Prosím o kontrolu

Zpráva

karlik321 · #1 Příspěvek od **karlik321** » 07 lis 2010 15:47

Dobré odpoledne,
byl bych moc rad, kdyby se mi na to někdo podíval a poradil mi co s tím. Je to z NB(win 7 64). Mám ho připojený přes WIFI a poslední dobou na něm nefungují prohlížeče(internet funguje-qip,torrenty všechno) jen prohlížení stránek ne. Zkoušel jsem plno věcí, jako vypnout fw,antivir,ping nastavení připojení.

Předem děkuji

Logfile of random's system information tool 1.08 (written by random/random)
Run by Karel at 2010-11-07 15:27:47
Microsoft Windows 7 Professional
System drive C: has 41 GB (17%) free of 238 GB
Total RAM: 4095 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:50, on 7.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\QIP 2010\qip.exe
F:\hijackthis.exe
C:\Program Files\trend micro\Karel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~2\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PcSync] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\iobit\advanced systemcare 3\spictrl.dll
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10354 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
taskeng.exe {58C71965-DAF9-4F1D-9FF1-AA60AC4EBEB9}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Atouch64.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\mobsync.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\QIP 2010\qip.exe"
"F:\hijackthis.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-98dde3fa-df20-44e6-a321-3ddd8c98adc9 -SystemEventPortName:HostProcess-d75445cb-bc0c-408e-889f-b7dbee53d6fb -IoCancelEventPortName:HostProcess-d3e292d7-493d-4bcd-ad9d-5eb883cad136 -NonStateChangingEventPortName:HostProcess-eebb6e53-c0ee-478b-9829-c652fb7f0103 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:90653b08-628f-4ded-8c14-2c705c4236f2
"F:\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-432401014-2267681530-4021313041-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-432401014-2267681530-4021313041-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-27 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-11 135664]
"PcSync"=C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe [2006-06-27 1449984]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2010-08-24 1242448]
"Advanced SystemCare 3"=C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe [2010-09-28 2407632]
"Infium"=C:\Program Files (x86)\QIP 2010\qip.exe [2010-10-25 5828560]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"PCSuiteTrayApplication"=C:\PROGRA~2\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
"HTC Sync Loader"=C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2010-08-18 249856]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=D:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2010-03-09 47672]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-03-09 3054136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-07 15:27:47 ----D---- C:\rsit
2010-11-07 15:27:47 ----D---- C:\Program Files\trend micro
2010-11-07 01:12:17 ----D---- C:\ProgramData\IObit
2010-11-06 19:01:41 ----D---- C:\Program Files (x86)\Bloody Good Time
2010-11-06 17:50:25 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2010-11-06 17:50:25 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2010-11-06 17:50:25 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2010-11-06 17:50:25 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-11-06 17:50:25 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-11-06 17:50:25 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-11-06 17:50:23 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2010-11-06 17:50:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2010-11-06 17:50:23 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-11-06 17:50:23 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-11-06 17:50:22 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2010-11-06 17:50:22 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2010-11-06 17:50:22 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-11-06 17:50:22 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-11-06 17:50:21 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2010-11-06 17:50:21 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-11-06 17:50:20 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2010-11-06 17:50:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2010-11-06 17:50:20 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-11-06 17:50:20 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-11-06 17:50:19 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2010-11-06 17:50:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2010-11-06 17:50:19 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-11-06 17:50:19 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-11-06 16:14:45 ----A---- C:\Windows\IsUninst.exe
2010-11-06 16:14:31 ----A---- C:\Windows\Mhpb.ini
2010-11-01 20:50:33 ----D---- C:\Program Files (x86)\Euro Truck Simulator
2010-10-31 22:39:31 ----D---- C:\DirectX
2010-10-31 20:42:53 ----D---- C:\Users\Karel\AppData\Roaming\QIP
2010-10-31 20:42:29 ----D---- C:\Program Files (x86)\QIP 2010
2010-10-30 15:30:24 ----D---- C:\ProgramData\Blizzard Entertainment
2010-10-30 14:25:33 ----D---- C:\Users\Karel\AppData\Roaming\Mozilla
2010-10-30 14:25:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-10-30 14:25:11 ----D---- C:\ProgramData\CentrumczToolbar
2010-10-30 14:25:10 ----D---- C:\Program Files (x86)\CentrumczToolbar
2010-10-30 09:43:53 ----D---- C:\ProgramData\Bagger-Simulator 2011
2010-10-30 03:27:03 ----D---- C:\Program Files (x86)\EACOM
2010-10-28 18:23:38 ----D---- C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2010-10-27 17:48:48 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-10-27 17:48:48 ----A---- C:\Windows\system32\msdri.dll
2010-10-27 17:48:48 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-27 17:48:42 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-10-26 06:24:11 ----A---- C:\cmdlog.txt
2010-10-24 16:04:18 ----D---- C:\Users\Karel\AppData\Roaming\IObit
2010-10-24 16:04:17 ----D---- C:\Program Files (x86)\IObit
2010-10-24 14:03:17 ----D---- C:\Program Files\Farming Simulator 2009 Gold
2010-10-24 13:01:17 ----D---- C:\ProgramData\NVIDIA Corporation
2010-10-24 12:59:46 ----A---- C:\Windows\system32\nvhdap64.dll
2010-10-24 12:59:46 ----A---- C:\Windows\system32\nvgenco64.dll
2010-10-24 12:59:46 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\OpenCL.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvoglv64.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvgenco642030.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvdispco642050.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvd3dumx.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvcuvid.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvcuda.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvcompiler.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-10-23 15:37:06 ----D---- C:\Users\Karel\AppData\Roaming\YoudaGames
2010-10-20 16:43:49 ----D---- C:\Robinova kamerka
2010-10-17 15:58:08 ----SHD---- C:\ProgramData\DSS
2010-10-15 17:02:17 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-10-15 17:02:17 ----A---- C:\Windows\system32\t2embed.dll
2010-10-15 17:02:14 ----A---- C:\Windows\system32\ole32.dll
2010-10-15 17:02:13 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-10-15 17:02:09 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-10-15 17:02:09 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-10-15 17:02:07 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-10-15 17:02:07 ----A---- C:\Windows\system32\schannel.dll
2010-10-15 17:02:04 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-10-15 17:02:04 ----A---- C:\Windows\system32\comctl32.dll
2010-10-15 17:02:02 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-15 17:02:01 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-10-15 17:01:58 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-10-15 17:01:58 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-10-15 17:01:52 ----A---- C:\Windows\system32\mshtml.dll
2010-10-15 17:01:49 ----A---- C:\Windows\system32\iertutil.dll
2010-10-15 17:01:49 ----A---- C:\Windows\system32\ieframe.dll
2010-10-15 17:01:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-10-15 17:01:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-10-15 17:01:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-10-15 17:01:43 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-15 17:01:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-10-15 17:01:41 ----A---- C:\Windows\system32\urlmon.dll
2010-10-15 17:01:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-10-15 17:01:40 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-10-15 17:01:40 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-15 17:01:39 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-15 17:01:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-10-15 17:01:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-10-15 17:01:38 ----A---- C:\Windows\system32\wininet.dll
2010-10-15 17:01:38 ----A---- C:\Windows\system32\mstime.dll
2010-10-15 17:01:38 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-10-15 17:01:37 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-15 17:01:37 ----A---- C:\Windows\system32\ieui.dll
2010-10-15 17:01:37 ----A---- C:\Windows\system32\iepeers.dll
2010-10-15 17:01:36 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-10-15 17:01:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-10-15 17:01:36 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-15 17:01:36 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-15 17:01:19 ----A---- C:\Windows\system32\wmp.dll
2010-10-15 17:01:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-10-15 17:01:11 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-10-15 17:01:10 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-15 17:01:04 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-15 17:01:04 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-15 17:01:03 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-10-15 17:01:03 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-15 17:01:03 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-15 17:00:56 ----A---- C:\Windows\system32\win32k.sys
2010-10-08 01:22:00 ----A---- C:\Windows\system32\nvcpl.dll
2010-10-08 01:21:18 ----A---- C:\Windows\system32\nvsvc64.dll
2010-10-08 01:20:30 ----A---- C:\Windows\system32\nvmctray.dll
2010-10-08 01:20:26 ----A---- C:\Windows\system32\nvvsvc.exe
2010-10-08 01:20:26 ----A---- C:\Windows\system32\nvsvcr.dll
2010-10-08 01:20:26 ----A---- C:\Windows\system32\nvhotkey.dll

======List of files/folders modified in the last 1 months======

2010-11-07 15:27:50 ----D---- C:\Windows\Prefetch
2010-11-07 15:27:48 ----D---- C:\Windows\Temp
2010-11-07 15:27:47 ----RD---- C:\Program Files
2010-11-07 14:48:51 ----D---- C:\Windows\System32
2010-11-07 14:48:51 ----D---- C:\Windows\inf
2010-11-07 14:48:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-07 14:11:12 ----D---- C:\Windows\system32\config
2010-11-07 13:39:30 ----RSD---- C:\Windows\assembly
2010-11-07 13:39:30 ----D---- C:\Windows\Microsoft.NET
2010-11-07 13:15:52 ----RD---- C:\Program Files (x86)
2010-11-07 13:15:50 ----D---- C:\Users\Karel\AppData\Roaming\uTorrent
2010-11-07 13:07:03 ----D---- C:\Windows\system32\NDF
2010-11-07 12:40:33 ----SHD---- C:\Windows\Installer
2010-11-07 12:40:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-11-07 12:40:09 ----D---- C:\Windows\system32\cs-CZ
2010-11-07 12:37:13 ----D---- C:\Windows\SysWOW64
2010-11-07 12:37:12 ----D---- C:\Windows\SYSWOW64\en-US
2010-11-07 12:37:12 ----D---- C:\Windows\system32\en-US
2010-11-07 12:37:11 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-11-07 12:36:33 ----SHD---- C:\System Volume Information
2010-11-07 12:16:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-11-07 11:34:24 ----D---- C:\Windows\system32\Tasks
2010-11-07 11:34:09 ----D---- C:\Program Files (x86)\Steam
2010-11-07 11:33:21 ----D---- C:\ProgramData\NVIDIA
2010-11-07 10:28:04 ----D---- C:\Windows\system32\drivers
2010-11-07 10:28:02 ----D---- C:\Windows\system32\catroot
2010-11-07 10:27:59 ----D---- C:\Windows\system32\DriverStore
2010-11-07 09:26:22 ----D---- C:\Windows
2010-11-07 02:26:55 ----D---- C:\Windows\system32\catroot2
2010-11-07 01:12:17 ----HD---- C:\ProgramData
2010-11-07 01:07:53 ----D---- C:\Windows\Panther
2010-11-07 01:07:53 ----D---- C:\Windows\Logs
2010-11-07 01:07:53 ----D---- C:\dumps
2010-11-07 00:52:43 ----D---- C:\Program Files (x86)\THQ
2010-11-07 00:50:53 ----RSD---- C:\Windows\Fonts
2010-11-06 00:31:53 ----D---- C:\Windows\Tasks
2010-10-31 16:57:23 ----D---- C:\Windows\SYSWOW64\directx
2010-10-31 16:56:06 ----HD---- C:\Windows\msdownld.tmp
2010-10-31 14:12:46 ----D---- C:\Fraps
2010-10-30 15:46:44 ----D---- C:\Program Files (x86)\Common Files
2010-10-30 10:37:51 ----D---- C:\Windows\rescache
2010-10-30 09:49:25 ----A---- C:\Windows\Thps3.INI
2010-10-29 08:38:26 ----D---- C:\PerfLogs
2010-10-29 08:08:08 ----D---- C:\Windows\winsxs
2010-10-29 08:08:02 ----D---- C:\Windows\AppPatch
2010-10-28 02:01:27 ----D---- C:\Windows\ehome
2010-10-24 13:03:33 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-10-24 13:00:50 ----D---- C:\Program Files\NVIDIA Corporation
2010-10-24 11:43:21 ----D---- C:\ProgramData\Adobe
2010-10-23 14:42:37 ----SD---- C:\Users\Karel\AppData\Roaming\Microsoft
2010-10-23 10:34:38 ----D---- C:\Windows\Minidump
2010-10-23 10:34:38 ----D---- C:\Windows\debug
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-16 14:34:36 ----D---- C:\Windows\SYSWOW64\migration
2010-10-16 14:34:36 ----D---- C:\Windows\system32\migration
2010-10-16 14:34:36 ----D---- C:\Program Files\Internet Explorer
2010-10-16 14:34:36 ----D---- C:\Program Files (x86)\Internet Explorer
2010-10-16 14:34:35 ----D---- C:\Program Files\Windows Media Player
2010-10-16 14:34:35 ----D---- C:\Program Files (x86)\Windows Media Player
2010-10-16 14:30:01 ----A---- C:\Windows\system32\MRT.exe
2010-10-08 09:47:00 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2010-10-08 09:47:00 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2010-10-08 09:47:00 ----A---- C:\Windows\system32\nvwgf2umx.dll
2010-10-08 09:47:00 ----A---- C:\Windows\system32\nvapi64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-03-09 35384]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-11 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-09-07 155752]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 1799680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ahvakjjo;ahvakjjo; C:\Windows\system32\drivers\ahvakjjo.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\plugins\UI\safedrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
S3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw1v64.sys [2009-07-20 7058432]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1823112]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-10-08 990312]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-08 369256]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 07 lis 2010 19:42

Zdravim a pekny den preji

Odinstalujte Advanced SystemCare 3 a pote i vse od IObit - jedna se o cinsky smejd, databazi haveti ukradli spolecnosti co dela MBAM a navic se jedna o spyware a podvodny program

Doporucuji odinstalovat klienty P2P siti - jsou potencialnim rizikem pro bezpecnost PC a jsou velmi casto zdrojem viru a haveti.

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

karlik321 · #3 Příspěvek od **karlik321** » 07 lis 2010 23:07

Tady to je. Snad jsem na nic nezapomněl.

OTL logfile created on: 11/7/2010 10:38:40 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Karel\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 69.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 33.51 Gb Free Space | 14.39% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 25.28 Gb Free Space | 10.86% Space Free | Partition Type: NTFS
Drive F: | 3.74 Gb Total Space | 3.73 Gb Free Space | 99.73% Space Free | Partition Type: FAT32
Drive G: | 683.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KAREL-PC | User Name: Karel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2010/11/07 22:34:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Karel\Desktop\OTL.exe
PRC - [2010/10/25 18:02:00 | 005,828,560 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2010\qip.exe
PRC - [2010/10/08 00:03:46 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/09 18:22:17 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/08/12 23:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/07/24 19:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/24 02:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/23 02:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/07 20:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/19 00:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/20 20:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 05:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2006/06/05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) -- C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe

========== Modules (SafeList) ==========

MOD - [2010/11/07 22:34:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Karel\Desktop\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/10/08 00:03:46 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/30 10:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/24 02:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/07/16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2006/06/05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/09/07 21:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/09/07 15:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/03/11 22:02:29 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/02/24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010/02/03 14:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/11/01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/09/15 19:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Ovladač adaptéru Intel(R)
DRV:64bit: - [2009/07/27 08:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/07/20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/20 08:33:42 | 007,058,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw1v64.sys -- (NETw1v64) Intel(R)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:11:42 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/20 03:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/18 21:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 11:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 14:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/05/20 09:11:06 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/13 02:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 20:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 0F 19 74 86 3D CB 01 [binary data]
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Centrum.cz Search"
FF - prefs.js..browser.startup.homepage: "http://qip.ru"
FF - prefs.js..extensions.enabledItems: Cetrumcz@igeared:1.203.023.002
FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7.1
FF - prefs.js..extensions.enabledItems: {5556F97E-11A5-46b0-9082-32AD74AAA920}:0.4.2.2
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/31 20:42:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/30 14:25:29 | 000,000,000 | ---D | M]

[2010/10/30 14:25:42 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mozilla\Extensions
[2010/11/06 00:16:23 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\he1mt627.default\extensions
[2010/10/31 20:42:32 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\he1mt627.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010/10/30 14:30:22 | 000,000,000 | ---D | M] (AutoFormer) -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\he1mt627.default\extensions\{5556F97E-11A5-46b0-9082-32AD74AAA920}
[2010/10/30 14:29:51 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\he1mt627.default\extensions\check4change-owner@mozdev.org
[2010/10/31 20:42:43 | 000,002,062 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\he1mt627.default\searchplugins\qip-search.xml
[2010/10/30 14:25:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/26 06:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010/07/23 01:28:35 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/07/23 01:28:35 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/07/23 01:28:35 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/07/23 01:28:35 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/07/23 01:28:35 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010/04/25 19:22:58 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-432401014-2267681530-4021313041-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-432401014-2267681530-4021313041-1000..\Run: [Infium] C:\Program Files (x86)\QIP 2010\qip.exe (QIP)
O4 - HKU\S-1-5-21-432401014-2267681530-4021313041-1000..\Run: [PcSync] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-432401014-2267681530-4021313041-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/07/18 08:18:16 | 000,000,051 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{76d39014-2d53-11df-a3e7-002243d52857}\Shell - "" = AutoRun
O33 - MountPoints2\{76d39014-2d53-11df-a3e7-002243d52857}\Shell\AutoRun\command - "" = G:\PlayDiskStart.exe -- [2003/07/18 08:18:16 | 000,040,960 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2010/11/07 22:35:38 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Karel\Desktop\OTL.exe
[2010/11/07 17:28:44 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\bizarre creations
[2010/11/07 15:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/11/07 15:27:47 | 000,000,000 | ---D | C] -- C:\rsit
[2010/11/07 01:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010/11/06 20:48:14 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\Aspyr
[2010/11/06 20:48:14 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Aspyr
[2010/11/06 19:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bloody Good Time
[2010/11/06 17:50:25 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010/11/06 17:50:25 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010/11/06 17:50:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010/11/06 17:50:25 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010/11/06 17:50:25 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010/11/06 17:50:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010/11/06 17:50:23 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010/11/06 17:50:23 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010/11/06 17:50:23 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010/11/06 17:50:23 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010/11/06 17:50:22 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010/11/06 17:50:22 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010/11/06 17:50:22 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010/11/06 17:50:22 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010/11/06 17:50:21 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010/11/06 17:50:21 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010/11/06 17:50:20 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010/11/06 17:50:20 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010/11/06 17:50:20 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010/11/06 17:50:20 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010/11/06 17:50:19 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010/11/06 17:50:19 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010/11/06 17:50:19 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010/11/06 17:50:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010/11/06 16:14:45 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2010/11/06 13:50:44 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\NHL 2004
[2010/11/01 21:13:07 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\Euro Truck Simulator
[2010/11/01 20:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Euro Truck Simulator
[2008/08/12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010/11/07 22:36:42 | 001,495,800 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/07 22:36:42 | 000,643,722 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/11/07 22:36:42 | 000,620,290 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/07 22:36:42 | 000,126,130 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/11/07 22:36:42 | 000,110,478 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/07 22:34:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Karel\Desktop\OTL.exe
[2010/11/07 21:49:52 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-432401014-2267681530-4021313041-1000UA.job
[2010/11/07 21:49:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/07 19:04:11 | 000,010,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/07 19:04:11 | 000,010,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/07 18:56:33 | 3220,623,360 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/07 18:55:26 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-432401014-2267681530-4021313041-1000Core.job
[2010/11/07 11:33:12 | 000,314,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/11/06 16:15:20 | 000,000,822 | ---- | M] () -- C:\Windows\Mhpb.ini
[2010/11/06 13:43:30 | 000,000,478 | ---- | M] () -- C:\Windows\eReg.dat
[2010/11/06 00:07:56 | 000,002,401 | ---- | M] () -- C:\Users\Karel\Desktop\Google Chrome.lnk
[2010/11/05 17:15:00 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/06 16:14:31 | 000,000,822 | ---- | C] () -- C:\Windows\Mhpb.ini
[2010/11/06 13:43:30 | 000,000,478 | ---- | C] () -- C:\Windows\eReg.dat
[2010/10/29 08:36:29 | 000,007,607 | ---- | C] () -- C:\Users\Karel\AppData\Local\resmon.resmoncfg
[2010/08/23 18:14:22 | 000,000,604 | ---- | C] () -- C:\Windows\Thps3.INI
[2010/08/17 13:43:21 | 000,000,274 | ---- | C] () -- C:\Windows\game.ini
[2010/04/02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/04/01 16:56:37 | 000,003,108 | ---- | C] () -- C:\Users\Karel\AppData\Roaming\NMM-MetaData.db
[2010/03/17 23:49:28 | 000,014,336 | ---- | C] () -- C:\Users\Karel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/11 23:03:21 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010/03/09 18:59:15 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2010/03/09 18:22:35 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/07/29 07:01:09 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/04/08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/12/02 03:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/05/22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007/06/12 18:34:50 | 000,035,822 | ---- | C] () -- C:\Program Files (x86)\Common Files\ASPG_icon.ico
[2005/12/07 12:31:00 | 000,202,752 | R--- | C] () -- C:\Windows\SysWow64\CddbCdda.dll

========== LOP Check ==========

[2010/07/05 08:42:15 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Bioshock2
[2010/04/16 23:04:19 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Broad Intelligence
[2010/07/05 21:13:50 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Cashfiesta
[2010/03/11 22:44:40 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\DAEMON Tools Lite
[2010/03/19 07:29:15 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Datalayer
[2010/08/30 10:09:27 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\HTC
[2010/08/30 10:09:29 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2010/03/18 07:04:59 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\ICQ
[2010/11/07 22:27:26 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\IObit
[2010/03/13 08:55:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\IrfanView
[2010/06/13 18:07:45 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Leadertech
[2010/07/05 11:34:44 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Need for Speed World
[2010/03/19 07:33:05 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Nokia
[2010/03/19 07:43:24 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Nokia Multimedia Player
[2010/03/19 07:22:22 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\PC Suite
[2010/10/31 20:42:53 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\QIP
[2010/03/30 14:46:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TuneUp Software
[2010/06/05 16:44:17 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Ubisoft
[2010/11/07 13:15:50 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\uTorrent
[2010/10/23 15:37:06 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\YoudaGames
[2010/03/13 15:43:00 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Zoner
[2010/11/05 17:15:00 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2010/06/12 16:36:08 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010/03/11 21:22:22 | 000,135,664 | ---- | M] (Google Inc.)
"PcSync" = C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog -- [2006/06/27 16:21:14 | 001,449,984 | ---- | M] (Time Information Services Ltd.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009/07/14 02:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2010/08/24 16:58:51 | 001,242,448 | ---- | M] (Valve Corporation)
"Infium" = "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun -- [2010/10/25 18:02:00 | 005,828,560 | ---- | M] (QIP)

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/08/30 09:33:26 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Adobe
[2010/07/05 08:42:15 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Bioshock2
[2010/04/16 23:04:19 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Broad Intelligence
[2010/07/05 21:13:50 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Cashfiesta
[2010/03/11 22:44:40 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\DAEMON Tools Lite
[2010/03/19 07:29:15 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Datalayer
[2010/05/29 02:43:12 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Hamachi
[2010/08/30 10:09:27 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\HTC
[2010/08/30 10:09:29 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2010/03/18 07:04:59 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\ICQ
[2010/03/11 20:57:10 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Identities
[2010/11/07 22:27:26 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\IObit
[2010/03/13 08:55:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\IrfanView
[2010/06/13 18:07:45 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Leadertech
[2010/03/11 20:57:42 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Macromedia
[2009/07/14 08:45:37 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Media Center Programs
[2010/10/23 14:42:37 | 000,000,000 | --SD | M] -- C:\Users\Karel\AppData\Roaming\Microsoft
[2010/10/30 14:25:42 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mozilla
[2010/07/05 11:34:44 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Need for Speed World
[2010/03/19 07:33:05 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Nokia
[2010/03/19 07:43:24 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Nokia Multimedia Player
[2010/04/01 13:18:37 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\NVIDIA
[2010/03/19 07:22:22 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\PC Suite
[2010/10/31 20:42:53 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\QIP
[2010/03/11 23:03:14 | 000,000,000 | RH-D | M] -- C:\Users\Karel\AppData\Roaming\SecuROM
[2010/03/30 14:46:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TuneUp Software
[2010/06/05 16:44:17 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Ubisoft
[2010/11/07 13:15:50 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\uTorrent
[2010/03/11 23:10:12 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\WinRAR
[2010/10/23 15:37:06 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\YoudaGames
[2010/03/13 15:43:00 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010/09/24 20:30:20 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Karel\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
[2010/08/08 17:20:18 | 000,010,134 | R--- | M] () -- C:\Users\Karel\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009/07/14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTOR.SYS >
[2009/06/04 11:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2009/06/04 11:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastor.inf_amd64_neutral_c065a1006c648409\iaStor.sys

< MD5 for: IASTORV.SYS >
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009/07/14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >

karlik321 · #4 Příspěvek od **karlik321** » 07 lis 2010 23:07

OTL Extras logfile created on: 11/7/2010 10:38:40 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Karel\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 69.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 33.51 Gb Free Space | 14.39% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 25.28 Gb Free Space | 10.86% Space Free | Partition Type: NTFS
Drive F: | 3.74 Gb Total Space | 3.73 Gb Free Space | 99.73% Space Free | Partition Type: FAT32
Drive G: | 683.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KAREL-PC | User Name: Karel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Karel\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 260.89
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.1.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BF43EB10-2DB9-480E-A6AD-C44B8674473C}" = Nokia Phone Browser 64-bit
"{CF2F961A-6B53-4618-A6EB-74EE5D3BE0D0}" = PC Connectivity Solution 64-bit components
"{D42F84B6-3709-4A50-8502-6719D16AE6C8}" = SRS Premium Sound Control Panel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Elantech" = ETDWare PS/2-x64 7.0.5.7_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}" = Guitar Hero III
"{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28526951-55EF-4901-A0CA-B9AC966D1DD1}" = Split/Second
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6882DD11-33B8-4DEA-8305-7E765BF74BD3}" = Nokia Connectivity Cable Driver
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{737369DC-08E8-4787-A78C-F86943247BDF}" = LOST PLANET 2
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{865CD808-6D31-4269-9D36-693CFE75D26A}" = Express Gate
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8BF806C4-2D77-4F67-8435-D4BDCEB665A8}_is1" = Governor of Poker 2 Premium Edition v1.0 Multi
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A16656CE-4B17-4484-A13F-22B9500E5223}" = Fast Boot
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DB249302-FB94-4578-84FE-7B856C315779}" = HTC Sync
"{E0F07676-2C60-4465-A727-20DE3BFCABAC}" = Tony Hawks Pro Skater 4
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activision_THPS2UninstallKey" = Tony Hawk's Pro Skater 2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"Cities XL" = Cities XL
"Euro Truck Simulator" = Euro Truck Simulator
"Fraps" = Fraps (remove only)
"Front Mission Evolved_is1" = Front Mission Evolved
"Garena" = Garena 2010
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"L4D2 RevEXE v2020" = L4D2 RevEXE v2020
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mat Hoffman's Pro BMX" = Mat Hoffman's Pro BMX
"MediaCoder" = MediaCoder 0.7.3.4610
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Plants vs. Zombies 1.0.0.1051" = Plants vs. Zombies 1.0.0.1051
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"StarCraft II" = StarCraft II
"Steam App 18800" = Zero Gear Demo
"The KMPlayer" = The KMPlayer (remove only)
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8095
"QIP 2010" = QIP 2010 10.10.25.4301
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/28/2010 3:15:28 PM | Computer Name = Karel-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\Karel\Downloads\SoftonicDownloader_for_steam.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error - 10/29/2010 3:08:26 AM | Computer Name = Karel-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AWC.exe, verze: 3.0.0.586, časové razítko:
0x2a425e19 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x7542c9f1 ID chybujícího procesu: 0xc5c Čas spuštění
chybující aplikace: 0x01cb756033132930 Cesta k chybující aplikaci: C:\Program Files
(x86)\IObit\Advanced SystemCare 3\AWC.exe Cesta k chybujícímu modulu: unknown ID
zprávy: 526f2d71-e32b-11df-9009-90e6baeb3046

Error - 10/29/2010 5:35:10 AM | Computer Name = Karel-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SWTFU2.exe, verze: 1.0.0.0, časové razítko:
0x4ca183e1 Název chybujícího modulu: SWTFU2.exe, verze: 1.0.0.0, časové razítko:
0x4ca183e1 Kód výjimky: 0xc0000005 Posun chyby: 0x0029d42b ID chybujícího procesu:
0x1540 Čas spuštění chybující aplikace: 0x01cb773cfa89b3bf Cesta k chybující aplikaci:
D:\Star Wars Forced Unsleashed 2\Star Wars The Force Unleashed 2\SWTFU2.exe Cesta
k chybujícímu modulu: D:\Star Wars Forced Unsleashed 2\Star Wars The Force Unleashed
2\SWTFU2.exe ID zprávy: d20e6e4f-e33f-11df-9009-90e6baeb3046

Error - 10/29/2010 8:00:11 AM | Computer Name = Karel-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SWTFU2.exe, verze: 1.0.0.0, časové razítko:
0x4ca183e1 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7600.16385, časové
razítko: 0x4a5bdbdf Kód výjimky: 0xe06d7363 Posun chyby: 0x0000b727 ID chybujícího
procesu: 0x1118 Čas spuštění chybující aplikace: 0x01cb775d5b4aeddf Cesta k chybující
aplikaci: D:\Star Wars Forced Unsleashed 2\Star Wars The Force Unleashed 2\SWTFU2.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 1432d334-e354-11df-9009-90e6baeb3046

Error - 10/29/2010 10:49:51 AM | Computer Name = Karel-PC | Source = Application Hang | ID = 1002
Description = Program game.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: aec Čas
spuštění: 01cb77787007655a Čas ukončení: 116 Cesta k aplikaci: C:\Program Files\Farming
Simulator 2009 Gold\game.exe ID hlášení: c040a75c-e36b-11df-9009-90e6baeb3046

Error - 10/29/2010 11:09:33 PM | Computer Name = Karel-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Setup.exe_InstallShield (R), verze: 6.11.100.1300,
časové razítko: 0x3921b14f Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16559,
časové razítko: 0x4ba9b29c Kód výjimky: 0xc0000005 Posun chyby: 0x0006504f ID chybujícího
procesu: 0xe7c Čas spuštění chybující aplikace: 0x01cb77dfcd662136 Cesta k chybující
aplikaci: E:\setup\Setup.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 1e01d3de-e3d3-11df-b73a-90e6baeb3046

Error - 10/29/2010 11:16:09 PM | Computer Name = Karel-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Setup.exe_InstallShield (R), verze: 6.11.100.1300,
časové razítko: 0x3921b14f Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16559,
časové razítko: 0x4ba9b29c Kód výjimky: 0xc0000005 Posun chyby: 0x0006504f ID chybujícího
procesu: 0xaa8 Čas spuštění chybující aplikace: 0x01cb77e0b8d11724 Cesta k chybující
aplikaci: G:\setup\Setup.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 09dbfd37-e3d4-11df-b73a-90e6baeb3046

Error - 10/29/2010 11:17:27 PM | Computer Name = Karel-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Setup.exe_InstallShield (R), verze: 6.11.100.1300,
časové razítko: 0x3921b14f Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16559,
časové razítko: 0x4ba9b29c Kód výjimky: 0xc0000005 Posun chyby: 0x0006504f ID chybujícího
procesu: 0x798 Čas spuštění chybující aplikace: 0x01cb77e0e8d05178 Cesta k chybující
aplikaci: G:\setup\Setup.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 38a1442e-e3d4-11df-b73a-90e6baeb3046

Error - 10/31/2010 11:17:56 AM | Computer Name = Karel-PC | Source = MsiInstaller | ID = 11313
Description =

Error - 10/31/2010 11:48:55 AM | Computer Name = Karel-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: MsiExec.exe, verze: 5.0.7600.16385, časové
razítko: 0x4a5bc3e6 Název chybujícího modulu: MSIA369.tmp, verze: 16.0.0.328, časové
razítko: 0x4a2febfa Kód výjimky: 0xc0000005 Posun chyby: 0x000a3399 ID chybujícího
procesu: 0x2380 Čas spuštění chybující aplikace: 0x01cb7913183c227e Cesta k chybující
aplikaci: C:\Windows\syswow64\MsiExec.exe Cesta k chybujícímu modulu: C:\Windows\Installer\MSIA369.tmp
ID
zprávy: 5d5924ea-e506-11df-b73a-90e6baeb3046

[ Media Center Events ]
Error - 9/4/2010 9:13:52 AM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 15:13:52 - Chyba při připojování k Internetu 15:13:52 - Nelze kontaktovat
server..

Error - 9/4/2010 2:13:55 PM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 20:13:55 - Chyba při připojování k Internetu 20:13:55 - Nelze kontaktovat
server..

Error - 9/9/2010 5:52:16 AM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 11:52:16 - Chyba při připojování k Internetu 11:52:16 - Nelze kontaktovat
server..

Error - 9/9/2010 6:52:23 AM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 12:52:23 - Chyba při připojování k Internetu 12:52:23 - Nelze kontaktovat
server..

Error - 9/15/2010 5:28:18 AM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 11:28:17 - Chyba při připojování k Internetu 11:28:17 - Nelze kontaktovat
server..

Error - 9/16/2010 6:28:34 AM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 12:28:34 - Chyba při připojování k Internetu 12:28:34 - Nelze kontaktovat
server..

Error - 9/16/2010 7:28:41 AM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 13:28:41 - Chyba při připojování k Internetu 13:28:41 - Nelze kontaktovat
server..

Error - 9/16/2010 8:28:48 AM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 14:28:48 - Chyba při připojování k Internetu 14:28:48 - Nelze kontaktovat
server..

Error - 9/22/2010 8:55:51 AM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 14:55:51 - Chyba při připojování k Internetu 14:55:51 - Nelze kontaktovat
server..

Error - 10/8/2010 1:00:36 PM | Computer Name = Karel-PC | Source = MCUpdate | ID = 0
Description = 19:00:35 - Chyba při připojování k Internetu 19:00:35 - Nelze kontaktovat
server..

[ System Events ]
Error - 5/13/2010 3:23:40 PM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

Error - 5/16/2010 9:16:05 AM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

Error - 5/18/2010 10:32:46 AM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

Error - 5/19/2010 5:41:15 PM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

Error - 5/20/2010 4:23:30 PM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

Error - 5/20/2010 6:08:57 PM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

Error - 5/21/2010 9:35:19 AM | Computer Name = Karel-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:14:31, ?21.?5.?2010) bylo neočekávané.

Error - 5/21/2010 9:35:20 AM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

Error - 5/21/2010 9:41:05 AM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.

Error - 5/21/2010 5:15:50 PM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

< End of report >

#5 Příspěvek od **vyosek** » 08 lis 2010 08:38

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 0F 19 74 86 3D CB 01 [binary data]
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
FF - prefs.js..browser.startup.homepage: "http://qip.ru"
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q="
[2010/10/31 20:42:43 | 000,002,062 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\he1mt627.default\searchplugins\qip-search.xml
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-432401014-2267681530-4021313041-1000\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{76d39014-2d53-11df-a3e7-002243d52857}\Shell - "" = AutoRun
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"PcSync"=-
"DAEMON Tools Lite"=-
"Steam"=-
"Advanced SystemCare 3"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PCSuiteTrayApplication"=-
"SunJavaUpdateSched"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=-
[-HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

:files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-432401014-2267681530-4021313041-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-432401014-2267681530-4021313041-1000UA.job
C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

karlik321 · #6 Příspěvek od **karlik321** » 09 lis 2010 08:56

All processes killed
========== OTL ==========
HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-432401014-2267681530-4021313041-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-432401014-2267681530-4021313041-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-432401014-2267681530-4021313041-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "http://qip.ru" removed from browser.startup.homepage
Prefs.js: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q=" removed from keyword.URL
C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\he1mt627.default\searchplugins\qip-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
File C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-432401014-2267681530-4021313041-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76d39014-2d53-11df-a3e7-002243d52857}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76d39014-2d53-11df-a3e7-002243d52857}\ not found.
C:\Windows\SysWow64\tmp7945.tmp deleted successfully.
C:\Windows\SysWow64\tmp7946.tmp deleted successfully.
C:\Windows\SysWow64\tmpAC25.tmp deleted successfully.
C:\Windows\SysWow64\tmpAC36.tmp deleted successfully.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Windows\DEA314C409294250BC9298E4C105F28D.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\DEA314C409294250BC9298E4C105F28D.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PcSync deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 3 not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\PCSuiteTrayApplication deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\RGSC deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk moved successfully.
File\Folder C:\Windows\tasks\AWC Startup.job not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-432401014-2267681530-4021313041-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-432401014-2267681530-4021313041-1000UA.job moved successfully.
File\Folder C:\Users\Karel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F22.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Karel
->Temp folder emptied: 11274067 bytes
->Temporary Internet Files folder emptied: 5090157 bytes
->Java cache emptied: 731200 bytes
->FireFox cache emptied: 24385890 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 75 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 568478 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 41.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Karel
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.17.3 log created on 11092010_085031

Files\Folders moved on Reboot...
C:\Users\Karel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#7 Příspěvek od **vyosek** » 09 lis 2010 08:58

Jak se chova PC

karlik321 · #8 Příspěvek od **karlik321** » 09 lis 2010 09:02

Já moc na kouzla nevěřím, ale asi začnu

prohlížení stránek funguje bez problému,můžu snad i říct,že rychleji jak před tím...Můžu se zeptat čím to bylo? respektive čeho bych se měl vyvarovat,aby se mi to nestalo znovu?

#9 Příspěvek od **vyosek** » 09 lis 2010 09:16

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u google toolbaru
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Odstranovani haveti nejsou kouzla, jsou to cilene utoky

Byly tam chybne zapisy v registru, ktere tam nastavil qip - chce to cist veci pri instalaci, ne jen bezmyslenkovite klikat next\dalsi

karlik321 · #10 Příspěvek od **karlik321** » 09 lis 2010 09:22

Dobře,kouknu na ty programy. Moc děkuji za pomoc a večer bych ještě když tak poslal scan ze stolního počítače.

Mimochodem nedoporučujete používat P2P clienty, je nějaká alternativa při používání, abych snížil riziko virové nákazy?

#11 Příspěvek od **vyosek** » 09 lis 2010 09:28

Free programy stahnete na renomovanych serverech (stahuj, slunecnice)

A placene (ktere se hlavne pres P2P site sireji) se daji sehnat v obchode ci na e-shopu... kde stahovat placene programy bez nutnosti jejich koupe, tu samozrejme sirit nebudu - je to proti logice naseho fora

A pokud si potrebujete sdilet osobni veci s prately, tak si zalozte nejaky ftp server

Na stolni PC si zalozte nove tema, at se to tu neplete

karlik321 · #12 Příspěvek od **karlik321** » 09 lis 2010 09:32

Ještě jednou velký dík

Na stolní počítač založím nové téma.

Přeji hezký den

#13 Příspěvek od **vyosek** » 09 lis 2010 09:34

Nemate zac, rad jsem pomohl

Pekny den i Vam, zase nekdy Obrázek

karlik321 · #14 Příspěvek od **karlik321** » 10 lis 2010 20:44

Dobry vecer,
mohl bych jeste jednou poprosit??? Nejak mi zase blbne internet(tak abych vedel jestli je to zase neco v pocitaci nebo blbne pripojeni)
Moc děkuju, tady posilam scan.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Karel at 2010-11-10 20:39:28
Microsoft Windows 7 Professional
System drive C: has 21 GB (9%) free of 238 GB
Total RAM: 4095 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:39:31, on 10.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\QIP\qip.exe
C:\Program Files\trend micro\Karel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8422 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
taskeng.exe {1C4AF725-3E44-4DAB-ABC3-4BD10211FC19}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\mobsync.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\QIP\P4G\BatteryLife.exe"
"C:\Program Files (x86)\QIP\qip.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b9d6d741-4c92-4351-bedb-1f7263f3646c -SystemEventPortName:HostProcess-2208f3f7-48ec-4b48-b9e5-215b0ec6339e -IoCancelEventPortName:HostProcess-2784058d-5c93-4f4a-97aa-b1992dcae960 -NonStateChangingEventPortName:HostProcess-2fb430d0-c17b-4793-afd9-2a18e1de1b87 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8368a399-6dc7-4f04-bc20-f5ff766ebabf
"C:\Users\Karel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-10-10 3906656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-10-10 3906656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-10-10 3906656]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-10-10 3906656]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
"HTC Sync Loader"=C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2010-08-18 249856]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2010-03-09 47672]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-03-09 3054136]

C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-10 20:14:55 ----D---- C:\rsit
2010-11-09 09:38:01 ----D---- C:\Program Files (x86)\uTorrent
2010-11-09 09:37:10 ----D---- C:\Program Files (x86)\Conduit
2010-11-09 09:37:08 ----D---- C:\Program Files (x86)\ConduitEngine
2010-11-09 09:37:06 ----D---- C:\Program Files (x86)\uTorrentBar
2010-11-09 09:30:31 ----D---- C:\Program Files\CCleaner
2010-11-07 15:27:47 ----D---- C:\Program Files\trend micro
2010-11-07 01:12:17 ----D---- C:\ProgramData\IObit
2010-11-06 19:01:41 ----D---- C:\Program Files (x86)\Bloody Good Time
2010-11-06 17:50:25 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2010-11-06 17:50:25 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2010-11-06 17:50:25 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2010-11-06 17:50:25 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-11-06 17:50:25 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-11-06 17:50:25 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-11-06 17:50:23 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2010-11-06 17:50:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2010-11-06 17:50:23 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-11-06 17:50:23 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-11-06 17:50:22 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2010-11-06 17:50:22 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2010-11-06 17:50:22 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-11-06 17:50:22 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-11-06 17:50:21 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2010-11-06 17:50:21 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-11-06 17:50:20 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2010-11-06 17:50:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2010-11-06 17:50:20 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-11-06 17:50:20 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-11-06 17:50:19 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2010-11-06 17:50:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2010-11-06 17:50:19 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-11-06 17:50:19 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-11-06 16:14:45 ----A---- C:\Windows\IsUninst.exe
2010-11-06 16:14:31 ----A---- C:\Windows\Mhpb.ini
2010-11-01 20:50:33 ----D---- C:\Program Files (x86)\Euro Truck Simulator
2010-10-31 22:39:31 ----D---- C:\DirectX
2010-10-31 20:42:53 ----D---- C:\Users\Karel\AppData\Roaming\QIP
2010-10-30 15:30:24 ----D---- C:\ProgramData\Blizzard Entertainment
2010-10-30 14:25:33 ----D---- C:\Users\Karel\AppData\Roaming\Mozilla
2010-10-30 14:25:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-10-30 09:43:53 ----D---- C:\ProgramData\Bagger-Simulator 2011
2010-10-30 03:27:03 ----D---- C:\Program Files (x86)\EACOM
2010-10-27 17:48:48 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-10-27 17:48:48 ----A---- C:\Windows\system32\msdri.dll
2010-10-27 17:48:48 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-27 17:48:42 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-10-26 06:24:11 ----A---- C:\cmdlog.txt
2010-10-24 16:04:18 ----D---- C:\Users\Karel\AppData\Roaming\IObit
2010-10-24 16:04:17 ----D---- C:\Program Files (x86)\IObit
2010-10-24 14:03:17 ----D---- C:\Program Files\Farming Simulator 2009 Gold
2010-10-24 13:01:17 ----D---- C:\ProgramData\NVIDIA Corporation
2010-10-24 12:59:46 ----A---- C:\Windows\system32\nvhdap64.dll
2010-10-24 12:59:46 ----A---- C:\Windows\system32\nvgenco64.dll
2010-10-24 12:59:46 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2010-10-24 12:59:45 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\OpenCL.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvoglv64.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvgenco642030.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvdispco642050.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvd3dumx.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvcuvid.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvcuda.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\nvcompiler.dll
2010-10-24 12:59:45 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-10-23 15:37:06 ----D---- C:\Users\Karel\AppData\Roaming\YoudaGames
2010-10-20 16:43:49 ----D---- C:\Robinova kamerka
2010-10-17 15:58:08 ----SHD---- C:\ProgramData\DSS
2010-10-15 17:02:17 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-10-15 17:02:17 ----A---- C:\Windows\system32\t2embed.dll
2010-10-15 17:02:14 ----A---- C:\Windows\system32\ole32.dll
2010-10-15 17:02:13 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-10-15 17:02:09 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-10-15 17:02:09 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-10-15 17:02:07 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-10-15 17:02:07 ----A---- C:\Windows\system32\schannel.dll
2010-10-15 17:02:04 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-10-15 17:02:04 ----A---- C:\Windows\system32\comctl32.dll
2010-10-15 17:02:02 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-15 17:02:01 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-10-15 17:01:58 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-10-15 17:01:58 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-10-15 17:01:52 ----A---- C:\Windows\system32\mshtml.dll
2010-10-15 17:01:49 ----A---- C:\Windows\system32\iertutil.dll
2010-10-15 17:01:49 ----A---- C:\Windows\system32\ieframe.dll
2010-10-15 17:01:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-10-15 17:01:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-10-15 17:01:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-10-15 17:01:43 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-15 17:01:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-10-15 17:01:41 ----A---- C:\Windows\system32\urlmon.dll
2010-10-15 17:01:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-10-15 17:01:40 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-10-15 17:01:40 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-15 17:01:39 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-15 17:01:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-10-15 17:01:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-10-15 17:01:38 ----A---- C:\Windows\system32\wininet.dll
2010-10-15 17:01:38 ----A---- C:\Windows\system32\mstime.dll
2010-10-15 17:01:38 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-10-15 17:01:37 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-10-15 17:01:37 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-15 17:01:37 ----A---- C:\Windows\system32\ieui.dll
2010-10-15 17:01:37 ----A---- C:\Windows\system32\iepeers.dll
2010-10-15 17:01:36 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-10-15 17:01:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-10-15 17:01:36 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-15 17:01:36 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-15 17:01:19 ----A---- C:\Windows\system32\wmp.dll
2010-10-15 17:01:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-10-15 17:01:11 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-10-15 17:01:10 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-15 17:01:04 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-15 17:01:04 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-15 17:01:03 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-10-15 17:01:03 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-15 17:01:03 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-15 17:00:56 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 months======

2010-11-10 20:39:29 ----D---- C:\Windows\Temp
2010-11-10 20:38:37 ----D---- C:\Users\Karel\AppData\Roaming\uTorrent
2010-11-10 20:35:45 ----D---- C:\Windows\system32\DriverStore
2010-11-10 20:35:45 ----D---- C:\Windows\inf
2010-11-10 20:35:41 ----SHD---- C:\System Volume Information
2010-11-10 20:35:11 ----D---- C:\Windows\system32\config
2010-11-10 20:19:32 ----D---- C:\Program Files (x86)\QIP
2010-11-10 20:18:41 ----D---- C:\Windows\system32\Tasks
2010-11-10 20:17:18 ----D---- C:\Windows\System32
2010-11-10 20:17:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-10 20:10:04 ----D---- C:\Windows\Prefetch
2010-11-10 20:09:18 ----D---- C:\ProgramData\NVIDIA
2010-11-10 20:09:11 ----D---- C:\Windows
2010-11-10 20:05:20 ----D---- C:\Windows\debug
2010-11-10 20:05:18 ----A---- C:\Windows\system32\MRT.exe
2010-11-10 20:02:51 ----RD---- C:\Program Files (x86)
2010-11-10 19:19:37 ----D---- C:\Users\Karel\AppData\Roaming\ICQ
2010-11-10 19:19:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-11-10 19:12:21 ----D---- C:\Program Files\QIP
2010-11-10 18:48:20 ----SHD---- C:\Windows\Installer
2010-11-10 18:48:19 ----D---- C:\Windows\Help
2010-11-10 03:13:28 ----D---- C:\Windows\Microsoft.NET
2010-11-10 03:12:27 ----RSD---- C:\Windows\assembly
2010-11-09 09:37:08 ----D---- C:\Windows\SysWOW64
2010-11-09 09:30:31 ----RD---- C:\Program Files
2010-11-09 08:52:05 ----D---- C:\Windows\system32\drivers\etc
2010-11-09 08:50:34 ----D---- C:\Windows\Tasks
2010-11-09 08:47:59 ----D---- C:\Program Files (x86)\Steam
2010-11-07 22:28:13 ----HD---- C:\ProgramData
2010-11-07 13:07:03 ----D---- C:\Windows\system32\NDF
2010-11-07 12:40:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-11-07 12:40:09 ----D---- C:\Windows\system32\cs-CZ
2010-11-07 12:37:12 ----D---- C:\Windows\SYSWOW64\en-US
2010-11-07 12:37:12 ----D---- C:\Windows\system32\en-US
2010-11-07 12:37:11 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-11-07 10:28:04 ----D---- C:\Windows\system32\drivers
2010-11-07 10:28:02 ----D---- C:\Windows\system32\catroot
2010-11-07 02:26:55 ----D---- C:\Windows\system32\catroot2
2010-11-07 01:07:53 ----D---- C:\Windows\Panther
2010-11-07 01:07:53 ----D---- C:\Windows\Logs
2010-11-07 01:07:53 ----D---- C:\dumps
2010-11-07 00:52:43 ----D---- C:\Program Files (x86)\THQ
2010-11-07 00:50:53 ----RSD---- C:\Windows\Fonts
2010-10-31 16:57:23 ----D---- C:\Windows\SYSWOW64\directx
2010-10-31 14:12:46 ----D---- C:\Fraps
2010-10-30 15:46:44 ----D---- C:\Program Files (x86)\Common Files
2010-10-30 10:37:51 ----D---- C:\Windows\rescache
2010-10-30 09:49:25 ----A---- C:\Windows\Thps3.INI
2010-10-29 08:38:26 ----D---- C:\PerfLogs
2010-10-29 08:08:08 ----D---- C:\Windows\winsxs
2010-10-29 08:08:02 ----D---- C:\Windows\AppPatch
2010-10-28 02:01:27 ----D---- C:\Windows\ehome
2010-10-24 13:03:33 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-10-24 13:00:50 ----D---- C:\Program Files\NVIDIA Corporation
2010-10-24 11:43:21 ----D---- C:\ProgramData\Adobe
2010-10-23 14:42:37 ----SD---- C:\Users\Karel\AppData\Roaming\Microsoft
2010-10-23 10:34:38 ----D---- C:\Windows\Minidump
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-16 14:34:36 ----D---- C:\Windows\SYSWOW64\migration
2010-10-16 14:34:36 ----D---- C:\Windows\system32\migration
2010-10-16 14:34:36 ----D---- C:\Program Files\Internet Explorer
2010-10-16 14:34:36 ----D---- C:\Program Files (x86)\Internet Explorer
2010-10-16 14:34:35 ----D---- C:\Program Files\Windows Media Player
2010-10-16 14:34:35 ----D---- C:\Program Files (x86)\Windows Media Player

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-03-09 35384]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-11 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-09-07 155752]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 1799680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 a8rxqzfl;a8rxqzfl; C:\Windows\system32\drivers\a8rxqzfl.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\plugins\UI\safedrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
S3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw1v64.sys [2009-07-20 7058432]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1823112]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-10-08 990312]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-08 369256]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

#15 Příspěvek od **vyosek** » 10 lis 2010 20:57

Spustte HJT a provedeme fixnuti polozek

HJT najdete zde C:\Program Files\trend micro\Karel.exe
Otevre se Vam okno, kliknete na Do a system scan only
V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
Kliknete na Fix checked (vlevo dole)
HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

C:\Program Files (x86)\uTorrentBar

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Jak se to blbnuti projevuje

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu