Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosim o kontrolu, kuju :)

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Laydee
Návštěvník
Návštěvník
Příspěvky: 167
Registrován: 19 kvě 2008 15:01

prosim o kontrolu, kuju :)

#1 Příspěvek od Laydee »

Logfile of random's system information tool 1.08 (written by random/random)
Run by Laydenka at 2011-02-07 19:39:56
Microsoft Windows 7 Ultimate
System drive C: has 12 GB (24%) free of 50 GB
Total RAM: 3839 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:40:01, on 7.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files\360Amigo\360Amigo.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\BOINC\boincmgr.exe
C:\Program Files (x86)\BOINC\boinctray.exe
C:\Program Files (x86)\BOINC\boinc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.17_windows_x86_64.exe
C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.17_windows_x86_64.exe
C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.17_windows_x86_64.exe
C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.17_windows_x86_64.exe
C:\Program Files\trend micro\Laydenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=102352&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files (x86)\BOINC\boincmgr.exe" /a /s
O4 - HKLM\..\Run: [boinctray] "C:\Program Files (x86)\BOINC\boinctray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [360Amigo] "C:\Program files\360Amigo\360Amigo.exe" -autorun
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Laydenka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8229 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
taskeng.exe {F187D667-8CAA-408A-BB93-1EE97B4B49DE}
"C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000078c
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files\360Amigo\360Amigo.exe" -autorun
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\BOINC\boincmgr.exe" /a /s
"C:\Program Files (x86)\BOINC\boinctray.exe"
"C:\Program Files (x86)\BOINC\\boinc.exe" --redirectio --launched_by_manager
\??\C:\Windows\system32\conhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4204.8dce580.422652717 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 4204 plugin \\.\pipe\gecko-crash-server-pipe.4204
C:\Windows\system32\sppsvc.exe
projects/boinc.bakerlab.org_rosetta/minirosetta_2.17_windows_x86_64.exe -run:protocol broker @flags_mem_widd_run03_centroid_A_2hac_yfsong -silent_gz -mute all -out:file:silent default.out -in:file:boinc_wu_zip input_mem_widd_run03_centroid_A_2hac_yfsong.zip -nstruct 10000 -cpu_run_time 10800 -checkpoint_interval 120 -database minirosetta_database -in::file::zip minirosetta_database.zip -boinc::watchdog -run::rng mt19937 -constant_seed -jran 2534401
projects/boinc.bakerlab.org_rosetta/minirosetta_2.17_windows_x86_64.exe -run:protocol broker @flags_mem_widd_run03_centroid_A_2k73_yfsong -silent_gz -mute all -out:file:silent default.out -in:file:boinc_wu_zip input_mem_widd_run03_centroid_A_2k73_yfsong.zip -nstruct 10000 -cpu_run_time 10800 -checkpoint_interval 120 -database minirosetta_database -in::file::zip minirosetta_database.zip -boinc::watchdog -run::rng mt19937 -constant_seed -jran 2400605
projects/boinc.bakerlab.org_rosetta/minirosetta_2.17_windows_x86_64.exe -run:protocol broker @flags_mem_widd_run03_centroid_A_1waz_yfsong -silent_gz -mute all -out:file:silent default.out -in:file:boinc_wu_zip input_mem_widd_run03_centroid_A_1waz_yfsong.zip -nstruct 10000 -cpu_run_time 10800 -checkpoint_interval 120 -database minirosetta_database -in::file::zip minirosetta_database.zip -boinc::watchdog -run::rng mt19937 -constant_seed -jran 2400531
projects/boinc.bakerlab.org_rosetta/minirosetta_2.17_windows_x86_64.exe -run:protocol broker @flags_mem_widd_run03_centroid_A_1afo_yfsong -silent_gz -mute all -out:file:silent default.out -in:file:boinc_wu_zip input_mem_widd_run03_centroid_A_1afo_yfsong.zip -nstruct 10000 -cpu_run_time 10800 -checkpoint_interval 120 -database minirosetta_database -in::file::zip minirosetta_database.zip -boinc::watchdog -run::rng mt19937 -constant_seed -jran 2521409
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Laydenka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
aTube Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}
{D4027C7F-154A-4066-A1AD-4243D8127440} - aTube Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"360Amigo"=C:\Program files\360Amigo\360Amigo.exe [2011-01-27 4003912]
"Infium"=C:\Program Files (x86)\QIP 2010\qip.exe [2011-02-01 5856640]
"Google Update"=C:\Users\Laydenka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-03 136176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-12-13 281768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
"boincmgr"=C:\Program Files (x86)\BOINC\boincmgr.exe [2010-07-01 4862720]
"boinctray"=C:\Program Files (x86)\BOINC\boinctray.exe [2010-07-01 58112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-02-07 19:39:56 ----D---- C:\rsit
2011-02-07 19:28:49 ----A---- C:\Windows\SYSWOW64\REX Shared Library.dll
2011-02-07 19:28:49 ----A---- C:\Windows\SYSWOW64\ReWire.dll
2011-02-07 19:26:39 ----D---- C:\ProgramData\Propellerhead Software
2011-02-07 19:26:38 ----D---- C:\Users\Laydenka\AppData\Roaming\Propellerhead Software
2011-02-05 17:23:13 ----D---- C:\ProgramData\BOINC
2011-02-05 17:23:13 ----D---- C:\Program Files (x86)\BOINC
2011-02-05 17:22:40 ----D---- C:\Windows\Downloaded Installations
2011-02-05 16:34:15 ----D---- C:\Program Files (x86)\Propellerhead
2011-02-05 11:34:14 ----D---- C:\ProgramData\Ableton
2011-02-05 11:34:13 ----D---- C:\Users\Laydenka\AppData\Roaming\Ableton
2011-02-05 11:10:02 ----D---- C:\Program Files (x86)\Ableton
2011-01-30 20:59:22 ----D---- C:\Users\Laydenka\AppData\Roaming\Desktopicon
2011-01-30 20:59:03 ----D---- C:\Program Files (x86)\DsNET Corp
2011-01-30 20:39:35 ----D---- C:\Users\Laydenka\AppData\Roaming\WinRAR
2011-01-30 20:39:17 ----D---- C:\Program Files\WinRAR
2011-01-30 20:22:54 ----D---- C:\Users\Laydenka\AppData\Roaming\Nitro PDF
2011-01-30 20:16:51 ----D---- C:\Program Files (x86)\Ask.com
2011-01-30 20:05:06 ----A---- C:\Windows\system32\nitrolocalui.dll
2011-01-30 20:05:06 ----A---- C:\Windows\system32\nitrolocalmon.dll
2011-01-30 20:05:03 ----D---- C:\ProgramData\Nitro PDF
2011-01-30 20:05:01 ----D---- C:\Program Files\Common Files\Nitro PDF
2011-01-30 20:05:01 ----D---- C:\Program Files (x86)\Nitro PDF
2011-01-30 19:56:27 ----D---- C:\Users\Laydenka\AppData\Roaming\OpenCandy
2011-01-27 22:44:24 ----D---- C:\Program Files\360Amigo
2011-01-24 19:34:28 ----D---- C:\Users\Laydenka\AppData\Roaming\Leadertech
2011-01-24 19:23:53 ----D---- C:\ProgramData\Apache
2011-01-24 19:21:48 ----D---- C:\Windows\SYSWOW64\directx
2011-01-21 18:10:43 ----D---- C:\Users\Laydenka\AppData\Roaming\Red Alert 3 Uprising
2011-01-21 16:37:52 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-01-21 16:37:51 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-01-21 16:37:51 ----A---- C:\Windows\SYSWOW64\pbsvc_bc2.exe
2011-01-20 17:48:06 ----D---- C:\Users\Laydenka\AppData\Roaming\Red Alert 3
2011-01-19 17:04:05 ----D---- C:\Program Files (x86)\Google
2011-01-17 16:36:31 ----D---- C:\Users\Laydenka\AppData\Roaming\Malwarebytes
2011-01-17 16:36:24 ----D---- C:\ProgramData\Malwarebytes
2011-01-17 16:36:21 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-01-17 16:34:31 ----SHD---- C:\$RECYCLE.BIN
2011-01-17 15:52:38 ----D---- C:\Windows\temp
2011-01-17 15:31:59 ----D---- C:\Program Files\trend micro
2011-01-16 18:17:18 ----D---- C:\Program Files (x86)\Mihov Picture Downloader
2011-01-16 11:43:35 ----D---- C:\ProgramData\ATI
2011-01-16 11:41:36 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-01-16 11:41:35 ----D---- C:\Program Files (x86)\ATI
2011-01-16 11:37:09 ----D---- C:\ATI
2011-01-16 11:29:41 ----D---- C:\Program Files (x86)\Lavalys
2011-01-14 23:26:30 ----D---- C:\Program Files (x86)\PokerStars.NET
2011-01-14 16:32:33 ----D---- C:\Users\Laydenka\AppData\Roaming\AIMP3
2011-01-14 16:32:26 ----D---- C:\Program Files (x86)\AIMP3
2011-01-12 19:21:55 ----D---- C:\Users\Laydenka\AppData\Roaming\BSplayer Pro
2011-01-12 19:21:55 ----D---- C:\Users\Laydenka\AppData\Roaming\BSplayer
2011-01-12 17:31:50 ----D---- C:\Program Files (x86)\ASIO4ALL v2
2011-01-12 17:31:04 ----D---- C:\Program Files (x86)\VstPlugins
2011-01-12 17:31:03 ----D---- C:\Program Files (x86)\Outsim
2011-01-12 17:30:04 ----D---- C:\Program Files (x86)\Image-Line
2011-01-12 10:13:28 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-01-12 10:13:28 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 10:13:28 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 10:13:27 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-01-12 10:13:27 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-01-12 10:13:27 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-01-12 10:13:27 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-01-12 10:13:27 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 10:13:27 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 10:13:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-01-12 10:13:27 ----A---- C:\Windows\system32\mf.dll
2011-01-12 10:13:27 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 10:13:27 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 10:13:26 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-01-12 10:13:26 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-01-12 10:13:26 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-01-12 10:13:26 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-01-12 10:13:26 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-01-12 10:13:26 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-01-12 10:13:26 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-01-12 10:13:26 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 10:13:26 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-01-12 10:13:26 ----A---- C:\Windows\system32\mfps.dll
2011-01-12 10:13:26 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 10:13:26 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 10:13:26 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 10:13:26 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 10:13:26 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-12 10:13:26 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 10:13:19 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-01-12 10:13:19 ----A---- C:\Windows\system32\odbc32.dll
2011-01-11 12:44:06 ----D---- C:\Users\Laydenka\AppData\Roaming\EuroTalk
2011-01-11 12:44:05 ----D---- C:\Program Files (x86)\EuroTalk
2011-01-10 17:03:51 ----A---- C:\Windows\iun6002.exe
2011-01-09 23:40:06 ----D---- C:\Users\Laydenka\AppData\Roaming\AnvSoft
2011-01-09 23:40:04 ----D---- C:\Program Files (x86)\AnvSoft
2011-01-08 17:14:30 ----D---- C:\Program Files (x86)\aTube Catcher

======List of files/folders modified in the last 1 months======

2011-02-07 19:40:01 ----D---- C:\Windows\Prefetch
2011-02-07 19:39:39 ----D---- C:\Windows\system32\catroot2
2011-02-07 19:39:39 ----D---- C:\Windows
2011-02-07 19:37:35 ----D---- C:\Windows\System32
2011-02-07 19:37:35 ----D---- C:\Windows\inf
2011-02-07 19:37:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-07 19:33:36 ----D---- C:\Windows\system32\config
2011-02-07 19:33:21 ----D---- C:\Program Files (x86)\QIP 2010
2011-02-07 19:31:50 ----D---- C:\Users\Laydenka\AppData\Roaming\uTorrent
2011-02-07 19:28:49 ----D---- C:\Windows\SysWOW64
2011-02-07 19:26:39 ----D---- C:\ProgramData
2011-02-07 13:54:13 ----D---- C:\Users\Laydenka\AppData\Roaming\ICQ
2011-02-05 17:23:15 ----SHD---- C:\Windows\Installer
2011-02-05 17:23:13 ----D---- C:\Program Files (x86)
2011-02-05 17:23:04 ----SHD---- C:\System Volume Information
2011-02-03 17:46:30 ----D---- C:\Program Files (x86)\Common Files
2011-02-03 11:07:33 ----D---- C:\Windows\Tasks
2011-02-03 11:07:33 ----D---- C:\Windows\system32\Tasks
2011-02-03 10:34:27 ----D---- C:\Windows\system32\drivers
2011-02-03 10:34:14 ----D---- C:\Windows\system32\DriverStore
2011-02-03 10:34:14 ----D---- C:\Windows\system32\catroot
2011-01-31 18:43:06 ----RSD---- C:\Windows\Fonts
2011-01-30 21:17:52 ----D---- C:\Users\Laydenka\AppData\Roaming\GHISLER
2011-01-30 20:39:17 ----RD---- C:\Program Files
2011-01-30 20:39:04 ----D---- C:\Program Files (x86)\WinRAR
2011-01-30 20:05:01 ----D---- C:\Program Files\Common Files
2011-01-30 19:54:38 ----D---- C:\Program Files\CCleaner
2011-01-30 19:37:51 ----D---- C:\ProgramData\Microsoft Help
2011-01-28 10:32:13 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-01-28 08:46:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-01-28 08:35:42 ----RD---- C:\Users
2011-01-25 12:09:19 ----D---- C:\Windows\system32\drivers\UMDF
2011-01-24 19:29:23 ----RSD---- C:\Windows\assembly
2011-01-24 12:05:12 ----D---- C:\Program Files (x86)\DNA
2011-01-21 18:09:04 ----D---- C:\ProgramData\Electronic Arts
2011-01-21 16:37:49 ----D---- C:\Windows\system32\LogFiles
2011-01-20 17:46:02 ----D---- C:\Windows\winsxs
2011-01-19 17:04:09 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2011-01-19 17:04:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-01-18 14:02:18 ----D---- C:\Users\Laydenka\AppData\Roaming\Winamp
2011-01-18 11:25:04 ----D---- C:\Windows\SYSWOW64\drivers
2011-01-18 11:24:21 ----D---- C:\Windows\debug
2011-01-17 16:11:27 ----A---- C:\Windows\system.ini
2011-01-17 16:10:03 ----D---- C:\Windows\AppPatch
2011-01-17 15:48:42 ----D---- C:\Windows\Downloaded Program Files
2011-01-16 15:07:10 ----D---- C:\vcs5BGEffects
2011-01-16 15:07:09 ----D---- C:\Program Files (x86)\AV Vcs 6.0 DIAMOND
2011-01-16 15:06:48 ----D---- C:\Program Files (x86)\AV Vcs 7.0 GOLD
2011-01-16 12:07:48 ----D---- C:\Windows\Microsoft.NET
2011-01-16 11:41:26 ----D---- C:\Program Files\ATI Technologies
2011-01-16 11:40:02 ----SD---- C:\Users\Laydenka\AppData\Roaming\Microsoft
2011-01-15 21:55:44 ----D---- C:\Windows\SYSWOW64\en-US
2011-01-15 21:55:44 ----D---- C:\Windows\system32\en-US
2011-01-15 21:55:42 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-01-15 20:40:15 ----D---- C:\Windows\SYSWOW64\oobe
2011-01-12 17:32:15 ----SD---- C:\ProgramData\Microsoft
2011-01-12 13:26:17 ----A---- C:\Windows\system32\MRT.exe
2011-01-08 11:12:59 ----D---- C:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-03 834544]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-12-13 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-12-13 83120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S3 a1p36mpz;a1p36mpz; C:\Windows\system32\drivers\a1p36mpz.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-12-13 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2010-12-03 341296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-21 75064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-01-11 407336]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-03 1255736]

-----------------EOF-----------------
:worship:
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: prosim o kontrolu, kuju :)

#2 Příspěvek od vyosek »

Zdravim a pekny vecer preji :)

:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Laydee
Návštěvník
Návštěvník
Příspěvky: 167
Registrován: 19 kvě 2008 15:01

Re: prosim o kontrolu, kuju :)

#3 Příspěvek od Laydee »

ahoji, mi na konci toho prohledavani vyskoci okynko cannot create file c:laydenka/desktop/cmd.bat

A logy ktery by si rad videl nikde :(
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: prosim o kontrolu, kuju :)

#4 Příspěvek od vyosek »

Aha, opet ta chyba...pouzijte tento (upraveny) skript

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Laydee
Návštěvník
Návštěvník
Příspěvky: 167
Registrován: 19 kvě 2008 15:01

Re: prosim o kontrolu, kuju :)

#5 Příspěvek od Laydee »

funguje :))

tady prikladam logy

OTL logfile created on: 8.2.2011 12:21:14 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Laydenka\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 37,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 12,31 Gb Free Space | 25,26% Space Free | Partition Type: NTFS
Drive F: | 547,33 Gb Total Space | 124,17 Gb Free Space | 22,69% Space Free | Partition Type: NTFS

Computer Name: LAYDENKA-PC | User Name: Laydenka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.02.07 22:20:05 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe
PRC - [2011.02.05 17:29:17 | 012,668,928 | ---- | M] () -- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.17_windows_x86_64.exe
PRC - [2011.02.01 11:45:22 | 005,856,640 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2010\qip.exe
PRC - [2011.01.27 22:44:24 | 004,003,912 | ---- | M] (360 Amigo) -- C:\Program Files\360Amigo\360Amigo.exe
PRC - [2011.01.21 16:37:51 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.12.13 17:40:07 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.13 17:39:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.12.13 17:39:54 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.12.07 21:23:18 | 012,584,112 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2010.12.03 20:39:33 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.12.03 20:39:33 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.07.01 13:27:06 | 004,862,720 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files (x86)\BOINC\boincmgr.exe
PRC - [2010.07.01 13:27:04 | 000,058,112 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files (x86)\BOINC\boinctray.exe
PRC - [2010.07.01 13:27:02 | 000,840,448 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files (x86)\BOINC\boinc.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (SafeList) ==========

MOD - [2011.02.07 22:20:05 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.12.03 11:09:08 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:64bit: - [2010.11.26 03:54:12 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.01.21 16:37:51 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.01.11 16:41:57 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.12.13 17:40:07 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.13 17:39:54 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.01.03 15:36:15 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.12.13 17:40:21 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010.12.13 17:40:21 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.11.26 05:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.11.26 03:16:46 | 000,289,792 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.03.22 17:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.01.28 15:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.08.23 23:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.12.26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2008.05.02 10:59:08 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2008.05.02 10:58:50 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008.05.02 10:58:48 | 000,023,552 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008.05.02 10:58:48 | 000,018,432 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm






IE - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=102352&l=dis
IE - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 53 F6 1E 9D AB CB 01 [binary data]
IE - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.28 08:44:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.01.26 22:15:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.01.28 08:44:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011.01.03 16:48:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Extensions
[2011.01.03 16:48:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.31 10:59:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Firefox\Profiles\rg8jz4d0.default\extensions
[2011.01.31 10:59:34 | 000,002,573 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Firefox\Profiles\rg8jz4d0.default\searchplugins\askcom.xml
[2011.02.07 14:53:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.01.03 19:50:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.01.03 19:50:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.26 16:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.12.03 19:08:29 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.12.03 19:08:29 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.12.03 19:08:29 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.12.03 19:08:29 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\..\Toolbar\WebBrowser: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [boincmgr] C:\Program Files (x86)\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [boinctray] C:\Program Files (x86)\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000..\Run: [360Amigo] C:\Program files\360Amigo\360Amigo.exe (360 Amigo)
O4 - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000..\Run: [Infium] C:\Program Files (x86)\QIP 2010\qip.exe (QIP)
O4 - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.02.07 22:19:59 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe
[2011.02.07 22:19:57 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe.part
[2011.02.07 22:02:02 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\Desktop\rad
[2011.02.07 22:01:28 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\Desktop\s1h1
[2011.02.07 19:50:26 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\Desktop\t2
[2011.02.07 19:39:56 | 000,000,000 | ---D | C] -- C:\rsit
[2011.02.07 19:28:49 | 000,406,528 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2011.02.07 19:28:49 | 000,338,432 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2011.02.07 19:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2011.02.07 19:26:38 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\AppData\Roaming\Propellerhead Software
[2011.02.06 17:19:57 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\Desktop\ad
[2011.02.05 17:23:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOINC
[2011.02.05 17:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\BOINC
[2011.02.05 17:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BOINC
[2011.02.05 17:22:40 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011.02.05 16:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead
[2011.02.05 16:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Propellerhead
[2011.02.05 11:34:14 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\Documents\Ableton
[2011.02.05 11:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Ableton
[2011.02.05 11:34:13 | 000,000,000 | ---D | C] -- C:\Users\Laydenka\AppData\Roaming\Ableton
[2011.02.05 11:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ableton
[2011.02.05 11:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ableton

========== Files - Modified Within 7 Days ==========

[2011.02.08 12:12:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000UA.job
[2011.02.08 11:14:46 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.08 11:14:46 | 000,631,076 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.02.08 11:14:46 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.08 11:14:46 | 000,121,716 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.02.08 11:14:46 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.08 11:12:15 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000Core.job
[2011.02.08 10:50:11 | 000,018,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.08 10:50:11 | 000,018,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.08 10:42:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.08 10:42:47 | 3019,247,616 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.07 22:31:30 | 000,001,333 | ---- | M] () -- C:\Users\Laydenka\Desktop\[CzT]Vytvoreni_vlastniho_certifikatu_a_certifikace_her_pro_Symbian.torrent
[2011.02.07 22:20:05 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe
[2011.02.07 22:20:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Laydenka\Desktop\OTL.exe.part
[2011.02.07 19:52:34 | 142,097,972 | ---- | M] () -- C:\Users\Laydenka\Desktop\s1h1.rar
[2011.02.07 19:49:06 | 196,263,739 | ---- | M] () -- C:\Users\Laydenka\Desktop\t2.rar
[2011.02.07 19:39:49 | 000,832,273 | ---- | M] () -- C:\Users\Laydenka\Desktop\RSITx64.exe
[2011.02.07 19:28:49 | 000,406,528 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2011.02.07 19:28:49 | 000,338,432 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2011.02.06 19:48:03 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2011.02.06 17:11:51 | 053,608,246 | ---- | M] () -- C:\Users\Laydenka\Desktop\Pet Duo @ Int3rno 25.12.2010 Parte 1.mp3
[2011.02.05 16:35:19 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Reason.lnk
[2011.02.05 16:31:46 | 000,484,327 | ---- | M] () -- C:\Users\Laydenka\Desktop\GodONable [neo] 2K10_010 –.ogg.asd
[2011.02.05 16:31:37 | 000,369,567 | ---- | M] () -- C:\Users\Laydenka\Desktop\2NiNe - Chemical Headache.mp3.asd
[2011.02.05 16:25:35 | 000,000,657 | ---- | M] () -- C:\Users\Laydenka\Desktop\Storage – zástupce.lnk
[2011.02.03 15:25:58 | 007,584,373 | ---- | M] () -- C:\Users\Laydenka\Desktop\2NiNe - Chemical Headache.mp3
[2011.02.03 10:34:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01005.Wdf

========== Files Created - No Company Name ==========

[2011.02.07 22:31:30 | 000,001,333 | ---- | C] () -- C:\Users\Laydenka\Desktop\[CzT]Vytvoreni_vlastniho_certifikatu_a_certifikace_her_pro_Symbian.torrent
[2011.02.07 19:50:14 | 142,097,972 | ---- | C] () -- C:\Users\Laydenka\Desktop\s1h1.rar
[2011.02.07 19:46:51 | 196,263,739 | ---- | C] () -- C:\Users\Laydenka\Desktop\t2.rar
[2011.02.07 19:39:48 | 000,832,273 | ---- | C] () -- C:\Users\Laydenka\Desktop\RSITx64.exe
[2011.02.06 19:48:03 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2011.02.06 17:11:07 | 053,608,246 | ---- | C] () -- C:\Users\Laydenka\Desktop\Pet Duo @ Int3rno 25.12.2010 Parte 1.mp3
[2011.02.05 16:35:19 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Reason.lnk
[2011.02.05 16:31:37 | 000,484,327 | ---- | C] () -- C:\Users\Laydenka\Desktop\GodONable [neo] 2K10_010 –.ogg.asd
[2011.02.05 16:31:37 | 000,369,567 | ---- | C] () -- C:\Users\Laydenka\Desktop\2NiNe - Chemical Headache.mp3.asd
[2011.02.05 16:25:35 | 000,000,657 | ---- | C] () -- C:\Users\Laydenka\Desktop\Storage – zástupce.lnk
[2011.02.03 15:25:55 | 007,584,373 | ---- | C] () -- C:\Users\Laydenka\Desktop\2NiNe - Chemical Headache.mp3
[2011.02.03 11:07:33 | 000,000,974 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000UA.job
[2011.02.03 11:07:33 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000Core.job
[2011.02.03 10:34:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01005.Wdf
[2011.01.28 08:44:56 | 000,004,608 | ---- | C] () -- C:\Users\Laydenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.05 11:52:23 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.01.05 11:52:22 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.01.05 11:52:20 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.01.04 00:19:39 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011.01.04 00:19:39 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.01.04 00:14:53 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.01.04 00:14:50 | 000,035,145 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.06 03:48:34 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009.06.07 12:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

========== LOP Check ==========

[2011.02.05 11:34:14 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Ableton
[2011.02.07 22:35:27 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\AIMP3
[2011.01.09 23:40:06 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\AnvSoft
[2011.01.05 15:14:22 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Avnex
[2011.01.12 19:25:50 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\BSplayer
[2011.01.12 19:21:55 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\BSplayer Pro
[2011.01.04 12:55:50 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\DAEMON Tools Lite
[2011.01.30 21:02:39 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Desktopicon
[2011.01.11 12:44:06 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\EuroTalk
[2011.01.30 21:17:52 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\GHISLER
[2011.02.07 13:54:13 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\ICQ
[2011.01.24 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Leadertech
[2011.01.30 20:22:54 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Nitro PDF
[2011.01.30 19:56:27 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\OpenCandy
[2011.02.07 19:29:19 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Propellerhead Software
[2011.01.03 21:37:13 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\QIP
[2011.01.04 19:12:47 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Rainmeter
[2011.01.20 17:48:07 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Red Alert 3
[2011.01.21 18:11:21 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Red Alert 3 Uprising
[2011.01.03 16:48:33 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Thunderbird
[2011.02.07 19:31:50 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\uTorrent
[2011.01.03 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\VitySoft
[2011.02.02 16:04:22 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"RocketDock" = "C:\Program Files (x86)\RocketDock\RocketDock.exe" -- [2007.09.02 13:58:52 | 000,495,616 | ---- | M] ()
"360Amigo" = "C:\Program files\360Amigo\360Amigo.exe" -autorun -- [2011.01.27 22:44:24 | 004,003,912 | ---- | M] (360 Amigo)
"Infium" = "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun -- [2011.02.01 11:45:22 | 005,856,640 | ---- | M] (QIP)
"Google Update" = "C:\Users\Laydenka\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.02.03 11:07:32 | 000,136,176 | ---- | M] (Google Inc.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.02.05 11:34:14 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Ableton
[2011.01.04 13:05:54 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Adobe
[2011.02.07 22:35:27 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\AIMP3
[2011.01.09 23:40:06 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\AnvSoft
[2011.01.04 00:21:15 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\ATI
[2011.01.05 15:14:22 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Avnex
[2011.01.12 19:25:50 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\BSplayer
[2011.01.12 19:21:55 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\BSplayer Pro
[2011.01.04 12:55:50 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\DAEMON Tools Lite
[2011.01.30 21:02:39 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Desktopicon
[2011.01.11 12:44:06 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\EuroTalk
[2011.01.30 21:17:52 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\GHISLER
[2011.02.07 13:54:13 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\ICQ
[2011.01.04 00:13:29 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Identities
[2011.01.24 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Leadertech
[2011.01.03 15:37:43 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Macromedia
[2011.01.17 16:36:31 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Malwarebytes
[2009.07.14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Media Center Programs
[2011.01.16 11:40:02 | 000,000,000 | --SD | M] -- C:\Users\Laydenka\AppData\Roaming\Microsoft
[2011.01.03 15:39:46 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Mozilla
[2011.01.30 20:22:54 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Nitro PDF
[2011.01.30 19:56:27 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\OpenCandy
[2011.02.07 19:29:19 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Propellerhead Software
[2011.01.03 21:37:13 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\QIP
[2011.01.04 19:12:47 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Rainmeter
[2011.01.20 17:48:07 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Red Alert 3
[2011.01.21 18:11:21 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Red Alert 3 Uprising
[2011.01.03 16:48:33 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Thunderbird
[2011.02.07 19:31:50 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\uTorrent
[2011.01.03 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\VitySoft
[2011.01.18 14:02:18 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\Winamp
[2011.01.30 20:39:35 | 000,000,000 | ---D | M] -- C:\Users\Laydenka\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2008.10.28 17:20:32 | 000,089,088 | ---- | M] (AD ON Multimedia Advertising GmbH) -- C:\Users\Laydenka\AppData\Roaming\Desktopicon\eBayShortcuts.exe
[2011.01.30 19:56:44 | 000,356,576 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\OpenCandy\OpenCandy_47757765108741EEAC26E8DB4F142467\LatestDLMgr.exe
[2011.01.30 20:04:54 | 034,885,248 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\OpenCandy\OpenCandy_47757765108741EEAC26E8DB4F142467\NitriPDFen64_p1v1.exe


< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.02.07 19:28:49 | 000,406,528 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWOW64\ReWire.dll
[2011.02.07 19:28:49 | 000,338,432 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWOW64\REX Shared Library.dll

< End of report >
Nahoru
Laydee
Návštěvník
Návštěvník
Příspěvky: 167
Registrován: 19 kvě 2008 15:01

Re: prosim o kontrolu, kuju :)

#6 Příspěvek od Laydee »

OTL Extras logfile created on: 8.2.2011 12:21:14 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Laydenka\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 37,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 12,31 Gb Free Space | 25,26% Space Free | Partition Type: NTFS
Drive F: | 547,33 Gb Total Space | 124,17 Gb Free Space | 22,69% Space Free | Partition Type: NTFS

Computer Name: LAYDENKA-PC | User Name: Laydenka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CB41726-DEBA-46E1-B48B-873F012ACAA1}" = Nitro PDF Reader
"{33CF8D2C-0430-2949-FD8F-695C97C472C5}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{54A0FF28-05C4-81E3-3CC1-13D0C2519EFF}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{B3012F41-D8C7-5ABD-05D1-3EF39D9ACC22}" = WMV9/VC-1 Video Playback
"{B95653AB-0E7F-204A-3226-17E9F38E6951}" = AMD Drag and Drop Transcoding
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212D202D-487D-49C4-8A76-4D3BB91B8471}" = BOINC
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8F6FE1DC-E868-B38A-07E5-897508745128}" = ccc-core-static
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X - Czech
"{bd8defa4-19fa-4964-9692-f1122d8a62d9}}_is1" = Apache: Air Assault
"{BEA6BE31-4A1F-7FA2-B861-CBC0AC535731}" = Catalyst Control Center InstallProxy
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{D3D867DD-6C81-E695-4FFE-BE921DF44931}" = Catalyst Control Center Graphics Previews Common
"{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}" = Command & Conquer™ Red Alert™ 3 Uprising
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{F08A1CA0-55A7-8244-3A05-7431447CE9BA}" = CCC Help English
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"360Amigo" = 360 Amigo System Speedup PRO
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP3" = AIMP3
"Any Video Converter Professional_is1" = Any Video Converter Professional 3.0.1
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1
"ASIO4ALL" = ASIO4ALL
"aTube Catcher" = aTube Catcher
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"AV Voice Changer Software GOLD 7.0" = AV Voice Changer Software GOLD 7.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BSPlayer1" = BSPlayer
"BSPlayerf" = BS.Player FREE
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"EA Download Manager" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EuroTalk Talk Now Multi-Language" = EuroTalk Talk Now Multi-Language
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.01
"FL Studio 9" = FL Studio 9
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full)
"Live 8.1.1" = Live 8.1.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"PoiZone" = PoiZone
"PokerStars.net" = PokerStars.net
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"Rainmeter" = Rainmeter (remove only)
"Reason5_is1" = Reason 5.0
"RocketDock_is1" = RocketDock 1.3.5
"Sawer" = Sawer
"Steam App 10" = Counter-Strike
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2010" = QIP 2010 11.2.1.4738
"QIP 2010 packverze: 4540" = QIP 2010 pack verze: 4540

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 30.1.2011 16:04:07 | Computer Name = Laydenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: aTube Catcher 1.0.300.exe, verze: 1.0.0.300,
casové razítko: 0x4b9898b6 Název chybujícího modulu: unknown, verze: 0.0.0.0, casové
razítko: 0x00000000 Kód výjimky: 0xc00000fd Posun chyby: 0x01ff1ee4 ID chybujícího
procesu: 0xd94 Cas spuštení chybující aplikace: 0x01cbc0b8d6fe6230 Cesta k chybující
aplikaci: C:\Users\Laydenka\Desktop\aTube Catcher 1.0.300\aTube Catcher 1.0.300.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 17972b1e-2cac-11e0-8c6d-20cf30f1c99a

Error - 30.1.2011 16:04:16 | Computer Name = Laydenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: aTube Catcher 1.0.300.exe, verze: 1.0.0.300,
casové razítko: 0x4b9898b6 Název chybujícího modulu: unknown, verze: 0.0.0.0, casové
razítko: 0x00000000 Kód výjimky: 0xc00000fd Posun chyby: 0x02071ee4 ID chybujícího
procesu: 0x3c8 Cas spuštení chybující aplikace: 0x01cbc0b8df5b777a Cesta k chybující
aplikaci: C:\Users\Laydenka\Desktop\aTube Catcher 1.0.300\aTube Catcher 1.0.300.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 1d2907fe-2cac-11e0-8c6d-20cf30f1c99a

Error - 31.1.2011 6:10:53 | Computer Name = Laydenka-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 1.2.2011 5:35:04 | Computer Name = Laydenka-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 2.2.2011 13:33:28 | Computer Name = Laydenka-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 5.2.2011 5:57:50 | Computer Name = Laydenka-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 6.2.2011 3:42:55 | Computer Name = Laydenka-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 6.2.2011 12:59:08 | Computer Name = Laydenka-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 7.2.2011 7:41:13 | Computer Name = Laydenka-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 8.2.2011 6:17:51 | Computer Name = Laydenka-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ System Events ]
Error - 24.1.2011 9:57:50 | Computer Name = Laydenka-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 24.1.2011 9:57:56 | Computer Name = Laydenka-PC | Source = Service Control Manager | ID = 7009
Description = Pri cekání na pripojení služby Steam Client Service bylo dosaženo
casového limitu (30000 ms).

Error - 24.1.2011 9:57:56 | Computer Name = Laydenka-PC | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspela pri spuštení v dusledku následující
chyby: %%1053

Error - 26.1.2011 5:12:21 | Computer Name = Laydenka-PC | Source = Disk | ID = 262155
Description = Ovladac zjistil chybu radice na \Device\Harddisk1\DR1.

Error - 26.1.2011 5:12:21 | Computer Name = Laydenka-PC | Source = Disk | ID = 262155
Description = Ovladac zjistil chybu radice na \Device\Harddisk1\DR1.

Error - 26.1.2011 5:12:22 | Computer Name = Laydenka-PC | Source = Disk | ID = 262155
Description = Ovladac zjistil chybu radice na \Device\Harddisk1\DR1.

Error - 26.1.2011 5:12:22 | Computer Name = Laydenka-PC | Source = Disk | ID = 262155
Description = Ovladac zjistil chybu radice na \Device\Harddisk1\DR1.

Error - 28.1.2011 3:47:27 | Computer Name = Laydenka-PC | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrA byla neocekávane ukoncena. Tento stav nastal již 1krát.

Error - 28.1.2011 5:32:39 | Computer Name = Laydenka-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 30.1.2011 5:10:22 | Computer Name = Laydenka-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly prerušeny, protože z duvodu limitu stanoveného
uživatelem se nepodarilo zvetšit úložište stínové kopie.


< End of report >
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: prosim o kontrolu, kuju :)

#7 Příspěvek od vyosek »

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=102352&l=dis
IE - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 53 F6 1E 9D AB CB 01 [binary data]
IE - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin
[2011.01.31 10:59:34 | 000,002,573 | ---- | M] () -- C:\Users\Laydenka\AppData\Roaming\Mozilla\Firefox\Profiles\rg8jz4d0.default\searchplugins\askcom.xml
O2 - BHO: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\..\Toolbar\WebBrowser: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"RocketDock"=-
"Google Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
 
:files
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000UA.job
C:\Program Files (x86)\MyWebSearch
C:\Program Files (x86)\Ask.com
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Laydee
Návštěvník
Návštěvník
Příspěvky: 167
Registrován: 19 kvě 2008 15:01

Re: prosim o kontrolu, kuju :)

#8 Příspěvek od Laydee »

tak mam hotovo. :))

All processes killed
========== OTL ==========
HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKU\S-1-5-21-2109389996-1612675735-3522100098-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2109389996-1612675735-3522100098-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com deleted successfully.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin not found.
C:\Users\Laydenka\AppData\Roaming\Mozilla\Firefox\Profiles\rg8jz4d0.default\searchplugins\askcom.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry value HKEY_USERS\S-1-5-21-2109389996-1612675735-3522100098-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RocketDock deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys\ deleted successfully.
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109389996-1612675735-3522100098-1000UA.job moved successfully.
File\Folder C:\Program Files (x86)\MyWebSearch not found.
C:\Program Files (x86)\Ask.com folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Laydenka
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1155752 bytes
->Java cache emptied: 1713 bytes
->FireFox cache emptied: 104983827 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1250 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6844 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 551011 bytes

Total Files Cleaned = 102,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Laydenka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02082011_130659

Files\Folders moved on Reboot...
C:\Users\Laydenka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: prosim o kontrolu, kuju :)

#9 Příspěvek od vyosek »

Jak se chova PC :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Laydee
Návštěvník
Návštěvník
Příspěvky: 167
Registrován: 19 kvě 2008 15:01

Re: prosim o kontrolu, kuju :)

#10 Příspěvek od Laydee »

funguje skvele. kujuu :))
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: prosim o kontrolu, kuju :)

#11 Příspěvek od vyosek »

Tak jeste uklidime :)

:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner (viz muj podpis)
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za 14 dni

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :turned:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“