:57

All processes killed
Error: Unable to interpret <¨:otl> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010/09/30 14:49:24 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010/09/21 09:07:08 | 000,312,184 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcSec.sys -- (ArcSec)> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 15 1B 02 EE 66 A2 CA 01 [binary data]> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\..\URLSearchHook: - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "QIP Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m ... e=UTF-8&q="> in the current context!
Error: Unable to interpret <[2010/02/19 12:56:01 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}> in the current context!
Error: Unable to interpret <[2011/01/29 05:32:39 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-2.xml> in the current context!
Error: Unable to interpret <[2008/09/25 18:54:28 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-3.xml> in the current context!
Error: Unable to interpret <[2008/09/28 08:33:50 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-4.xml> in the current context!
Error: Unable to interpret <[2008/11/15 04:55:18 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-5.xml> in the current context!
Error: Unable to interpret <[2008/12/17 14:26:38 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-6.xml> in the current context!
Error: Unable to interpret <[2008/12/18 19:34:34 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-7.xml> in the current context!
Error: Unable to interpret <[2008/11/18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin.xml> in the current context!
Error: Unable to interpret <O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found> in the current context!
Error: Unable to interpret <O4 - Startup: C:\Users\BuRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realtek HD Audio Manager - odkaz.lnk = File not found> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found> in the current context!
Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{2512289f-9596-11df-b2d1-00235404d864}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\H\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS4ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
========== FILES ==========
C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
C:\Windows\tasks\1-Click Maintenance.job moved successfully.
C:\Windows\tasks\At1.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP folder moved successfully.
C:\Windows\msdownld.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1874.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5229.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\Installer\MSI3E81.tmp moved successfully.
C:\Windows\Installer\MSI595E.tmp moved successfully.
C:\Windows\Installer\MSI5C5B.tmp moved successfully.
C:\Windows\Installer\MSI5E20.tmp moved successfully.
C:\Windows\Installer\MSIC6D2.tmp moved successfully.
C:\Windows\Installer\MSIC79E.tmp moved successfully.
C:\Windows\Installer\MSIC899.tmp moved successfully.
C:\Windows\Installer\MSIC916.tmp moved successfully.
C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\upd81.tmp moved successfully.
C:\Windows\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: BuRo
->Temp folder emptied: 10602 bytes
->Temporary Internet Files folder emptied: 3401506 bytes
->Java cache emptied: 52834837 bytes
->FireFox cache emptied: 151252043 bytes
->Google Chrome cache emptied: 594288 bytes
->Flash cache emptied: 5704 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25335 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 4408844 bytes

Total Files Cleaned = 203,00 mb

[EMPTYFLASH]

User: All Users

User: BuRo
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.20.6 log created on 02032011_205403

Files\Folders moved on Reboot...
C:\Users\BuRo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#10 Příspěvek od **vyosek** » 03 úno 2011 21:01

Jeste jednou a do spodniho okenka vlozte skript nize,omylem se mi tam dostal nepovoleny znak a tak cast neprobehla korektne

Opet potvrte kliknutim na Run Fix

Kód: Vybrat vše

:otl
DRV:64bit: - [2010/09/30 14:49:24 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/09/21 09:07:08 | 000,312,184 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcSec.sys -- (ArcSec)
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 15 1B 02 EE 66 A2 CA 01 [binary data]
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-310661712-217614850-3862975745-1001\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q="
[2010/02/19 12:56:01 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011/01/29 05:32:39 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-2.xml
[2008/09/25 18:54:28 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-3.xml
[2008/09/28 08:33:50 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-4.xml
[2008/11/15 04:55:18 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-5.xml
[2008/12/17 14:26:38 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-6.xml
[2008/12/18 19:34:34 | 000,000,950 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-7.xml
[2008/11/18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin.xml
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\BuRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realtek HD Audio Manager - odkaz.lnk = File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{2512289f-9596-11df-b2d1-00235404d864}\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell - "" = AutoRun
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

:commands
[EMPTYTEMP]

buro_Nz · #11 Příspěvek od **buro_Nz** » 03 úno 2011 21:13

nevadí chyby sa stávajú

hlavne je že to nemalo žiadny nežiaduci dopad

All processes killed
========== OTL ==========
Error: Unable to stop service sptd!
Unable to delete service\driver key sptd.
C:\Windows\SysNative\drivers\sptd.sys moved successfully.
Error: Unable to stop service ArcSec!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ArcSec deleted successfully.
C:\Windows\SysNative\drivers\ArcSec.sys moved successfully.
HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-310661712-217614850-3862975745-1001\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-310661712-217614850-3862975745-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-310661712-217614850-3862975745-1001\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
File C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "http://www.google.com/search?btnI=I%27m ... e=UTF-8&q=" removed from keyword.URL
C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\BuRo\AppData\Roaming\mozilla\Firefox\Profiles\bs4exu9d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\BuRo\AppData\Roaming\Mozilla\Firefox\Profiles\bs4exu9d.default\searchplugins\icqplugin.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
File C:\Users\BuRo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\BuRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realtek HD Audio Manager - odkaz.lnk moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2512289f-9596-11df-b2d1-00235404d864}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2512289f-9596-11df-b2d1-00235404d864}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: BuRo
->Temp folder emptied: 1298 bytes
->Temporary Internet Files folder emptied: 37294 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 29896307 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 909 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6461 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 29,00 mb

OTL by OldTimer - Version 3.2.20.6 log created on 02032011_210808

Files\Folders moved on Reboot...
C:\Users\BuRo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#12 Příspěvek od **vyosek** » 03 úno 2011 21:14

Jak se chova PC

buro_Nz · #13 Příspěvek od **buro_Nz** » 03 úno 2011 21:23

vyzerá to zatiaľ na úspech, pc sa mi javí o niečo lepšie. Ešte na noc pustím defragmentáciu. Ak by sa niečo zmenilo, ozvem sa.
Zatiaľ prajem príjemný zvyšok večer ďakujem Vám za pomoc.
Majte sa pekne

#14 Příspěvek od **vyosek** » 04 úno 2011 06:49

Tak jeste uklidime

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

A pokud nejsou problemy ci dotazy, je to z me strany vse

buro_Nz · #15 Příspěvek od **buro_Nz** » 05 úno 2011 16:12

Ďakujem za Váš čas a rady

Vyzerá to lepšie

Prajem príjemný deň

VIRY.CZ

prosím o kontrolu logu

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu