Logfile of random's system information tool 1.08 (written by random/random)
Run by Lucas at 2011-08-18 09:31:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 27 GB (44%) free of 60 GB
Total RAM: 4095 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:31:24, on 18.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\trend micro\Lucas.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Unknown owner - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7285 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1c1040fa-cb01-4c31-90f3-60d5c00e8cd3 -SystemEventPortName:HostProcess-c92f407b-f237-4b59-bcfd-51eb60a456fe -IoCancelEventPortName:HostProcess-37ce003f-8417-4873-b487-6470e2b4cd00 -NonStateChangingEventPortName:HostProcess-6b8210e5-dc06-4f15-8e56-773ae3366d5b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:36eb7038-d4b4-4455-b7ce-2bd80e85d6d0
WLIDSvcM.exe 1960
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
KHALMNPR.EXE /API
"C:\Windows\System32\rundll32.exe" P17RunE.dll,RunDLLEntry
"C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\vssvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Lucas\Documents\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-06-24 1744152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
""= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files (x86)\Steam\Steam.exe [2011-08-08 1242448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lucas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk]
C:\Program Files (x86)\BinarySense\HDDlife 3\HDDlifePro.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lucas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"VolPanel"=C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [2009-07-07 241789]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-06-17 68376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-08-10 10:13:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-08-10 10:13:17 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-10 10:13:16 ----A---- C:\Windows\system32\iertutil.dll
2011-08-10 10:13:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-08-10 10:13:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-08-10 10:13:15 ----A---- C:\Windows\system32\jscript9.dll
2011-08-10 10:13:15 ----A---- C:\Windows\system32\ieui.dll
2011-08-10 10:13:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-08-10 10:13:14 ----A---- C:\Windows\SYSWOW64\url.dll
2011-08-10 10:13:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-08-10 10:13:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-08-10 10:13:14 ----A---- C:\Windows\system32\urlmon.dll
2011-08-10 10:13:14 ----A---- C:\Windows\system32\url.dll
2011-08-10 10:13:14 ----A---- C:\Windows\system32\jscript.dll
2011-08-10 10:13:13 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-08-10 10:13:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-08-10 10:13:13 ----A---- C:\Windows\system32\wininet.dll
2011-08-10 10:13:13 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-10 10:13:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-08-10 10:13:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-08-10 10:13:10 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 10:13:09 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 10:05:23 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 10:05:23 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-08-10 10:05:23 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-08-10 10:05:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-08-10 10:05:23 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-08-10 10:05:23 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-08-10 10:05:23 ----A---- C:\Windows\system32\wow64win.dll
2011-08-10 10:05:23 ----A---- C:\Windows\system32\wow64cpu.dll
2011-08-10 10:05:23 ----A---- C:\Windows\system32\wow64.dll
2011-08-10 10:05:23 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 10:05:23 ----A---- C:\Windows\system32\ntvdm64.dll
2011-08-10 10:05:23 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-10 10:05:23 ----A---- C:\Windows\system32\kernel32.dll
2011-08-10 10:05:23 ----A---- C:\Windows\system32\conhost.exe
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 10:05:22 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-10 10:05:22 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-08-10 10:05:21 ----A---- C:\Windows\SYSWOW64\user.exe
2011-08-10 10:05:19 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-08-10 10:05:19 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 10:05:19 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-10 10:05:19 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-10 10:05:19 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-10 10:05:18 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-08-10 10:05:18 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-08-10 10:05:18 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-08-10 10:05:18 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-08-10 10:05:18 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-08-10 10:05:18 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-10 10:05:17 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 10:04:42 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-10 10:04:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-08-10 10:04:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 10:04:40 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-08-09 17:45:05 ----D---- C:\Users\Lucas\AppData\Roaming\Origin
2011-08-08 16:48:45 ----D---- C:\Windows\Internet Logs
2011-08-08 16:20:51 ----D---- C:\Program Files\Logitech
2011-07-30 12:20:47 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-07-30 12:20:47 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2011-07-30 12:20:47 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2011-07-30 12:20:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2011-07-30 12:20:47 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2011-07-30 12:20:47 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2011-07-30 12:20:47 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2011-07-30 12:20:47 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2011-07-30 12:20:47 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2011-07-30 12:20:47 ----A---- C:\Windows\system32\OpenCL.dll
2011-07-30 12:20:47 ----A---- C:\Windows\system32\nvoglv64.dll
2011-07-30 12:20:47 ----A---- C:\Windows\system32\nvd3dumx.dll
2011-07-30 12:20:47 ----A---- C:\Windows\system32\nvcuvid.dll
2011-07-30 12:20:47 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-07-30 12:20:47 ----A---- C:\Windows\system32\nvcuda.dll
2011-07-30 12:20:47 ----A---- C:\Windows\system32\nvcompiler.dll
2011-07-30 12:20:47 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-07-20 14:30:18 ----A---- C:\Windows\system32\easyupdatusapiu64.dll
2011-07-20 14:28:46 ----A---- C:\Windows\system32\nvgenco642090.dll
2011-07-20 14:28:46 ----A---- C:\Windows\system32\nvdispco6420150.dll
2011-07-20 14:24:15 ----D---- C:\ProgramData\NVIDIA Corporation
======List of files/folders modified in the last 1 months======
2011-08-18 09:31:24 ----D---- C:\Windows\Prefetch
2011-08-18 09:31:22 ----D---- C:\Program Files\trend micro
2011-08-18 09:31:05 ----SHD---- C:\System Volume Information
2011-08-18 09:24:15 ----D---- C:\Windows\Temp
2011-08-18 09:24:00 ----D---- C:\Windows\system32\config
2011-08-15 18:08:49 ----D---- C:\Windows
2011-08-15 15:04:52 ----D---- C:\Windows\debug
2011-08-14 11:13:55 ----D---- C:\Users\Lucas\AppData\Roaming\uTorrent
2011-08-13 20:03:22 ----D---- C:\Windows\system32\catroot2
2011-08-11 19:48:39 ----RSD---- C:\Windows\assembly
2011-08-11 19:47:58 ----SHD---- C:\Windows\Installer
2011-08-10 12:17:09 ----D---- C:\Windows\Microsoft.NET
2011-08-10 10:33:31 ----D---- C:\Windows\winsxs
2011-08-10 10:31:49 ----D---- C:\Windows\SYSWOW64\migration
2011-08-10 10:31:49 ----D---- C:\Windows\SysWOW64
2011-08-10 10:31:49 ----D---- C:\Windows\system32\migration
2011-08-10 10:31:49 ----D---- C:\Windows\system32\drivers
2011-08-10 10:31:49 ----D---- C:\Windows\System32
2011-08-10 10:31:49 ----D---- C:\Windows\AppPatch
2011-08-10 10:31:49 ----D---- C:\Program Files\Internet Explorer
2011-08-10 10:31:49 ----D---- C:\Program Files (x86)\Internet Explorer
2011-08-10 10:28:52 ----D---- C:\Windows\system32\catroot
2011-08-10 10:25:52 ----A---- C:\Windows\system32\MRT.exe
2011-08-10 10:23:23 ----D---- C:\Windows\inf
2011-08-10 10:23:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-10 10:18:27 ----A---- C:\Windows\win.ini
2011-08-10 09:56:40 ----D---- C:\Program Files\Microsoft Security Client
2011-08-09 17:45:05 ----D---- C:\ProgramData\Origin
2011-08-09 10:05:54 ----D---- C:\Program Files (x86)\Microsoft Security Client
2011-08-09 10:05:29 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-08-08 18:08:16 ----D---- C:\Windows\pss
2011-08-08 16:48:45 ----HD---- C:\ProgramData
2011-08-08 16:47:54 ----RD---- C:\Program Files (x86)
2011-08-08 16:47:00 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-08 16:47:00 ----D---- C:\Windows\system32\DriverStore
2011-08-08 16:22:22 ----SD---- C:\Users\Lucas\AppData\Roaming\Microsoft
2011-08-08 16:22:04 ----D---- C:\Program Files\Common Files\LogiShrd
2011-08-08 16:20:55 ----D---- C:\ProgramData\Logishrd
2011-08-08 16:20:51 ----RD---- C:\Program Files
2011-07-30 12:21:14 ----D---- C:\ProgramData\NVIDIA
2011-07-30 12:12:15 ----D---- C:\Windows\SYSWOW64\directx
2011-07-30 12:11:33 ----D---- C:\Temp
2011-07-24 12:46:04 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-21 16:35:51 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-07-21 16:34:33 ----D---- C:\Program Files\NVIDIA Corporation
2011-07-21 16:34:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-07-20 14:24:50 ----D---- C:\Windows\Help
2011-07-20 14:16:59 ----D---- C:\Windows\system32\Tasks
2011-07-20 13:10:50 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-13 834544]
R1 BS_I2cIo;BS_I2cIo; \??\C:\Windows\system32\drivers\BS_I2cIo.sys [2006-12-28 26472]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-11-26 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-11-26 43680]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-04-30 66840]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-04-30 60184]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-04-30 42776]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-07-06 25912]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1309696]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
S3 asct74x9;asct74x9; C:\Windows\system32\drivers\asct74x9.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-12-02 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-12-02 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 68992]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-10-08 990312]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-03-16 75136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe []
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-13 136176]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-02-06 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-06-13 79360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-13 136176]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-06-17 359192]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-08-11 411432]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-13 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zdravím. 
Momentík, hnedle se na to mrknu.
Momentík, hnedle se na to mrknu.
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Takže log vypadá čistý. 
Jen dočistíme pár drobností:
Stáhni si utilitu OTM z jednoho z těchto odkazů:
Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script:Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\
Dále klikni na Start >> Spustit... (nebo Win+R) >> do okénka napiš services.msc >> [Enter]
Najdi služby:
Google Update Service (gupdate)
Služba Google Update (gupdatem)
Klikni na ně pravým myšítkem, zvol Vlastnosti, na další kartě nejprve služby zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.
DOPORUČENÍ:
Nevidím antivir, rozhodně si nějaký nainstaluj, takhle příliš riskuješ. Zkus si pročíst třeba tohle téma.
MBAM bych vypnul, aby se nespouštěl po startu, je to zbytečné, stačí spouštět ručně na občasný scan.
Osobně bych doporučoval free ochranu Avast 6 + SUPERAntiSpyware na občasný scan.
Jen dočistíme pár drobností:
Stáhni si utilitu OTM z jednoho z těchto odkazů:
- http://oldtimer.geekstogo.com/OTM.exe
http://oldtimer.geekstogo.com/OTM.com
http://oldtimer.geekstogo.com/OTM.scr
Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script:
Kód: Vybrat vše
:Reg
[HKCU\Software\Microsoft\Internet Explorer\Main]
"Search Page"=""
[HKLM\Software\Microsoft\Internet Explorer\Main]
"Search Page"=""
"Start Page"=""
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
""=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lucas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lucas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:Commands
[Purity]
[ResetHosts]
[EmptyTemp]
[ClearAllRestorePoints]Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\
Dále klikni na Start >> Spustit... (nebo Win+R) >> do okénka napiš services.msc >> [Enter]Najdi služby:
Google Update Service (gupdate)
Služba Google Update (gupdatem)
Klikni na ně pravým myšítkem, zvol Vlastnosti, na další kartě nejprve služby zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.
DOPORUČENÍ: Nevidím antivir, rozhodně si nějaký nainstaluj, takhle příliš riskuješ. Zkus si pročíst třeba tohle téma. MBAM bych vypnul, aby se nespouštěl po startu, je to zbytečné, stačí spouštět ručně na občasný scan. Osobně bych doporučoval free ochranu Avast 6 + SUPERAntiSpyware na občasný scan.--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Prosím o kontrolu
All processes killed
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Search Page"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\"Search Page"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"" /E : value set successfully!
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lucas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lucas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder moved successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP folder moved successfully.
C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP991A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2D83.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7437.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAD7C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC401.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE070.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE9CA.tmp folder moved successfully.
C:\Windows\Installer\MSI29A5.tmp moved successfully.
C:\Windows\Installer\MSI2C84.tmp moved successfully.
C:\Windows\Installer\MSI5A21.tmp moved successfully.
C:\Windows\Installer\MSI6DC1.tmp moved successfully.
C:\Windows\Installer\MSI94A3.tmp moved successfully.
C:\Windows\Installer\MSIB16A.tmp moved successfully.
C:\Windows\Installer\MSIDB08.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\f4304548b2b4f38f4531fdb14b59833e\BIT1131.tmp moved successfully.
C:\Windows\System32\tmp19E5.tmp moved successfully.
C:\Windows\System32\tmp19F6.tmp moved successfully.
C:\Windows\System32\tmpD874.tmp moved successfully.
C:\Windows\System32\tmpD875.tmp moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Lucas
->Temp folder emptied: 6171630 bytes
->Temporary Internet Files folder emptied: 524422 bytes
->Java cache emptied: 1498151 bytes
->FireFox cache emptied: 48085422 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 7362 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1778 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 54,00 mb
Restore point Set: OTM Restore Point
OTM by OldTimer - Version 3.1.18.0 log created on 08182011_144738
Files moved on Reboot...
C:\Users\Lucas\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Search Page"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\"Search Page"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"" /E : value set successfully!
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lucas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lucas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder moved successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP folder moved successfully.
C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP991A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2D83.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7437.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAD7C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC401.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE070.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE9CA.tmp folder moved successfully.
C:\Windows\Installer\MSI29A5.tmp moved successfully.
C:\Windows\Installer\MSI2C84.tmp moved successfully.
C:\Windows\Installer\MSI5A21.tmp moved successfully.
C:\Windows\Installer\MSI6DC1.tmp moved successfully.
C:\Windows\Installer\MSI94A3.tmp moved successfully.
C:\Windows\Installer\MSIB16A.tmp moved successfully.
C:\Windows\Installer\MSIDB08.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\f4304548b2b4f38f4531fdb14b59833e\BIT1131.tmp moved successfully.
C:\Windows\System32\tmp19E5.tmp moved successfully.
C:\Windows\System32\tmp19F6.tmp moved successfully.
C:\Windows\System32\tmpD874.tmp moved successfully.
C:\Windows\System32\tmpD875.tmp moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Lucas
->Temp folder emptied: 6171630 bytes
->Temporary Internet Files folder emptied: 524422 bytes
->Java cache emptied: 1498151 bytes
->FireFox cache emptied: 48085422 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 7362 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1778 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 54,00 mb
Restore point Set: OTM Restore Point
OTM by OldTimer - Version 3.1.18.0 log created on 08182011_144738
Files moved on Reboot...
C:\Users\Lucas\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Jestli jsi provedl všechny kroky a doporučení, dočistíme:
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
Proveď i tyto kroky a to by bylo z mé strany vše.
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stáhni a spusť.
- Klikni na CleanUp a potvrď YES.
- Program uklidí a restartuje PC.
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stáhni a spusť.
- Klikni na Start a potvrď OK.
- Program uklidí a restartuje PC.
- Po použití utilitu smaž.
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
- Panel čistič
- Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.
- Panel registry
- Klikni na Hledej problémy.
- Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
- Postup opakuj, dokud nebude bez problémů - většinou cca 3x.
- Panel nástroje
- Zde můžeš odinstalovat nepotřebné programy.
Proveď i tyto kroky a to by bylo z mé strany vše.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Prosím o kontrolu
Vše provedeno, děkuji vám.
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Není zač.lucassman píše:Vše provedeno, děkuji vám.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Přispějete na provoz fóra?