VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=126748

Stránka 1 z 1

Prosím o kontrolu

Napsal: 25 pro 2012 21:41
od Milan12300
Zdravím!
Prosím o kontrolu logu. Díky moc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by X at 2012-12-25 21:32:24
Microsoft Windows 7 Professional
System drive C: has 75 GB (49%) free of 153 GB
Total RAM: 2048 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:32:29, on 25.12.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\The KMPlayer\KMPlayer.exe
C:\Users\X\Downloads\M6452756\RSIT.exe
C:\Program Files\trend micro\X.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25432;
R3 - URLSearchHook: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: toolbarchrome - (no CLSID) - (no file)
O20 - AppInit_DLLs:
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - ArcSoft, Inc. - (no file)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: NMIndexingService - Nalpeiron Ltd. - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 2313 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-05-25 1145888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service (1)]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp]
C:\Windows\system32\PrintDisp.exe [2011-02-19 826368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=2
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108859

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.MKVC"=KMVIDC32.DLL
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.tscc"=tsccvid.dll
"vidc.MPG4"=MPG4C32.dll
"vidc.MP42"=MPG4C32.dll
"vidc.MP43"=MPG4C32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=C:\Windows\system32\iac25_32.ax

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-12-25 21:28:27 ----D---- C:\Program Files\trend micro
2012-12-25 21:28:24 ----D---- C:\rsit
2012-12-25 19:49:46 ----D---- C:\Program Files\ESET
2012-12-25 19:11:56 ----D---- C:\Users\X\AppData\Roaming\Malwarebytes
2012-12-25 01:16:40 ----D---- C:\ProgramData\MSScanAppDataDir
2012-12-25 00:42:37 ----D---- C:\Program Files\Common Files\Ulead Systems
2012-12-25 00:27:58 ----A---- C:\Windows\system32\mdimon.dll
2012-12-25 00:26:12 ----D---- C:\Program Files\Microsoft Works
2012-12-25 00:25:40 ----D---- C:\Program Files\Common Files\DESIGNER
2012-12-25 00:24:40 ----D---- C:\Program Files\Microsoft.NET
2012-12-25 00:20:15 ----D---- C:\Program Files\Microsoft Office
2012-12-25 00:19:35 ----RHD---- C:\MSOCache
2012-12-25 00:05:38 ----D---- C:\Program Files\AVG
2012-12-24 23:59:03 ----D---- C:\Program Files\FastStone Capture
2012-12-24 23:05:59 ----D---- C:\Program Files\Silkroad
2012-12-24 23:01:46 ----D---- C:\Program Files\SumatraPDF
2012-12-24 23:00:56 ----D---- C:\Program Files\WinRAR
2012-12-24 23:00:28 ----D---- C:\Program Files\Seznam.cz
2012-12-24 22:59:40 ----D---- C:\Program Files\CCleaner
2012-12-24 22:59:21 ----A---- C:\Windows\system32\VBAME.DLL
2012-12-24 22:55:57 ----D---- C:\Program Files\The KMPlayer
2012-12-24 22:25:09 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-12-24 22:21:01 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-12-24 22:21:00 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-12-24 22:20:58 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-12-24 22:20:56 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-12-24 22:20:54 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-12-24 22:20:50 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-12-24 22:20:24 ----A---- C:\Windows\avastSS.scr
2012-12-24 22:20:23 ----A---- C:\Windows\system32\aswBoot.exe
2012-12-24 22:03:34 ----A---- C:\Windows\system32\nvopencl.dll
2012-12-24 22:03:34 ----A---- C:\Windows\system32\nvoglv32.dll
2012-12-24 22:03:34 ----A---- C:\Windows\system32\nvdispgenco32.dll
2012-12-24 22:03:34 ----A---- C:\Windows\system32\nvcuvid.dll
2012-12-24 22:03:34 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-12-24 22:03:34 ----A---- C:\Windows\system32\nvcuda.dll
2012-12-24 22:03:34 ----A---- C:\Windows\system32\nvcompiler.dll
2012-12-24 22:03:34 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-12-24 21:53:44 ----D---- C:\NVIDIA
2012-12-24 21:52:02 ----D---- C:\Program Files\Google
2012-12-24 21:24:05 ----D---- C:\Users\X\AppData\Roaming\InstallShield
2012-12-24 16:18:42 ----D---- C:\Program Files\AML Products
2012-12-12 21:44:29 ----D---- C:\ProgramData\Adobe
2012-12-11 20:24:06 ----D---- C:\Users\X\AppData\Roaming\PC Suite
2012-12-11 20:24:02 ----D---- C:\ProgramData\PC Suite
2012-12-11 20:22:31 ----D---- C:\ProgramData\Nokia
2012-12-11 20:21:52 ----D---- C:\Program Files\DIFX
2012-12-11 20:16:24 ----D---- C:\ProgramData\NokiaInstallerCache
2012-12-11 19:58:51 ----D---- C:\ProgramData\Installations
2012-11-30 22:56:44 ----D---- C:\Program Files\Worms World Party
2012-11-28 16:40:21 ----D---- C:\ProgramData\SimilarSites
2012-11-28 16:40:10 ----D---- C:\Users\X\AppData\Roaming\SimilarSites
2012-11-26 23:06:24 ----D---- C:\ProgramData\StartupSoundChanger

======List of files/folders modified in the last 1 month======

2012-12-25 21:28:39 ----D---- C:\Windows\Prefetch
2012-12-25 21:28:27 ----RD---- C:\Program Files
2012-12-25 20:39:09 ----AD---- C:\ProgramData\Temp
2012-12-25 19:49:44 ----D---- C:\Windows\temp
2012-12-25 19:47:20 ----D---- C:\Windows\system32\drivers
2012-12-25 14:51:48 ----D---- C:\Windows\System32
2012-12-25 14:51:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-25 13:02:38 ----AD---- C:\Windows
2012-12-25 11:19:37 ----SHD---- C:\System Volume Information
2012-12-25 01:20:46 ----D---- C:\Windows\winsxs
2012-12-25 01:20:29 ----D---- C:\Program Files\DVD Maker
2012-12-25 01:17:03 ----D---- C:\Windows\system32\config
2012-12-25 01:16:40 ----D---- C:\ProgramData
2012-12-25 01:04:27 ----D---- C:\Windows\system32\catroot2
2012-12-25 00:59:48 ----HD---- C:\Program Files\InstallShield Installation Information
2012-12-25 00:58:51 ----D---- C:\Program Files\Common Files
2012-12-25 00:50:26 ----D---- C:\Windows\inf
2012-12-25 00:28:11 ----SHD---- C:\Windows\Installer
2012-12-25 00:28:09 ----D---- C:\Config.Msi
2012-12-25 00:28:07 ----D---- C:\ProgramData\Microsoft Help
2012-12-25 00:27:51 ----RSD---- C:\Windows\assembly
2012-12-25 00:25:35 ----D---- C:\Program Files\Common Files\microsoft shared
2012-12-25 00:24:59 ----RSD---- C:\Windows\Fonts
2012-12-25 00:21:17 ----D---- C:\Windows\ShellNew
2012-12-24 23:01:53 ----D---- C:\Users\X\AppData\Roaming\SumatraPDF
2012-12-24 23:01:08 ----D---- C:\Users\X\AppData\Roaming\WinRAR
2012-12-24 22:59:43 ----D---- C:\Windows\system32\Tasks
2012-12-24 22:25:11 ----D---- C:\Windows\Tasks
2012-12-24 22:22:24 ----D---- C:\Program Files\NVIDIA Corporation
2012-12-24 22:20:08 ----D---- C:\ProgramData\AVAST Software
2012-12-24 22:20:08 ----D---- C:\Program Files\AVAST Software
2012-12-24 22:10:03 ----D---- C:\Windows\system32\catroot
2012-12-24 22:10:02 ----D---- C:\Windows\system32\DriverStore
2012-12-24 22:09:56 ----D---- C:\ProgramData\NVIDIA
2012-12-24 21:55:01 ----D---- C:\Windows\Logs
2012-12-24 21:55:01 ----D---- C:\Users\X\AppData\Roaming\DAEMON Tools Lite
2012-12-23 10:52:25 ----A---- C:\Windows\system32\imageres.dll
2012-12-15 20:54:30 ----SD---- C:\Users\X\AppData\Roaming\Microsoft
2012-12-12 19:57:18 ----A---- C:\Windows\system32\npdeployJava1.dll
2012-12-12 19:57:18 ----A---- C:\Windows\system32\deployJava1.dll
2012-12-11 21:02:27 ----DC---- C:\Windows\system32\DRVSTORE
2012-12-07 16:27:53 ----D---- C:\Users\X\AppData\Roaming\f2fElementary
2012-11-28 16:59:22 ----D---- C:\ProgramData\SpeedBit
2012-11-28 16:55:48 ----D---- C:\WinFast WorkArea
2012-11-26 23:01:25 ----RSD---- C:\Windows\Media
2012-11-26 20:30:06 ----D---- C:\Windows\debug
2012-11-26 15:37:15 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-29 466008]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-03-04 296936]
R3 ULCDRHlp;ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 ARCSOFTVIRTUALCAPTURE;Magic-i Virtual Driver; C:\Windows\system32\DRIVERS\ArcSoftVirtualCapture.sys [2006-12-07 15104]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 cpuz136;cpuz136; C:\Windows\system32\drivers\cpuz136.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2011-12-09 23456]
S3 EagleXNt;EagleXNt; C:\Windows\system32\drivers\EagleXNt.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-09-07 27672]
S3 hcdriver;EHCI Compliance Test Tool Device Driver; C:\Windows\system32\DRIVERS\hcdriver.sys [2012-01-27 50688]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\IntcAzAudAddService.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\drivers\pccsmcfd.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-04 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WFLR6654;WinFast DTV1800 H (XC3028); C:\Windows\system32\drivers\WFLR6654.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 37704]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-27 31816]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 15048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-24 250808]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\system32\NLSSRV32.EXE [2011-03-21 68928]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-10-28 65536]

-----------------EOF-----------------

Re: Prosím o kontrolu

Napsal: 25 pro 2012 23:08
od Roli
Zdravím, doporučím necpat si tam ani zkušebně příliš antivirů, nemusí to dopadnout dobře.

Jinak nic špatného nevidím, je tedy nějaký problém s PC ?

Re: Prosím o kontrolu

Napsal: 26 pro 2012 10:51
od Milan12300
Včera jsem jen tak projel pc mbam a eset online scanerem a vubec nic nenašli. Dělal jsem to proto, že jsem včera v pc dělal takový větší úklid - vyházel jsem víc jak polovinu programů co jsem měl nainstalováno a přeinstaloval to ostatní a pak defragmentoval. Docela se mi i zrychlil, nevím čím by to mohlo být, ale když si pustím nějaký film a u toho dělám ještě pár dalších věcí tak se mi to video trochu seká a občas zamrzne a pak se rozmrazí. Předtím když jsem dělal taky víc věcí na jednou a měl puštěnej film tak se ani jednou nesekal. Myslel jsem že to je virem ale žádnej mi to nenašlo. Nevíte čím by to mohlo být? Děkuji.

Re: Prosím o kontrolu

Napsal: 26 pro 2012 23:01
od Roli
Tak jako buď koukám na film nebo nee, ale dělat při tom nevím co to mi připadá tak nějak mimo.

Jinak bych zkusil jiný přehrávač, nebo aktualizovat ovladače od grafiky.

Pokud nezabere ani to, pustíme tam větší kalibr.

Re: Prosím o kontrolu

Napsal: 27 pro 2012 18:22
od Milan12300
Aktualizoval jsem ty ovladače od grafiky a už se neseká. Já se koukám na filmy, ale hrozně to zdržuje tak si vždycky všechny videa dávám do pravého rohu na velikost 320x240 a koukám se a dělám co potřebuju. Zatím není s PC žádný problém. Teda až na jeden. Už to bude víc jak 2 roky co jsem zkoušel eset a po odinstalování když jsem chtěl zkusit kaspersky tak mi nešel naisntalovat protože mi to furt psalo že kvůli esetu (který už jsem v pc dávno neměl) nejde nainstalovat kaspersky. Zkoušel jsem tu odinstalovávací utilitu na ostranění esetu ale furt mi to píše. Prolezl jsem všude různé adresáře kde by mohl být ještě zbytek esetu ale nic jsem nenašel. Moc díky za radu s aktualizováním těch ovladačů.

Re: Prosím o kontrolu

Napsal: 27 pro 2012 23:28
od Roli
Tohle fixni v HJT :

R3 - URLSearchHook: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: toolbarchrome - (no CLSID) - (no file)

HJT najdeš zde :

C:\Program Files\trend micro\X.exe

Fix znamená že spustíš HJT Obrázek jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

NMIndexingService

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Stáhni SystemLook

spusť aplikaci a do otevřeného okna zkopíruj :

Kód: Vybrat vše

:regfind
ESET
pak klik na Look aplikace vytvoří SystemLook.txt jeho obsah mi sem zkopíruj.

Re: Prosím o kontrolu

Napsal: 28 pro 2012 12:49
od Milan12300
SystemLook 30.07.11 by jpshortstuff
Log created at 12:48 on 28/12/2012 by X
Administrator - Elevation successful

========== regfind ==========

Searching for "ESET"
[HKEY_CURRENT_USER\Software\AC3Filter\preset]
[HKEY_CURRENT_USER\Software\ESET]
[HKEY_CURRENT_USER\Software\GNU\ffdshow]
"activePreset"="default"
[HKEY_CURRENT_USER\Software\GNU\ffdshow]
"OSDcurPreset"="default"
[HKEY_CURRENT_USER\Software\GNU\ffdshow]
"OSDpresetFormat0"="1544 1552 1545 1541 14 31 1524 1529"
[HKEY_CURRENT_USER\Software\GNU\ffdshow]
"OSDpresetName0"="default"
[HKEY_CURRENT_USER\Software\GNU\ffdshow_audio]
"OSDcurPreset"="default"
[HKEY_CURRENT_USER\Software\GNU\ffdshow_audio]
"OSDpresetFormat0"="1544 1545 1559 1529"
[HKEY_CURRENT_USER\Software\GNU\ffdshow_audio]
"OSDpresetName0"="default"
[HKEY_CURRENT_USER\Software\GNU\ffdshow_audio]
"activePreset"="default"
[HKEY_CURRENT_USER\Software\MetaProducts\Mass Downloader]
"ToolbarReset1"="Done"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\33c9d3ed_0]
@="{0.0.0.00000000}.{e630b65d-0809-460e-b280-558f52ea7159}|\Device\HarddiskVolume2\Users\X\AppData\Local\temp\sfxAFBD.tmp\DesetiPrstyTesty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\44a1b2ed_0]
@="{0.0.0.00000000}.{2e75e18a-2205-4967-bfa9-bd9f4f41db15}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\8d8c322c_0]
@="{0.0.0.00000000}.{e630b65d-0809-460e-b280-558f52ea7159}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\cb94e739_0]
@="{0.0.0.00000000}.{4b37d152-1991-4750-8dee-34ff9699a1af}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\cfd1d6d0_0]
@="{0.0.0.00000000}.{0f1cb66d-3169-4e2a-b060-838c96c8c02b}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e968d7c9_0]
@="{0.0.0.00000000}.{396ee420-2070-499e-b918-a644c8ca599d}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ec92ccf4_0]
@="{0.0.0.00000000}.{90fe2ada-7ae4-4c8d-98d1-77d68a4e6dca}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup]
[HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Battery\Presets]
[HKEY_CURRENT_USER\Software\Microsoft\MM20\TimelineSettings]
[HKEY_CURRENT_USER\Software\Microsoft\MobileDriveSetup]
[HKEY_CURRENT_USER\Software\Microsoft\MSPaper 12.0\ScannerApp]
"RecentPreset"="Černobíle"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Publisher\Preferences]
"PageSetupWindowSize"="140, 147, 1000, 700"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\homepagereset.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\onlyiesettings.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Media Center\Settings\Audio]
"ActiveVisualizationPreset"="<<NULL>>"
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Font Management]
"Inactive Fonts"="Large Fonts 8514oem Marlett Andalus Arial Unicode MS Arabic Typesetting HGMaruGothicMPRO Estrangelo Edessa Microsoft Uighur MV Boli Sakkal Majalla Simplified Arabic Simplified Arabic Fixed Traditional Arabic FangSong KaiTi Microsoft YaHei NSimSun SimHei SimSun SimSun-ExtB DFKai-SB Microsoft JhengHei MingLiU MingLiU-ExtB MingLiU_HKSCS MingLiU_HKSCS-ExtB PMingLiU PMingLiU-ExtB Euphemia Lao UI Plantagenet Cherokee Aharoni David FrankRuehl Gisha Levenim MT Miriam Miriam Fixed Narkisim Rod Aparajita Gautami Iskoola Pota Kalinga Kartika Kokila Latha Mangal Raavi Shonar Bangla Shruti Tunga Utsaah Vani Vijaya Vrinda Meiryo Meiryo UI MS Gothic MS Mincho MS PGothic MS PMincho MS UI Gothic Batang BatangChe Dotum DotumChe Gulim GulimChe Gungsuh GungsuhChe Malgun Gothic Ebrima Microsoft Himalaya Microsoft New Tai Lue Microsoft PhagsPa Microsoft Tai Le Microsoft Yi Baiti Mongolian Baiti Nyala Sylfaen Angsana New AngsanaUPC B
[HKEY_CURRENT_USER\Software\pmq SOFTWARE\DesetiPrsty5]
[HKEY_CURRENT_USER\Software\pmq SOFTWARE\DesetiPrsty5\Deseti prsty]
[HKEY_CURRENT_USER\Software\VSO\ConvertXtoDVD\5.0]
"Enc_video_preset"="VEP_AUTOMATIC"
[HKEY_CURRENT_USER\Software\VSO\ConvertXtoDVD\5.0\Frm_LesserTypeSettings]
[HKEY_CURRENT_USER\Software\VSO\ConvertXtoDVD\5.0\Stt_TypeSettings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3050F31A-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32]
"Class"="mshtml.HTMLFrameSetSiteClass"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5512D114-5CC6-11CF-8D67-00AA00BDCE1D}]
@="Microsoft Forms 2.0 HTML RESET"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5512D114-5CC6-11CF-8D67-00AA00BDCE1D}\ProgID]
@="Forms.HTML:Reset.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BD6AECA-AFB0-45B7-BAC4-F292EC0F3F41}]
@="WBEM Win32_TERMINALSERVICESETTING Provider"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8841d728-1a76-4682-bb6f-a9ea53b4b3ba}]
@="LogonPasswordReset"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AED384E-CE8B-11D1-8B05-00600806D9B6}\ProgID]
@="WbemScripting.SWbemNamedValueSet.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AED384E-CE8B-11D1-8B05-00600806D9B6}\VersionIndependentProgID]
@="WbemScripting.SWbemNamedValueSet"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF981FDD-B743-11D1-A69A-00C04FB9988E}]
@="MachineSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF884939-F1EA-4EFB-B676-D2F802177C5F}]
@="VideoImageSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF884939-F1EA-4EFB-B676-D2F802177C5F}\VersionIndependentProgID]
@="Video_TVServer.VideoImageSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Forms.HTML:Reset.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Forms.HTML:Reset.1]
@="Microsoft Forms 2.0 HTML RESET"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000208B4-0000-0000-C000-000000000046}]
@="PageSetup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00020971-0000-0000-C000-000000000046}]
@="PageSetup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000209E2-0000-0000-C000-000000000046}]
@="Frameset"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000C0353-0000-0000-C000-000000000046}]
@="LanguageSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000C0410-0000-0000-C000-000000000046}]
@="SignatureSet"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000CD6A1-0000-0000-C000-000000000046}]
@="SignatureSetup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00f2b868-dd67-487c-9553-049240767e91}]
@="IPhotoAcquireSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0C92143F-E5E7-4B7C-8F4F-9BA6ED370410}]
@="IWMEncFileSet"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2080FF4F-297F-4F66-AA83-CACA65F67216}]
@="IStrokeSet"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26EE67BF-5804-11D2-8B4A-00600806D9B6}]
@="ISWbemPrivilegeSet"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F319-98B5-11CF-BB82-00AA00BDCE0B}]
@="IHTMLFrameSetElement"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F514-98B5-11CF-BB82-00AA00BDCE0B}]
@="DispHTMLFrameSetSite"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F5C6-98B5-11CF-BB82-00AA00BDCE0B}]
@="IHTMLFrameSetElement2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F243EBD-612F-3DB8-9E03-BD92343A8371}]
@="_AutoResetEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{40C6BDE7-9C90-49D4-AD20-BEF81A6C5F22}]
@="IBatteryPreset"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{44D5F81A-727C-35AE-8DF8-9FF6722F1C6C}]
@="_ResourceSet"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4D725739-9AA4-4006-BBBE-109CC5A9A68A}]
@="IResetUserProfileCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5512D115-5CC6-11CF-8D67-00AA00BDCE1D}]
@="IWHTMLReset"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5925316D-20B6-4FF9-A980-96482AA885DE}]
@="IUpdateNavPaneSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{84594461-0053-4342-A8FD-088FABF11F32}]
@="IIdleSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{85D18B6D-3032-11D4-9348-00C04F8EEB71}]
@="IHNetBridgeSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{876E7208-0172-4EBB-B08B-2E1D30DFE44C}]
@="IBatterySavedPreset"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{91493466-5A91-11CF-8700-00AA0060263B}]
@="PageSetup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0BB9361-268F-3E72-BF6F-4120175A1500}]
@="_ManualResetEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CF2376EA-CE8C-11D1-8B05-00600806D9B6}]
@="ISWbemNamedValueSet"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F85E2D65-207D-48DB-84B1-915E1735DB17}]
@="IBatteryRandomPreset"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Video_TVServer.VideoImageSettings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Video_TVServer.VideoImageSettings]
@="VideoImageSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Video_TVServer.VideoQualitySetting.1]
@="VideoImageSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WbemScripting.SWbemNamedValueSet]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WbemScripting.SWbemNamedValueSet\CurVer]
@="WbemScripting.SWbemNamedValueSet.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WbemScripting.SWbemNamedValueSet.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Eset]
[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\ESET Online Scanner]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"StubPath"=""C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
"StubPath"="%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
"StubPath"="C:\Windows\System32\ie4uinit.exe -BaseSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Services\S-1-5-18\SystemCertificates\ESETEndCertStore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY\TEXTSIZE]
"TextHideIE"="Reset text size to medium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY\TEXTSIZE]
"ValueName"="ResetTextSizeOnStartup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY\TEXTSIZE]
"Text"="Reset text size to medium for new windows and tabs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY\TEXTSIZEANDZOOM]
"ValueName"="ResetTextSizeOnZoom"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY\TEXTSIZEANDZOOM]
"Text"="Reset text size to medium while zooming"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY\ZOOMLEVEL]
"TextHideIE"="Reset zoom level"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY\ZOOMLEVEL]
"ValueName"="ResetZoomOnStartup2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY\ZOOMLEVEL]
"Text"="Reset zoom level for new windows and tabs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UnattendBackup\ActiveSetup]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Battery\Presets]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\WMPEffects]
"currentPreset"="wmpprop:mediacenter.effectPreset"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\WMPEffects]
"currentPreset_onchange"="mediacenter.effectPreset = currentPreset;"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup]
"ResetAutoPlay"="12,0,7600,16415"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Msinfo\Categories\Applications12\Word12\PageSetup]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DesetiPrsty_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DesetiPrsty_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_csy_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_csy_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_enu_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_enu_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ESETSmartInstaller_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ESETSmartInstaller_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SkypeSetup_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SkypeSetup_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\SecuredHostProviders]
"Root\cimv2\TerminalServices:__Win32Provider.Name="Win32_WIN32_TERMINALSERVICESETTING_Prov""="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{6f45dc1e-5384-457a-bc13-2cd81b0d28ed}\LogonPasswordReset]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ResetUserProfileCallbacks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\MachineSettings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Settings\RecorderSettings0]
"strCodesetSTB"="<<NULL>>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Settings\RecorderSettings1]
"strCodesetSTB"="<<NULL>>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Settings\RecorderSettings2]
"strCodesetSTB"="<<NULL>>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Settings\RecorderSettings3]
"strCodesetSTB"="<<NULL>>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Specialize]
"{0e95de08-d472-3202-4561-c2be81045f3e}"="C:\Windows\System32\oobe\winsetup.dll,SpSetupOnlineSettingsSpecialize"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\creatr32.exe]
"IGNOREENUMRESET"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-f..e-arabictypesetting_31bf3856ad364e35_none_c358bf0a55f1090d]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-w..-chinesetraditional_31bf3856ad364e35_none_396a0dd3b7f70df8]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Windows Block Level Backup]
"CustomPerformanceSettings"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{da9a85bb-563d-40fb-a164-8e982ea6844b}]
@="Microsoft-Windows-IIS-IISReset"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"Arabic Typesetting (TrueType)"="arabtype.ttf"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\HP Deskjet F300 Series\HPPresetRoot]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex]
"CatalogResetSignature"="350072f6-f550-441f-b456-cd4c6a5766c0"
[HKEY_LOCAL_MACHINE\SOFTWARE\NVIDIA Corporation\Global\Startup\ResetGammaValue]
[HKEY_LOCAL_MACHINE\SOFTWARE\NVIDIA Corporation\Global\Startup\UpdateRegistryModeSettings]
[HKEY_LOCAL_MACHINE\SOFTWARE\pmq SOFTWARE\DesetiPrsty5]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\VolatileSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007]
"PhyLPResetEnable"="0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007\Ndi\params\PhyLPResetEnable]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007\Ndi\params\PhyLPResetEnable]
"ParamDesc"="Reset PHY If Not In Use"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetDiagFx\Microsoft\HostDLLs\Wireless LAN Helper Class\HelperClasses\AutoConfig Helper Class\Repairs\{99E12F1E-E4A2-44dd-92DE-3773FDA9EAE4}]
"Symbol"="RID_AUTOCONF_LOWH_WORKAROUND_RESET_ADAPTER"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetDiagFx\Microsoft\HostDLLs\Wireless LAN Helper Class\HelperClasses\AutoConfig Helper Class\Repairs\{A127C86C-7082-4981-9333-A3539DC18967}]
"Symbol"="RID_AUTOCONF_LOWH_REPAIR_RESET_ADAPTER"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e973-e325-11ce-bfc1-08002be10318}\{9FA2412D-41BB-47DC-BE2A-C2EE75DD6C93}\Ndi]
"ExcludeSetupStartServices"="Netlogon"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{03F0DBAD-C963-4EB4-8510-DD8D23454D85}\Ndi]
"ExcludeSetupStartServices"="LanmanServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{3D58DA80-C6BF-43E7-BADF-F8507CE87E6F}\Ndi]
"ExcludeSetupStartServices"="RemoteAccess"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{DF08D087-9507-4264-9B6A-D0241B9C64F2}\Ndi]
"ExcludeSetupStartServices"="RasAcd RasAuto"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Printers\HP Deskjet F300 Series\HPPresetRoot]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Terminal Server\Utilities\reset]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{10C72641-33E0-4160-8E87-636BE927EBD2}\0000\VolatileSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{10C72641-33E0-4160-8E87-636BE927EBD2}\0001\VolatileSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WAS]
"FailureCommand"=""C:\Windows\System32\iisreset.exe" /start /fail=%1%"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007]
"PhyLPResetEnable"="0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007\Ndi\params\PhyLPResetEnable]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007\Ndi\params\PhyLPResetEnable]
"ParamDesc"="Reset PHY If Not In Use"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\MUI\StringCacheSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\NetDiagFx\Microsoft\HostDLLs\Wireless LAN Helper Class\HelperClasses\AutoConfig Helper Class\Repairs\{99E12F1E-E4A2-44dd-92DE-3773FDA9EAE4}]
"Symbol"="RID_AUTOCONF_LOWH_WORKAROUND_RESET_ADAPTER"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\NetDiagFx\Microsoft\HostDLLs\Wireless LAN Helper Class\HelperClasses\AutoConfig Helper Class\Repairs\{A127C86C-7082-4981-9333-A3539DC18967}]
"Symbol"="RID_AUTOCONF_LOWH_REPAIR_RESET_ADAPTER"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e973-e325-11ce-bfc1-08002be10318}\{9FA2412D-41BB-47DC-BE2A-C2EE75DD6C93}\Ndi]
"ExcludeSetupStartServices"="Netlogon"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{03F0DBAD-C963-4EB4-8510-DD8D23454D85}\Ndi]
"ExcludeSetupStartServices"="LanmanServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{3D58DA80-C6BF-43E7-BADF-F8507CE87E6F}\Ndi]
"ExcludeSetupStartServices"="RemoteAccess"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{DF08D087-9507-4264-9B6A-D0241B9C64F2}\Ndi]
"ExcludeSetupStartServices"="RasAcd RasAuto"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Terminal Server\Utilities\reset]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\WAS]
"FailureCommand"=""C:\Windows\System32\iisreset.exe" /start /fail=%1%"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\VolatileSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007]
"PhyLPResetEnable"="0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007\Ndi\params\PhyLPResetEnable]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007\Ndi\params\PhyLPResetEnable]
"ParamDesc"="Reset PHY If Not In Use"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MUI\StringCacheSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetDiagFx\Microsoft\HostDLLs\Wireless LAN Helper Class\HelperClasses\AutoConfig Helper Class\Repairs\{99E12F1E-E4A2-44dd-92DE-3773FDA9EAE4}]
"Symbol"="RID_AUTOCONF_LOWH_WORKAROUND_RESET_ADAPTER"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetDiagFx\Microsoft\HostDLLs\Wireless LAN Helper Class\HelperClasses\AutoConfig Helper Class\Repairs\{A127C86C-7082-4981-9333-A3539DC18967}]
"Symbol"="RID_AUTOCONF_LOWH_REPAIR_RESET_ADAPTER"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e973-e325-11ce-bfc1-08002be10318}\{9FA2412D-41BB-47DC-BE2A-C2EE75DD6C93}\Ndi]
"ExcludeSetupStartServices"="Netlogon"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{03F0DBAD-C963-4EB4-8510-DD8D23454D85}\Ndi]
"ExcludeSetupStartServices"="LanmanServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{3D58DA80-C6BF-43E7-BADF-F8507CE87E6F}\Ndi]
"ExcludeSetupStartServices"="RemoteAccess"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{DF08D087-9507-4264-9B6A-D0241B9C64F2}\Ndi]
"ExcludeSetupStartServices"="RasAcd RasAuto"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\HP Deskjet F300 Series\HPPresetRoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Utilities\reset]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{10C72641-33E0-4160-8E87-636BE927EBD2}\0000\VolatileSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{10C72641-33E0-4160-8E87-636BE927EBD2}\0001\VolatileSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WAS]
"FailureCommand"=""C:\Windows\System32\iisreset.exe" /start /fail=%1%"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Font Management]
"Inactive Fonts"="Large Fonts 8514oem Marlett Andalus Arial Unicode MS Arabic Typesetting HGMaruGothicMPRO Estrangelo Edessa Microsoft Uighur MV Boli Sakkal Majalla Simplified Arabic Simplified Arabic Fixed Traditional Arabic FangSong KaiTi Microsoft YaHei NSimSun SimHei SimSun SimSun-ExtB DFKai-SB Microsoft JhengHei MingLiU MingLiU-ExtB MingLiU_HKSCS MingLiU_HKSCS-ExtB PMingLiU PMingLiU-ExtB Euphemia Lao UI Plantagenet Cherokee Aharoni David FrankRuehl Gisha Levenim MT Miriam Miriam Fixed Narkisim Rod Aparajita Gautami Iskoola Pota Kalinga Kartika Kokila Latha Mangal Raavi Shonar Bangla Shruti Tunga Utsaah Vani Vijaya Vrinda Meiryo Meiryo UI MS Gothic MS Mincho MS PGothic MS PMincho MS UI Gothic Batang BatangChe Dotum DotumChe Gulim GulimChe Gungsuh GungsuhChe Malgun Gothic Ebrima Microsoft Himalaya Microsoft New Tai Lue Microsoft PhagsPa Microsoft Tai Le Microsoft Yi Baiti Mongolian Baiti Nyala Sylfaen Angsana New AngsanaUPC
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"BlockSendInputResets"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"BlockSendInputResets"="0"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\AC3Filter\preset]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\ESET]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\GNU\ffdshow]
"activePreset"="default"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\GNU\ffdshow]
"OSDcurPreset"="default"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\GNU\ffdshow]
"OSDpresetFormat0"="1544 1552 1545 1541 14 31 1524 1529"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\GNU\ffdshow]
"OSDpresetName0"="default"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\GNU\ffdshow_audio]
"OSDcurPreset"="default"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\GNU\ffdshow_audio]
"OSDpresetFormat0"="1544 1545 1559 1529"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\GNU\ffdshow_audio]
"OSDpresetName0"="default"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\GNU\ffdshow_audio]
"activePreset"="default"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\MetaProducts\Mass Downloader]
"ToolbarReset1"="Done"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\33c9d3ed_0]
@="{0.0.0.00000000}.{e630b65d-0809-460e-b280-558f52ea7159}|\Device\HarddiskVolume2\Users\X\AppData\Local\temp\sfxAFBD.tmp\DesetiPrstyTesty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\44a1b2ed_0]
@="{0.0.0.00000000}.{2e75e18a-2205-4967-bfa9-bd9f4f41db15}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\8d8c322c_0]
@="{0.0.0.00000000}.{e630b65d-0809-460e-b280-558f52ea7159}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\cb94e739_0]
@="{0.0.0.00000000}.{4b37d152-1991-4750-8dee-34ff9699a1af}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\cfd1d6d0_0]
@="{0.0.0.00000000}.{0f1cb66d-3169-4e2a-b060-838c96c8c02b}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e968d7c9_0]
@="{0.0.0.00000000}.{396ee420-2070-499e-b918-a644c8ca599d}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ec92ccf4_0]
@="{0.0.0.00000000}.{90fe2ada-7ae4-4c8d-98d1-77d68a4e6dca}|\Device\HarddiskVolume2\Program Files\DesetiPrsty\DesetiPrsty.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\PageSetup]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\MediaPlayer\Battery\Presets]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\MM20\TimelineSettings]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\MobileDriveSetup]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\MSPaper 12.0\ScannerApp]
"RecentPreset"="Černobíle"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Office\12.0\Publisher\Preferences]
"PageSetupWindowSize"="140, 147, 1000, 700"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\homepagereset.com]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\onlyiesettings.com]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Windows\CurrentVersion\Media Center\Settings\Audio]
"ActiveVisualizationPreset"="<<NULL>>"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Windows NT\CurrentVersion\Font Management]
"Inactive Fonts"="Large Fonts 8514oem Marlett Andalus Arial Unicode MS Arabic Typesetting HGMaruGothicMPRO Estrangelo Edessa Microsoft Uighur MV Boli Sakkal Majalla Simplified Arabic Simplified Arabic Fixed Traditional Arabic FangSong KaiTi Microsoft YaHei NSimSun SimHei SimSun SimSun-ExtB DFKai-SB Microsoft JhengHei MingLiU MingLiU-ExtB MingLiU_HKSCS MingLiU_HKSCS-ExtB PMingLiU PMingLiU-ExtB Euphemia Lao UI Plantagenet Cherokee Aharoni David FrankRuehl Gisha Levenim MT Miriam Miriam Fixed Narkisim Rod Aparajita Gautami Iskoola Pota Kalinga Kartika Kokila Latha Mangal Raavi Shonar Bangla Shruti Tunga Utsaah Vani Vijaya Vrinda Meiryo Meiryo UI MS Gothic MS Mincho MS PGothic MS PMincho MS UI Gothic Batang BatangChe Dotum DotumChe Gulim GulimChe Gungsuh GungsuhChe Malgun Gothic Ebrima Microsoft Himalaya Microsoft New Tai Lue Microsoft PhagsPa Microsoft Tai Le Microsoft Yi Baiti Mongolian Bait
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\pmq SOFTWARE\DesetiPrsty5]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\pmq SOFTWARE\DesetiPrsty5\Deseti prsty]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\VSO\ConvertXtoDVD\5.0]
"Enc_video_preset"="VEP_AUTOMATIC"
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\VSO\ConvertXtoDVD\5.0\Frm_LesserTypeSettings]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\VSO\ConvertXtoDVD\5.0\Stt_TypeSettings]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Font Management]
"Inactive Fonts"="Large Fonts 8514oem Marlett Andalus Arial Unicode MS Arabic Typesetting HGMaruGothicMPRO Estrangelo Edessa Microsoft Uighur MV Boli Sakkal Majalla Simplified Arabic Simplified Arabic Fixed Traditional Arabic FangSong KaiTi Microsoft YaHei NSimSun SimHei SimSun SimSun-ExtB DFKai-SB Microsoft JhengHei MingLiU MingLiU-ExtB MingLiU_HKSCS MingLiU_HKSCS-ExtB PMingLiU PMingLiU-ExtB Euphemia Lao UI Plantagenet Cherokee Aharoni David FrankRuehl Gisha Levenim MT Miriam Miriam Fixed Narkisim Rod Aparajita Gautami Iskoola Pota Kalinga Kartika Kokila Latha Mangal Raavi Shonar Bangla Shruti Tunga Utsaah Vani Vijaya Vrinda Meiryo Meiryo UI MS Gothic MS Mincho MS PGothic MS PMincho MS UI Gothic Batang BatangChe Dotum DotumChe Gulim GulimChe Gungsuh GungsuhChe Malgun Gothic Ebrima Microsoft Himalaya Microsoft New Tai Lue Microsoft PhagsPa Microsoft Tai Le Microsoft Yi Baiti Mongolian Baiti Nyala Sylfaen Angsana New AngsanaUPC

-= EOF =-

Re: Prosím o kontrolu

Napsal: 28 pro 2012 22:06
od Roli
Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\Program Files\ESET
C:\Program Files\AVG

:reg
[-HKEY_CURRENT_USER\Software\ESET]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Eset]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Eset\ESET Online Scanner]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_csy_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_csy_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_enu_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_enu_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ESETSmartInstaller_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ESETSmartInstaller_RASMANCS]

:commands
[purity]
[emptytemp]
[start explorer]
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

Re: Prosím o kontrolu

Napsal: 29 pro 2012 09:19
od Milan12300
Koukám že jste mi smazal i AVG. To ale antivir nebyl, byl to jen TuneUp. No nevadí..

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\Program Files\ESET not found.
C:\Program Files\AVG\AVG PC Tuneup\Lang folder moved successfully.
C:\Program Files\AVG\AVG PC Tuneup\Data folder moved successfully.
C:\Program Files\AVG\AVG PC Tuneup folder moved successfully.
C:\Program Files\AVG folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\ESET\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Eset\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Eset\ESET Online Scanner\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_csy_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_csy_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_enu_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\esetsmartinstaller_enu_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ESETSmartInstaller_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ESETSmartInstaller_RASMANCS\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: X
->Temp folder emptied: 20054662 bytes
->Temporary Internet Files folder emptied: 96416422 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 388296619 bytes
->Flash cache emptied: 1089 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 7987762 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes
RecycleBin emptied: 372678 bytes

Total Files Cleaned = 489,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 12292012_091215

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: Prosím o kontrolu

Napsal: 29 pro 2012 23:57
od Roli
Milan12300 píše:Koukám že jste mi smazal i AVG. To ale antivir nebyl, byl to jen TuneUp. No nevadí..
To se omlouvám, ale na druhou stranu jsem se ještě nesetkal s produktem od AVG který by dělal co má.

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Pak dej vědět jaký je stav PC.


Jo a ještě jedna věc, kterou jsem sice již psal ale zopakuji to, není dobré často měnit antivir !

Re: Prosím o kontrolu

Napsal: 30 pro 2012 00:45
od Milan12300
Počítač se mi zatím zdá v pohodě. A k těm antivirům ještě.. Já si občas takhle stáhnu třeba mbam nebo superantispyware a projedu to tím. Jinak nevím kdy to bylo, ale vloni jsem zkoušel všechny možné (jen ty známé - avg, eset, norton, kaspersky-ten jsem nemohl kvůli tomu esetu..) A ze všech mi asi nejvíc vyhovoval avast. Jinak díky moc a měj se. :worship:

Re: Prosím o kontrolu

Napsal: 30 pro 2012 19:11
od Roli
Antispy programy nesahají tak agresivně do systému jako antiviry které umí jak jsi sám zjistil udělat v PC pěknou paseku.

Jinak není vůbec zač a :closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz