VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosím o kontrolu, pomale PC

https://forum.viry.cz:443/viewtopic.php?t=126437

Stránka 1 z 1

prosím o kontrolu, pomale PC

Napsal: 10 pro 2012 16:00
od to_je_jedno
Logfile of random's system information tool 1.09 (written by random/random)
Run by SoWaK at 2012-12-10 15:57:14
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 101 GB (66%) free of 153 GB
Total RAM: 1919 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:58:44, on 10.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\oodtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Kalendar\kalendar.aexe
C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Users\SoWaK\Downloads\RSIT.exe
C:\Program Files\trend micro\SoWaK.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
O4 - HKLM\..\Run: [HControl] C:\Windows\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Kalendar] C:\Program Files\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CCC.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASWLSVC - Unknown owner - C:\Windows\System32\ASWLSVC.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

--
End of file - 9888 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\SoWaK\AppData\Roaming\Mozilla\Firefox\Profiles\nsu1rg7c.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, fe_3.6@nokia.com:1.7.56.205, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"
prefs.js - "keyword.URL" - "http://search.centrum.cz/?charset=UTF-8 ... toolbar-ff, search-web&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIOGAPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
npOGAPlugin.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\SoWaK\AppData\Roaming\Mozilla\Firefox\Profiles\nsu1rg7c.default\extensions\
toolbar@centrumholdings.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2011-10-15 175744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-09-06 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-10-05 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-11-22 4529344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2011-10-15 4352120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-02 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-23 815104]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-26 161328]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"OODefragTray"=C:\Windows\system32\oodtray.exe [2009-04-08 2553088]
"HControl"=C:\Windows\ATK0100\HControl.exe [2006-10-14 110592]
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-11-10 1725440]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 6756048]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 1983816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Kalendar"=C:\Program Files\Kalendar\kalendar.exe [2005-11-09 580608]
"QIP Internet Guardian"=C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe [2010-09-06 190928]
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2009-12-08 774144]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-10-13 1088424]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17877168]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Users\SoWaK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=MSh263.drv
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-25 09:32:21 ----D---- C:\Program Files\Common Files\Skype
2012-11-16 16:20:54 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-16 16:20:54 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-15 23:36:41 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-15 23:36:41 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-15 23:36:41 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-15 23:35:33 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-15 23:35:32 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-15 23:35:32 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-15 23:35:32 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-15 23:35:31 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-15 23:35:31 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-15 23:35:31 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-15 14:51:16 ----A---- C:\Windows\system32\ncsi.dll
2012-11-15 14:51:16 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-15 14:51:15 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-15 14:51:15 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-15 14:51:15 ----A---- C:\Windows\system32\netevent.dll
2012-11-15 14:51:15 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-15 14:51:15 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-15 14:51:15 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-15 14:50:47 ----A---- C:\Windows\system32\synceng.dll
2012-11-15 14:50:46 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2012-12-10 15:57:26 ----D---- C:\Windows\Prefetch
2012-12-10 15:57:21 ----D---- C:\Program Files\trend micro
2012-12-10 15:56:18 ----D---- C:\Windows\system32\config
2012-12-10 15:53:39 ----D---- C:\Users\SoWaK\AppData\Roaming\Skype
2012-12-09 12:10:50 ----D---- C:\Windows\System32
2012-12-09 12:10:50 ----D---- C:\Windows\inf
2012-12-09 12:10:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-09 12:10:26 ----D---- C:\Windows\system32\NDF
2012-12-09 09:57:52 ----D---- C:\Windows\Temp
2012-12-09 08:34:46 ----D---- C:\Windows\system32\DriverStore
2012-12-08 15:38:55 ----SD---- C:\Users\SoWaK\AppData\Roaming\Microsoft
2012-12-06 19:07:18 ----SHD---- C:\System Volume Information
2012-11-29 19:55:23 ----D---- C:\Windows\rescache
2012-11-28 21:52:52 ----D---- C:\Windows\winsxs
2012-11-28 21:52:48 ----D---- C:\Windows\AppPatch
2012-11-28 21:52:20 ----D---- C:\Windows\system32\catroot2
2012-11-28 14:13:20 ----D---- C:\Windows\system32\catroot
2012-11-28 14:09:36 ----SHD---- C:\Windows\Installer
2012-11-28 14:09:34 ----SHD---- C:\Config.Msi
2012-11-28 14:08:57 ----D---- C:\ProgramData\Skype
2012-11-25 09:32:21 ----RD---- C:\Program Files\Skype
2012-11-25 09:32:21 ----D---- C:\Program Files\Common Files
2012-11-17 09:32:40 ----D---- C:\Windows\system32\cs-CZ
2012-11-16 16:43:25 ----RSD---- C:\Windows\assembly
2012-11-16 16:43:25 ----D---- C:\Windows\Microsoft.NET
2012-11-16 16:08:14 ----RSD---- C:\Windows\Fonts
2012-11-16 16:08:13 ----D---- C:\Windows\system32\migration
2012-11-16 16:08:13 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-16 16:08:13 ----D---- C:\Windows\system32\drivers
2012-11-16 16:08:13 ----D---- C:\Windows\PolicyDefinitions
2012-11-16 16:08:12 ----D---- C:\Windows\system32\wbem
2012-11-15 23:55:19 ----D---- C:\ProgramData\Microsoft Help
2012-11-15 23:39:36 ----D---- C:\Windows\debug
2012-11-15 23:39:33 ----A---- C:\Windows\system32\MRT.exe
2012-11-15 23:34:15 ----A---- C:\Windows\win.ini
2012-11-15 14:35:49 ----D---- C:\Windows
2012-11-14 20:14:52 ----D---- C:\Users\SoWaK\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-11 721904]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2012-11-08 19632]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 494416]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 36072]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 82952]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\Windows\system32\DRIVERS\AegisP.sys [2010-10-24 20747]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér; C:\Windows\system32\DRIVERS\l260x86.sys [2009-07-13 29184]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 43008]
R3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2009-12-21 61952]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-02 1655464]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-09-27 27632]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-13 1068032]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-02-13 1245056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-23 181304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ASNDIS4;ASNDIS4 Protocol Driver; \??\C:\Windows\system32\ASNDIS4.SYS []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\SoWaK\AppData\Local\Temp\ZSPA1AE.tmp []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-09-27 13224]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-09-27 25512]
S3 IpwP;IPWireless 3G Network Adapter; C:\Windows\system32\DRIVERS\ipw3gnet.sys [2007-06-12 51040]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-06-11 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-06-11 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 123504]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SQTECH905C;DualCamera; C:\Windows\System32\Drivers\Capt905c.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-06-11 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-06-11 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-05 94208]
R2 ASWLSVC;ASWLSVC; C:\Windows\System32\ASWLSVC.exe [2004-05-06 496640]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 1990464]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 O&O Defrag;O&O Defrag; C:\Windows\system32\oodag.exe [2009-04-08 1377536]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-12-20 75136]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-02-07 24576]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-30 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-09 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-30 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-12-02 403240]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: prosím o kontrolu, pomale PC

Napsal: 10 pro 2012 16:17
od vyosek
Zdravim :)

:arrow: Mohu mit dotaz, proc si bezny uzivatel kupuje nejvyssi licenci Windows Ultimate, ktera je urcena spise pro velke korporace, kdyz stejne nevyuzije nic vic nez nabizi verze Home Premium :???: A nebo byla "koupena" nekde na internetu :?:

Re: prosím o kontrolu, pomale PC

Napsal: 10 pro 2012 16:20
od to_je_jedno
to mi dala tenkrát firma.

Re: prosím o kontrolu, pomale PC

Napsal: 10 pro 2012 16:23
od vyosek
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Re: prosím o kontrolu, pomale PC

Napsal: 10 pro 2012 17:36
od to_je_jedno
Sken běží už hodinu. Asi to dnes již bohužel nestihnu, vložím ho sem zítra.

Re: prosím o kontrolu, pomale PC

Napsal: 10 pro 2012 18:59
od vyosek
OK, ono zalezi kolika soubory se musi PC probrat

Re: prosím o kontrolu, pomale PC

Napsal: 11 pro 2012 15:23
od to_je_jedno
Zdravím, tu je log OTL.txt.
Extras.txt nemůžu najít. Mám to udělat znovu?

OTL logfile created on: 10.12.2012 16:27:01 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SoWaK\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 47,72% Memory free
3,75 Gb Paging File | 2,36 Gb Available in Paging File | 62,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 98,67 Gb Free Space | 66,20% Space Free | Partition Type: NTFS

Computer Name: SOWAK-PC | User Name: SoWaK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.12.10 16:24:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SoWaK\Downloads\OTL.exe
PRC - [2012.11.22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.11.08 00:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.11.08 00:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012.10.27 15:41:45 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.10.13 00:54:40 | 001,088,424 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.10.03 14:51:04 | 000,725,400 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.10.03 14:50:54 | 000,174,488 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.10.03 14:50:46 | 000,148,888 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.17 18:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.09.06 16:16:32 | 000,190,928 | ---- | M] () -- C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe
PRC - [2009.12.08 07:51:50 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2009.10.19 03:12:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.04.30 10:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009.04.08 01:40:52 | 001,377,536 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodag.exe
PRC - [2009.04.08 01:39:50 | 002,553,088 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodtray.exe
PRC - [2007.02.09 15:40:34 | 000,225,280 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007.02.07 11:44:50 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\Windows\System32\StkCSrv.exe
PRC - [2007.02.05 17:13:14 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2006.12.18 16:26:26 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2006.12.02 06:37:00 | 004,186,112 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006.07.25 20:20:20 | 000,537,600 | ---- | M] () -- C:\Windows\System32\ASWL2K.exe
PRC - [2005.11.09 20:12:44 | 000,580,608 | ---- | M] () -- C:\Program Files\Kalendar\kalendar.exe
PRC - [2004.05.06 11:21:04 | 000,496,640 | ---- | M] () -- C:\Windows\System32\ASWLSVC.exe


========== Modules (No Company Name) ==========

MOD - [2012.10.27 15:41:43 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.10.13 00:55:38 | 000,276,392 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.10.13 00:55:38 | 000,092,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll
MOD - [2012.10.13 00:55:22 | 002,652,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.10.13 00:55:22 | 000,363,944 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.10.13 00:55:20 | 011,166,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.10.13 00:55:18 | 001,346,472 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.10.13 00:55:18 | 000,205,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.10.13 00:55:16 | 001,013,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.10.13 00:55:16 | 000,720,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.10.13 00:55:14 | 008,506,792 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.10.13 00:55:14 | 000,520,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.10.13 00:55:12 | 002,480,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.10.13 00:55:12 | 002,353,576 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.10.13 00:55:08 | 000,445,864 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.10.13 00:55:04 | 000,206,760 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.10.13 00:55:04 | 000,035,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.10.13 00:55:02 | 000,032,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.10.13 00:54:34 | 000,437,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2012.10.13 00:53:56 | 000,605,608 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.10.13 00:31:20 | 000,391,600 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.10.13 00:31:20 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.10.13 00:30:34 | 000,110,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2010.09.06 16:16:32 | 000,190,928 | ---- | M] () -- C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe
MOD - [2009.10.03 11:39:36 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
MOD - [2009.07.20 13:16:09 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005.11.09 20:12:44 | 000,580,608 | ---- | M] () -- C:\Program Files\Kalendar\kalendar.exe


========== Services (SafeList) ==========

SRV - [2012.11.22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.08 00:37:37 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.10.27 15:41:44 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 16:35:47 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.03 14:51:04 | 000,725,400 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.12.02 15:38:33 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.02.09 22:53:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.12.21 12:14:46 | 000,413,696 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\System32\HFGService.dll -- (HFGService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.04.30 10:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009.04.08 01:40:52 | 001,377,536 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Windows\System32\oodag.exe -- (O&O Defrag)
SRV - [2007.02.07 11:44:50 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\System32\StkCSrv.exe -- (StkSSrv)
SRV - [2007.02.05 17:13:14 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2004.05.06 11:21:04 | 000,496,640 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ASWLSVC.exe -- (ASWLSVC)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\Capt905c.sys -- (SQTECH905C)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\SoWaK\AppData\Local\Temp\ZSPA1AE.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\ASNDIS4.SYS -- (ASNDIS4)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ac50ff76)
DRV - [2012.11.08 00:37:56 | 000,082,952 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012.11.08 00:37:55 | 000,036,072 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.11.08 00:37:54 | 000,494,416 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.11.08 00:37:52 | 000,019,632 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
DRV - [2012.06.27 14:18:52 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.06.11 13:17:44 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.06.11 13:17:44 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.06.11 13:17:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.06.11 13:17:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.09.27 14:51:29 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.09.27 14:49:04 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.09.27 14:49:04 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.12.21 12:14:44 | 000,043,008 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV - [2009.12.21 12:14:26 | 000,061,952 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bthav.sys -- (csr_a2dp)
DRV - [2009.11.19 14:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009.11.19 14:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009.11.19 14:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009.11.19 14:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009.11.19 14:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009.11.19 14:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009.11.19 14:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009.10.05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.08.13 07:23:02 | 000,022,528 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV - [2009.08.11 22:43:57 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009.07.13 23:02:47 | 000,029,184 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l260x86.sys -- (Atc002)
DRV - [2007.06.12 12:15:10 | 000,051,040 | ---- | M] (IPWireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipw3gnet.sys -- (IpwP)
DRV - [2007.02.13 05:41:22 | 001,245,056 | ---- | M] (Syntek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\StkCMini.sys -- (StkCMini)
DRV - [2007.02.02 08:09:40 | 002,385,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007.02.02 08:09:40 | 002,385,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2005.02.17 16:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F C9 1E 5A 6A 42 CA 01 [binary data]
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngineName: "Centrum.cz"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.4.0.11328
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: fe_3.6@nokia.com:1.7.56.205
FF - prefs.js..keyword.URL: "http://search.centrum.cz/?charset=UTF-8 ... rch-web&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\SoWaK\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\SoWaK\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.27 15:41:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.27 15:41:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.27 15:41:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.27 15:41:36 | 000,000,000 | ---D | M]

[2011.01.19 22:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SoWaK\AppData\Roaming\mozilla\Extensions
[2011.01.19 22:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SoWaK\AppData\Roaming\mozilla\Firefox\Profiles\387ukrj5.default\extensions
[2011.01.19 22:41:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SoWaK\AppData\Roaming\mozilla\Firefox\Profiles\387ukrj5.default\extensions\battlefieldheroespatcher@ea.com
[2012.11.27 16:21:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SoWaK\AppData\Roaming\mozilla\Firefox\Profiles\nsu1rg7c.default\extensions
[2012.11.27 16:21:04 | 000,000,000 | ---D | M] (Lišta Centrum.cz) -- C:\Users\SoWaK\AppData\Roaming\mozilla\Firefox\Profiles\nsu1rg7c.default\extensions\toolbar@centrumholdings.com
[2012.11.23 18:16:40 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\SoWaK\AppData\Roaming\mozilla\firefox\profiles\nsu1rg7c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.27 15:41:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.11.28 14:08:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.10 16:21:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
[2012.12.10 16:21:20 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.10 16:21:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.27 15:41:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.08.03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2012.02.20 16:50:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.20 16:50:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.20 16:50:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.20 16:50:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.20 16:50:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\SoWaK\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\SoWaK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\SoWaK\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\SoWaK\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\SoWaK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\SoWaK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Skype Click to Call = C:\Users\SoWaK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\
CHR - Extension: Gmail = C:\Users\SoWaK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (QipLI Class) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [HControl] C:\Windows\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OODefragTray] C:\Windows\System32\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000..\Run: [Kalendar] C:\Program Files\Kalendar\kalendar.exe ()
O4 - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000..\Run: [QIP Internet Guardian] C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe ()
O4 - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe (Microgaming)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1533A0AE-8481-4DEA-A04A-F57559270A77}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a0aecf8d-c68b-11df-a42a-001d60118194}\Shell - "" = AutoRun
O33 - MountPoints2\{a0aecf8d-c68b-11df-a42a-001d60118194}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{b53a089e-c088-11df-802c-001d60118194}\Shell - "" = AutoRun
O33 - MountPoints2\{b53a089e-c088-11df-802c-001d60118194}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - MSh263.drv File not found
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP62 - C:\Windows\System32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2010.09.27 16:53:14 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe221D.dll
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.12.10 16:39:18 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2012.12.10 16:35:05 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.10 16:33:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.12.10 16:18:03 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.10 15:54:54 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.10 15:54:53 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.10 15:49:41 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.10 15:49:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.10 15:49:27 | 1509,351,424 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.10 15:49:26 | 001,118,652 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2012.12.09 12:10:50 | 000,666,614 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.12.09 12:10:50 | 000,652,318 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.09 12:10:50 | 000,140,278 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.12.09 12:10:50 | 000,121,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.12.10 16:33:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.02.20 17:24:08 | 000,001,321 | ---- | C] () -- C:\Windows\System32\.ini
[2011.07.30 10:51:42 | 000,061,440 | ---- | C] () -- C:\Windows\StkUnist.exe
[2011.06.14 09:38:50 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.14 09:38:43 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010.12.20 18:58:54 | 000,139,080 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.12.20 18:58:54 | 000,138,056 | ---- | C] () -- C:\Users\SoWaK\AppData\Roaming\PnkBstrK.sys
[2010.12.20 18:58:21 | 000,270,240 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.12.20 18:58:18 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.12.14 17:17:24 | 000,017,408 | ---- | C] () -- C:\Users\SoWaK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.25 19:54:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.12 09:07:20 | 000,000,017 | ---- | C] () -- C:\Users\SoWaK\AppData\Local\resmon.resmoncfg

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.11.09 20:06:33 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\AIMP
[2011.06.06 18:01:39 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Atari
[2012.07.12 17:20:16 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Canon
[2009.08.11 22:49:04 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\DAEMON Tools Lite
[2010.06.19 15:18:05 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Facebook
[2011.02.24 00:02:05 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\GetWare
[2010.08.09 15:57:20 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Microgaming
[2010.11.08 16:18:27 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\MyPhoneExplorer
[2012.01.21 17:01:22 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Nokia
[2011.10.23 10:27:41 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Nokia Ovi Suite
[2012.02.08 15:31:44 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Nokia Suite
[2012.03.26 18:03:02 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\PC Suite
[2010.09.11 10:51:34 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\QipGuard
[2011.02.17 16:55:44 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\SecondLife
[2010.05.08 18:13:19 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Unity

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,518 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011.07.30 13:13:13 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.07.30 13:13:14 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.06.13 14:04:25 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\System32\drivers\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[21 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp files -> C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.06.14 09:21:29 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Adobe
[2009.09.04 16:13:38 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Ahead
[2010.11.09 20:06:33 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\AIMP
[2011.06.06 18:01:39 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Atari
[2012.02.13 18:08:15 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\ATI
[2012.07.12 17:20:16 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Canon
[2009.08.11 22:49:04 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\DAEMON Tools Lite
[2012.10.08 19:12:47 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\dvdcss
[2010.06.19 15:18:05 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Facebook
[2011.02.24 00:02:05 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\GetWare
[2009.08.10 09:14:04 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Identities
[2009.08.10 14:31:03 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\InstallShield
[2009.08.10 12:46:38 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Macromedia
[2009.09.25 16:49:26 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Malwarebytes
[2009.07.14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Media Center Programs
[2010.08.09 15:57:20 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Microgaming
[2012.12.08 15:38:55 | 000,000,000 | --SD | M] -- C:\Users\SoWaK\AppData\Roaming\Microsoft
[2011.01.19 22:46:42 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Mozilla
[2010.08.08 20:31:42 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Mozilla-Cache
[2010.11.08 16:18:27 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\MyPhoneExplorer
[2012.01.21 17:01:22 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Nokia
[2011.10.23 10:27:41 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Nokia Ovi Suite
[2012.02.08 15:31:44 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Nokia Suite
[2012.03.26 18:03:02 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\PC Suite
[2010.09.11 10:51:34 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\QipGuard
[2011.02.17 16:55:44 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\SecondLife
[2012.12.10 17:42:29 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Skype
[2011.07.30 10:22:36 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\skypePM
[2009.08.11 10:36:53 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\teamspeak2
[2010.05.08 18:13:19 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\Unity
[2012.11.14 20:14:52 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\vlc
[2009.08.10 11:00:30 | 000,000,000 | ---D | M] -- C:\Users\SoWaK\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.06.19 15:18:05 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\SoWaK\AppData\Roaming\Facebook\uninstall.exe
[2009.08.10 14:31:00 | 000,017,542 | R--- | M] () -- C:\Users\SoWaK\AppData\Roaming\Microsoft\Installer\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}\_6FEFF9B68218417F98F549.exe
[2012.10.28 12:56:01 | 000,010,134 | R--- | M] () -- C:\Users\SoWaK\AppData\Roaming\Microsoft\Installer\{5A74F5DD-CD86-FE24-C8D3-9850F43FD42D}\ARPPRODUCTICON.exe
[2012.10.28 12:55:38 | 000,010,134 | R--- | M] () -- C:\Users\SoWaK\AppData\Roaming\Microsoft\Installer\{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}\ARPPRODUCTICON.exe
[2012.10.28 12:55:38 | 000,009,158 | R--- | M] () -- C:\Users\SoWaK\AppData\Roaming\Microsoft\Installer\{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe
[2012.10.28 12:55:59 | 000,010,134 | R--- | M] () -- C:\Users\SoWaK\AppData\Roaming\Microsoft\Installer\{ED8C5498-6C39-92E6-B17F-414BF1722E42}\ARPPRODUCTICON.exe
[2009.06.18 07:21:32 | 001,413,256 | R--- | M] () -- C:\Users\SoWaK\AppData\Roaming\Microsoft\Windows\Templates\G\USBAutoRun.exe
[2009.08.19 08:24:00 | 009,066,997 | ---- | M] (Macrovision Corporation) -- C:\Users\SoWaK\AppData\Roaming\Microsoft\Windows\Templates\G\tools\LGInternetKit_V3.2.0.1_Setup.exe
[2009.05.12 07:46:36 | 000,212,992 | R--- | M] () -- C:\Users\SoWaK\AppData\Roaming\Microsoft\Windows\Templates\G\tools\LGSetCDROMAutoRun.exe
[2010.09.06 16:16:32 | 000,190,928 | ---- | M] () -- C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe

Re: prosím o kontrolu, pomale PC

Napsal: 11 pro 2012 15:24
od to_je_jedno
< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.11.20 13:19:18 | 000,186,368 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
[2009.07.14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll

< %systemroot%\Tasks\*.job >
[2012.12.10 17:35:02 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.12.10 15:49:41 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.10 17:18:04 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.08.11 22:43:57 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.11.20 13:19:18 | 000,186,368 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
[2009.07.14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.12.10 15:54:53 | 000,016,944 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.10 15:54:54 | 000,016,944 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.10 15:49:26 | 001,118,652 | ---- | M] () -- C:\Windows\system32\oodbs.lor
[2012.12.09 12:10:50 | 000,140,278 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.12.09 12:10:50 | 000,121,250 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.12.09 12:10:50 | 000,666,614 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.12.09 12:10:50 | 000,652,318 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.12.09 12:10:50 | 001,577,238 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Kalendar" = C:\Program Files\Kalendar\kalendar.exe -- [2005.11.09 20:12:44 | 000,580,608 | ---- | M] ()
"QIP Internet Guardian" = C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe -- [2010.09.06 16:16:32 | 000,190,928 | ---- | M] ()
"Sony Ericsson PC Companion" = "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon -- [2009.12.08 07:51:50 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB)
"" =
"NokiaSuite.exe" = C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray -- [2012.10.13 00:54:40 | 001,088,424 | ---- | M] (Nokia)
"StartCCC" = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe -- [2006.11.10 12:35:24 | 000,090,112 | ---- | M] ()
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.11.09 11:27:12 | 017,877,168 | R--- | M] (Skype Technologies S.A.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.10.27 15:41:45 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=E60E9D5F229CB8DA347D48ADD6E8DC47 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.) MD5=9209994CFBDF2814AC8CB16DA267600D -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.12.10 16:33:48 | 000,000,512 | ---- | M] () MD5=C5EEF85A3149CBA11A84FAFEE29F3298 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *crack* /s >
[2008.01.12 05:24:48 | 000,182,622 | ---- | M] () -- \Program Files\DOTA\replay\kolem vs crack -mm -famozni.w3g
[2009.03.08 09:59:14 | 000,163,840 | ---- | M] () -- \Program Files\Garena\plugins\UI\AvoidCrackPlugin.dll
[2008.10.20 12:52:35 | 000,067,756 | ---- | M] () -- \Program Files\Steam\SteamApps\j.zenaty@quick.cz\counter-strike\cstrike\sound\misc\cracker1.wav
[2010.08.08 20:33:10 | 000,002,967 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\language\en_US\images\flashlobby\lobby\safecrackerkeno.swf
[2010.08.08 20:33:11 | 000,012,201 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\language\en_US\images\flashlobby\lobby\safecrackerkeno_popup.swf
[2010.08.08 20:32:44 | 000,001,247 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\blackjack\bjbar_safecrackerkeno_icon.jpg

< *keygen* /s >
[2006.07.27 21:22:38 | 000,140,800 | ---- | M] () -- \Program Files\Acoustica MP3 CD Burner\keygen.exe

< *loader* /s >
[2008.08.28 19:34:20 | 004,965,736 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008.08.28 16:42:12 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008.08.28 16:42:16 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008.08.14 07:23:12 | 000,009,969 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2007.03.26 10:50:02 | 000,169,520 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.02.15 07:22:28 | 000,335,872 | ---- | M] () -- \Program Files\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2012.05.28 03:08:10 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2008.07.17 04:22:04 | 000,126,464 | ---- | M] () -- \Program Files\DOTA\euroloader.exe
[2010.07.22 19:30:12 | 000,048,315 | ---- | M] () -- \Program Files\Full Tilt Poker\Graphics\Cashier\WebDialog\cashier_loader.mng
[2010.07.22 19:30:12 | 000,015,895 | ---- | M] () -- \Program Files\Full Tilt Poker\Graphics\Lobby\Backgrounds\LoaderChip.gif
[2010.08.24 11:12:06 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\licenses\loaderbinarylegal.txt
[2003.09.26 08:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Steam\SteamApps\j.zenaty@quick.cz\counter-strike\cstrike\models\qloader.mdl
[2009.06.02 00:16:57 | 000,114,688 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.11.08 15:16:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.11.08 15:16:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.11.08 15:16:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2010.09.08 13:08:56 | 000,002,910 | ---- | M] () -- \Programs\PartyGaming\components\uriloader.xpt
[2010.08.08 20:33:27 | 000,002,688 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\blackjack\multihandbj\Loader.swf
[2010.08.08 20:33:35 | 000,002,688 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\roulette\Loader.swf
[2010.08.01 12:32:00 | 000,000,857 | ---- | M] () -- \Programs\PartyGaming\PartyPoker\preloader.html
[4 \Programs\PartyGaming\PartyPoker\*.tmp files -> \Programs\PartyGaming\PartyPoker\*.tmp -> ]
[2010.08.01 12:32:50 | 000,003,948 | ---- | M] () -- \Programs\PartyGaming\PartyPoker\Images\loader.gif
[2010.08.01 12:32:50 | 000,000,923 | ---- | M] () -- \Programs\PartyGaming\PartyPoker\Images\tableloadertint_bg.png
[2010.09.08 13:07:24 | 000,013,664 | ---- | M] () -- \Programs\PartyGaming\SmartUpgrader\Preloader.jpg
[2012.11.08 15:16:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.11.08 15:16:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.11.08 15:16:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.11.24 12:14:33 | 000,000,177 | ---- | M] () -- \Users\SoWaK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58QGX7ZL\loaderxml[1].swf
[2012.11.24 12:14:32 | 000,000,701 | ---- | M] () -- \Users\SoWaK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B61J810T\fontLoader[1].swf
[2012.12.01 15:00:33 | 000,000,753 | ---- | M] () -- \Users\SoWaK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GINXWKSU\AdLoader[1].htm
[2012.12.10 15:53:48 | 000,000,753 | ---- | M] () -- \Users\SoWaK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GINXWKSU\AdLoader[2].htm
[2012.10.29 12:06:26 | 000,105,903 | ---- | M] () -- \Users\SoWaK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0U1DQR6\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.10.28 12:17:59 | 000,792,704 | ---- | M] () -- \Users\SoWaK\Downloads\amddriverdownloader.exe
[2012.08.16 16:07:44 | 004,110,768 | ---- | M] () -- \Users\SoWaK\Downloads\navteq_RT3_2012_rt3_downloader_407.exe
[2012.09.04 16:02:21 | 001,105,024 | ---- | M] () -- \Users\SoWaK\Downloads\your_file_downloader.exe
[2009.08.10 11:18:28 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2010.11.04 09:37:28 | 000,335,872 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\83C865D42550DDC46A3410AFAF9275FE\2.6.6\nsl_loader.dll.3371EE16_6C0C_46B8_AEED_A2506A2F716D
[2010.10.28 13:29:30 | 000,131,072 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\83C865D42550DDC46A3410AFAF9275FE\2.6.6\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.27 21:21:38 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.27 21:21:38 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.27 21:21:38 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.07.30 11:36:43 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.07.30 11:36:44 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.07.30 11:36:45 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.27 21:18:20 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Re: prosím o kontrolu, pomale PC

Napsal: 11 pro 2012 17:16
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\Capt905c.sys -- (SQTECH905C)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\SoWaK\AppData\Local\Temp\ZSPA1AE.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\ASNDIS4.SYS -- (ASNDIS4)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ac50ff76)
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F C9 1E 5A 6A 42 CA 01 [binary data]
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
FF - prefs.js..keyword.URL: "http://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,search-web&q="
O2 - BHO: (QipLI Class) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O13 - gopher Prefix: missing
O33 - MountPoints2\{a0aecf8d-c68b-11df-a42a-001d60118194}\Shell - "" = AutoRun
O33 - MountPoints2\{b53a089e-c088-11df-802c-001d60118194}\Shell - "" = AutoRun
[2012.02.20 17:24:08 | 000,001,321 | ---- | C] () -- C:\Windows\System32\.ini
[2009.12.14 17:17:24 | 000,017,408 | ---- | C] () -- C:\Users\SoWaK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[21 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp files -> C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2010.09.06 16:16:32 | 000,190,928 | ---- | M] () -- C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe
[2012.12.10 17:35:02 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.12.10 15:49:41 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.10 17:18:04 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"AdobeCS4ServiceManager"=-
"OODefragTray"=-
"SunJavaUpdateSched"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=-
"Sony Ericsson PC Companion"=-
""=-
"NokiaSuite.exe"=-
"Skype"=-

:files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: prosím o kontrolu, pomale PC

Napsal: 11 pro 2012 17:52
od to_je_jedno
All processes killed
========== OTL ==========
Service VGPU stopped successfully!
Service VGPU deleted successfully!
File System32\drivers\rdvgkmd.sys not found.
Service tsusbhub stopped successfully!
Service tsusbhub deleted successfully!
File system32\drivers\tsusbhub.sys not found.
Service Synth3dVsc stopped successfully!
Service Synth3dVsc deleted successfully!
File System32\drivers\synth3dvsc.sys not found.
Service SQTECH905C stopped successfully!
Service SQTECH905C deleted successfully!
File System32\Drivers\Capt905c.sys not found.
Service GGSAFERDriver stopped successfully!
Service GGSAFERDriver deleted successfully!
File C:\Program Files\Garena\safedrv.sys not found.
Service GarenaPEngine stopped successfully!
Service GarenaPEngine deleted successfully!
File C:\Users\SoWaK\AppData\Local\Temp\ZSPA1AE.tmp not found.
Service ASNDIS4 stopped successfully!
Service ASNDIS4 deleted successfully!
File C:\Windows\system32\ASNDIS4.SYS not found.
Error: No service named ac50ff76 was found to stop!
Service\Driver key ac50ff76 not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-3021606996-1762574662-3605753686-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3021606996-1762574662-3605753686-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3021606996-1762574662-3605753686-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
HKEY_USERS\S-1-5-21-3021606996-1762574662-3605753686-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3021606996-1762574662-3605753686-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3021606996-1762574662-3605753686-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Prefs.js: "http://search.centrum.cz/?charset=UTF-8 ... rch-web&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
File C:\Users\SoWaK\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0aecf8d-c68b-11df-a42a-001d60118194}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0aecf8d-c68b-11df-a42a-001d60118194}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b53a089e-c088-11df-802c-001d60118194}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b53a089e-c088-11df-802c-001d60118194}\ not found.
C:\Windows\System32\.ini moved successfully.
C:\Users\SoWaK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15DB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15FB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP230D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3EB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP415A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE2F3.tmp\ComSvcConfig.exe deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE2F3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEDEC.tmp folder deleted successfully.
C:\Windows\Installer\MSI27C1.tmp deleted successfully.
C:\Windows\Installer\MSI389.tmp deleted successfully.
C:\Windows\Installer\MSI416.tmp deleted successfully.
C:\Windows\Installer\MSI4684.tmp deleted successfully.
C:\Windows\Installer\MSI4AA2.tmp deleted successfully.
C:\Windows\Installer\MSI5B56.tmp deleted successfully.
C:\Windows\Installer\MSI7652.tmp deleted successfully.
C:\Windows\Installer\MSI7838.tmp deleted successfully.
C:\Windows\Installer\MSI79EE.tmp deleted successfully.
C:\Windows\Installer\MSI7A13.tmp deleted successfully.
C:\Windows\Installer\MSI7A9B.tmp deleted successfully.
C:\Windows\Installer\MSI7E8.tmp deleted successfully.
C:\Windows\Installer\MSI8196.tmp deleted successfully.
C:\Windows\Installer\MSI928A.tmp deleted successfully.
C:\Windows\Installer\MSIA629.tmp deleted successfully.
C:\Windows\Installer\MSIB286.tmp deleted successfully.
C:\Windows\Installer\MSIB325.tmp deleted successfully.
C:\Windows\Installer\MSIE65C.tmp deleted successfully.
C:\Windows\Installer\MSIE9C8.tmp deleted successfully.
C:\Windows\Installer\MSIECC6.tmp deleted successfully.
C:\Windows\Installer\MSIFB92.tmp deleted successfully.
C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\upd81.tmp deleted successfully.
C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\upd82.tmp deleted successfully.
C:\Windows\Temp\CR_FD873.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\Temp\CR_FD873.tmp folder deleted successfully.
C:\Users\SoWaK\AppData\Roaming\QipGuard\QipGuard.exe moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS4ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\OODefragTray deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\QIP Internet Guardian deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Sony Ericsson PC Companion deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: SoWaK
->Temp folder emptied: 13080399 bytes
->Temporary Internet Files folder emptied: 6673285 bytes
->Java cache emptied: 41184937 bytes
->FireFox cache emptied: 1119039976 bytes
->Google Chrome cache emptied: 30393244 bytes
->Flash cache emptied: 13924 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 38773664 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 191,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: SoWaK
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: SoWaK
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12112012_172945

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: prosím o kontrolu, pomale PC

Napsal: 11 pro 2012 18:03
od vyosek
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Doporucuji provest defragmentaci disku
  • Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
    • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
    • prepnete se do zalozky Nastroje
    • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
    • Toto provedte se vsemi disky
  • Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
    • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
    • Kliknete na Analyzovat
    • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
    • Postup provedte se vsemi disky
  • Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
    • Vyhodou programku je, ze se neinstaluje
    • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
    • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
    • Probehne analyza disku a nasledne i defragmentace
:arrow: Napiste co PC

Re: prosím o kontrolu, pomale PC

Napsal: 11 pro 2012 20:20
od to_je_jedno
Děkuji za rady, nějaké to zlepšení odezvy je patrné ale není to žádná hitparáda.Ale co můžu chtít od té herky.
Mám tu na CD nějké O&O Defrag. Můžu použít na defragmentaci to?

Re: prosím o kontrolu, pomale PC

Napsal: 11 pro 2012 20:55
od vyosek
Nejak jej neznam, mame tu osvedceny Defraggler :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz