VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu - pomalý počítač

https://forum.viry.cz:443/viewtopic.php?t=131057

Stránka 1 z 1

Prosím o kontrolu logu - pomalý počítač

Napsal: 24 čer 2013 09:29
od Imani
Zdravím,
prosím o kontrolu logu. V poslední době občas běhá počítač hrozně pomalu. :-(

-------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:23:46, on 24.6.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16490)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Total Commander 7.56\TOTALCMD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?rlz=1W4CHBA_csCZ525
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si= ... 508-361425
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Štěpánka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Network Server.lnk = C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout pomocí Net Transportu - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Stáhnout vše pomocí &Net Transportu - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.caminova.net/en/downloads/ge ... px?lang=en
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1c9f0432d784345) (gupdate1c9f0432d784345) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 8025 bytes

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 24 čer 2013 14:28
od vyosek
Zdravim :)

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Prohledat
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 24 čer 2013 15:04
od Imani
Děkuji. Zde jsou logy:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by ćtŘp nka on po 24.06.2013 at 15:33:16,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B5F79DD9-4C35-420A-8F59-D6A60C9709E0}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\ćtŘp nka\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Program Files\protected search"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 24.06.2013 at 15:36:29,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 24 čer 2013 15:05
od Imani
***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\ICQToolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Klíe Nalezeno : HKCU\Software\XTTB00001
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cfd485f0-96bd-47cd-bb6d-cd7dda95f102}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKU\S-1-5-21-467801160-2783828001-1128931762-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16490

[HKCU\Software\Microsoft\Internet Explorer\Main - Prev Search Bar] = hxxp://google.icq.com/search/search_frame.php
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q=
[HKCU\Software\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=33953&st=bs&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&q=%s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=33953&st=bs&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&q=%s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q=

-\\ Google Chrome v27.0.1453.116

Soubor : C:\Users\Štěpánka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [4817 octets] - [24/06/2013 16:01:46]

########## EOF - C:\AdwCleaner[R1].txt - [4877 octets] ##########

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 24 čer 2013 15:07
od vyosek
:arrow: Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Spustte tradicne dvouklikem
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte
:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Smazat
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 24 čer 2013 16:40
od Imani
Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows Vista (TM) Home Premium Service Pack 2
Program started at: 06/24/2013 05:30:56 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Štěpánka\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Štěpánka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Štěpánka\Desktop


0 bad shortcuts found.

Program finished at: 06/24/2013 05:30:59 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 24 čer 2013 16:40
od Imani
# AdwCleaner v2.303 - Log vytvooen 24/06/2013 v 17:32:44
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Uživatel : Štěpánka - STEPANKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Štěpánka\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\ProgramData\ICQ\ICQToolbar

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\ICQToolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Klíe Vymazáno : HKCU\Software\XTTB00001
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cfd485f0-96bd-47cd-bb6d-cd7dda95f102}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16490

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Prev Search Bar] = hxxp://google.icq.com/search/search_frame.php --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425 --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425 --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425 --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425 --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425 --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=33953&st=bs&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&q=%s --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=33953&st=bs&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&q=%s --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&st=home&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425 --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=3546&ts=1362049442713&tguid=33953-3546-1362049410508-361425&st=chrome&q= --> hxxp://www.google.com

-\\ Google Chrome v27.0.1453.116

Soubor : C:\Users\Štěpánka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [4946 octets] - [24/06/2013 16:01:46]
AdwCleaner[S1].txt - [5385 octets] - [24/06/2013 17:32:44]

########## EOF - C:\AdwCleaner[S1].txt - [5445 octets] ##########

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 24 čer 2013 18:46
od vyosek
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 25 čer 2013 08:35
od Imani
OTL logfile created on: 24.6.2013 21:50:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Štěpánka\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1022,57 Mb Total Physical Memory | 409,32 Mb Available Physical Memory | 40,03% Memory free
2,26 Gb Paging File | 1,08 Gb Available in Paging File | 47,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 4,42 Gb Free Space | 7,90% Space Free | Partition Type: NTFS
Drive D: | 49,06 Gb Total Space | 10,07 Gb Free Space | 20,53% Space Free | Partition Type: NTFS
Drive G: | 14,64 Gb Total Space | 8,46 Gb Free Space | 57,80% Space Free | Partition Type: FAT32

Computer Name: STEPANKA-PC | User Name: Štěpánka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.06.24 21:47:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Štěpánka\Desktop\OTL.exe
PRC - [2012.10.31 00:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.10.31 00:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.06.12 09:28:34 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
PRC - [2012.06.07 13:34:14 | 000,079,360 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2010.12.17 07:56:10 | 003,707,808 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\Total Commander 7.56\TOTALCMD.EXE
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.02.15 11:07:15 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.02.10 01:40:34 | 000,225,280 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007.02.07 12:44:49 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\Windows\System32\StkCSrv.exe
PRC - [2007.02.06 03:13:14 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007.01.18 05:41:34 | 000,843,776 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2007.01.18 04:26:36 | 007,708,672 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2007.01.18 02:34:22 | 000,135,168 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2006.12.29 01:17:50 | 000,123,248 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2006.12.21 08:03:38 | 001,036,288 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2006.12.19 02:26:26 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2006.12.13 00:06:42 | 000,106,496 | ---- | M] (ASUS) -- C:\Windows\System32\ASUSTPE.exe
PRC - [2006.11.22 06:20:00 | 003,768,320 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
PRC - [2006.11.02 17:27:32 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2006.11.01 07:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006.09.29 12:48:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
PRC - [2005.07.07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (No Company Name) ==========

MOD - [2007.03.06 16:55:03 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2006.12.20 04:16:04 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2006.05.14 06:23:40 | 000,138,752 | ---- | M] () -- C:\Program Files\7-Zip\7-zip.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2012.10.31 00:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.13 14:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.07 13:34:14 | 000,079,360 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.02.07 12:44:49 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\System32\StkCSrv.exe -- (StkSSrv)
SRV - [2007.02.06 03:13:14 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2006.12.29 01:17:50 | 000,123,248 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2006.11.01 07:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006.09.29 12:48:06 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV - [2012.10.31 00:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.31 00:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.31 00:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.31 00:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.10.31 00:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.31 00:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2007.03.06 17:04:29 | 002,411,520 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.03.01 03:04:58 | 000,694,784 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.02.13 06:41:21 | 001,245,056 | ---- | M] (Syntek) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\StkCMini.sys -- (StkCMini)
DRV - [2007.01.03 00:37:48 | 000,011,120 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Program Files\P4G\WCPU.sys -- (WCPU)
DRV - [2006.12.14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.12.01 04:55:00 | 000,113,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2006.11.24 10:40:49 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.11.22 11:34:59 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.22 06:20:00 | 000,072,704 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\WibuKey.sys -- (WIBUKEY)
DRV - [2006.11.21 02:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006.11.16 04:02:19 | 000,015,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2006.11.09 00:44:20 | 000,015,216 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys -- (lvupdtio)
DRV - [2006.11.02 11:50:17 | 000,041,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2006.11.02 09:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006.11.02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006.10.28 09:29:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006.10.14 05:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006.10.11 04:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006.10.06 01:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2005.08.02 01:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.01.06 22:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?rlz=1W4CHBA_csCZ525
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@caminova.com/DjVuPlugin: C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll (Caminova, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.709: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.709: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Štěpánka\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Štěpánka\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)


[2012.07.26 08:45:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008.07.10 13:22:45 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.10.31 00:26:38 | 000,000,000 | ---D | M] (AdVantage) -- C:\Program Files\Mozilla Firefox\extensions\{A89AED22-9133-424c-88E7-C8235C5FF302}
[2011.06.07 22:22:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\\u0160t\u011Bp\u00E1nka\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\\u0160t\u011Bp\u00E1nka\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\\u0160t\u011Bp\u00E1nka\AppData\Local\Google\Chrome\Application\27.0.1453.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Štěpánka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Štěpánka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! WebRep = C:\Users\Štěpánka\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: 20-20 3D Viewer for IKEA = C:\Users\Štěpánka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp\5.0.94.1_1\
CHR - Extension: Gmail = C:\Users\Štěpánka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (NTIECatcher Class) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll (Xi)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [pdfFactory Pro Dispatcher v3] C:\Windows\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Stáhnout pomocí Net Transportu - C:\Program Files\Xi\NetTransport 2\NTAddLink.html ()
O8 - Extra context menu item: Stáhnout vše pomocí &Net Transportu - C:\Program Files\Xi\NetTransport 2\NTAddList.html ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://www.caminova.net/en/downloads/ge ... px?lang=en (DjVuCtl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50F75377-7F33-4964-8B2A-1F4538219067}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D93D70BC-F60C-4621-BFBE-FB247B06EA9F}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Štěpánka\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Štěpánka\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b1970a1e-9781-11dc-814a-001bfca97fed}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{b1970a1e-9781-11dc-814a-001bfca97fed}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - i420vfw.dll File not found
Drivers32: vidc.yv12 - yv12vfw.dll File not found
Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.06.24 21:47:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Štěpánka\Desktop\OTL.exe
[2013.06.24 15:32:53 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.20 23:12:02 | 003,603,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.06.20 23:11:59 | 003,551,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.06.20 22:08:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.06.20 22:08:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.06.20 22:07:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.06.20 22:07:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.06.20 22:07:56 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.06.20 22:07:53 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.06.20 22:07:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.06.20 22:07:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.06.20 21:14:27 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2013.06.20 21:14:03 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2013.06.20 21:14:00 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2013.06.20 21:13:56 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2013.06.20 21:13:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2013.06.20 21:13:40 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2013.06.20 21:02:01 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013.06.20 21:01:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013.06.20 20:59:03 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.06.20 20:58:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2013.06.20 20:56:34 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.06.20 20:55:51 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013.06.20 20:55:30 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.06.20 20:55:28 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2013.06.20 20:55:20 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2013.06.20 20:55:19 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2013.06.20 20:36:14 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013.06.20 20:36:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013.06.20 20:35:41 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.06.20 20:35:34 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013.06.20 20:35:33 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013.06.20 20:35:31 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013.06.20 20:35:30 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013.06.20 20:35:30 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013.06.20 20:35:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013.06.20 20:34:31 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.06.20 20:33:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013.06.20 20:32:31 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.06.20 08:21:49 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2013.06.20 08:21:48 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2013.06.20 08:20:42 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2013.06.20 08:20:42 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2013.06.20 08:20:42 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2013.06.20 08:19:16 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2013.06.20 08:19:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

========== Files - Modified Within 7 Days ==========

[2013.06.24 21:55:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.06.24 21:47:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Štěpánka\Desktop\OTL.exe
[2013.06.24 21:16:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-467801160-2783828001-1128931762-1000UA.job
[2013.06.24 21:09:24 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.24 21:08:48 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.24 21:08:48 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.24 21:08:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.24 19:02:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.24 17:34:39 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.06.24 09:18:47 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-467801160-2783828001-1128931762-1000Core.job
[2013.06.24 00:32:35 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.24 00:32:34 | 000,607,470 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.06.24 00:32:34 | 000,118,118 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.06.24 00:32:34 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.22 16:59:47 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013.06.20 22:38:01 | 000,443,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.06.20 20:43:11 | 000,002,064 | ---- | M] () -- C:\Users\Štěpánka\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2013.06.24 21:55:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.06.20 21:14:45 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.06.20 21:14:45 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.02.28 13:04:11 | 000,016,384 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.06.06 10:38:54 | 000,057,552 | ---- | C] () -- C:\Windows\System32\WkDos.exe
[2012.06.06 10:31:26 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2010.07.24 23:09:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2007.10.16 01:22:36 | 000,157,184 | ---- | C] () -- C:\Users\Štěpánka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.10.16 00:54:04 | 000,000,003 | ---- | C] () -- C:\Users\Štěpánka\AppData\Local\OMLangData.dat

========== ZeroAccess Check ==========

[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.06.29 08:15:53 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\ACD Systems
[2013.02.28 12:52:14 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\AnvSoft
[2007.10.31 00:15:56 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\BitTorrent
[2013.02.28 13:41:57 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Broad Intelligence
[2007.11.01 11:32:19 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\BSplayer
[2007.10.31 00:26:26 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\BSplayer Pro
[2012.06.07 12:59:39 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\DAEMON Tools Lite
[2009.01.13 14:49:35 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Feedreader
[2012.12.12 12:39:04 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\GHISLER
[2012.06.06 16:12:00 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Graphisoft
[2012.09.18 23:15:23 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\ICQ
[2007.10.23 19:25:01 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\ICQLite
[2007.10.16 00:53:18 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\OLYMPUS
[2010.04.13 22:18:09 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\TeamViewer

========== Purity Check ==========



========== Custom Scans ==========

< >
[2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 15:01:49 | 000,032,596 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.26 08:37:10 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-467801160-2783828001-1128931762-1000Core.job
[2012.07.26 08:37:15 | 000,000,974 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-467801160-2783828001-1128931762-1000UA.job
[2013.02.06 09:45:44 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.06 09:45:48 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.19 13:13:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.19 13:13:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.19 13:13:12 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.11.19 20:24:27 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.11.19 20:24:27 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SERVICES.EXE >
[2008.01.19 09:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2006.11.02 11:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2008.01.15 04:04:26 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[2013.05.08 05:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2008.01.15 04:04:26 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.02.19 13:11:56 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2013.05.08 06:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\System32\drivers\tcpip.sys
[2013.05.08 06:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.02.19 13:11:57 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< >

< %systemroot%*.* /U /s >
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[157 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\132fbe39f239519d94f61049b180c3da\*.tmp files -> C:\Windows\SoftwareDistribution\Download\132fbe39f239519d94f61049b180c3da\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c3bb5bc193a47674ff3ec8a89529053f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c3bb5bc193a47674ff3ec8a89529053f\*.tmp -> ]
[18 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.06.29 08:15:53 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\ACD Systems
[2013.03.07 14:11:49 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Adobe
[2007.10.16 00:56:04 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\AdobeUM
[2007.10.15 20:58:23 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Ahead
[2013.02.28 12:52:14 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\AnvSoft
[2012.06.29 09:52:11 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\ArcSoft
[2013.04.15 13:28:59 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\AVS4YOU
[2007.10.31 00:15:56 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\BitTorrent
[2013.02.28 13:41:57 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Broad Intelligence
[2007.11.01 11:32:19 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\BSplayer
[2007.10.31 00:26:26 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\BSplayer Pro
[2012.06.07 12:59:39 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\DAEMON Tools Lite
[2009.01.13 14:49:35 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Feedreader
[2012.12.12 12:39:04 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\GHISLER
[2012.07.26 23:37:27 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Google
[2012.06.06 16:12:00 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Graphisoft
[2012.09.18 23:15:23 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\ICQ
[2007.10.23 19:25:01 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\ICQLite
[2007.10.13 18:21:43 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Identities
[2007.10.13 18:20:47 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\InstallShield
[2007.10.13 18:23:28 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Media Center Programs
[2010.04.13 23:35:04 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Media Player Classic
[2013.03.08 12:12:51 | 000,000,000 | --SD | M] -- C:\Users\Štěpánka\AppData\Roaming\Microsoft
[2007.10.16 00:53:18 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\OLYMPUS
[2010.04.17 23:02:36 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Real
[2013.05.23 00:53:40 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Skype
[2012.06.19 17:16:24 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\skypePM
[2010.04.13 22:18:09 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\TeamViewer
[2013.05.09 17:03:31 | 000,000,000 | ---D | M] -- C:\Users\Štěpánka\AppData\Roaming\Winamp

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.06.24 19:02:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.24 23:02:26 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.06.24 09:18:47 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-467801160-2783828001-1128931762-1000Core.job
[2013.06.24 23:16:01 | 000,000,974 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-467801160-2783828001-1128931762-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.06.24 23:09:06 | 000,003,296 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.24 23:09:06 | 000,003,296 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.22 16:59:47 | 000,045,056 | ---- | M] () -- C:\Windows\system32\acovcnt.exe
[2013.06.24 00:32:34 | 000,118,118 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.06.24 00:32:34 | 000,104,070 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.06.24 00:32:34 | 000,607,470 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.06.24 00:32:35 | 000,595,996 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.06.24 00:32:34 | 001,418,258 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 09:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Štěpánka\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.03.18 00:49:31 | 000,136,176 | ---- | M] (Google Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"OM_Monitor" = C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.05.17 01:34:33 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=67EE46FD4D3B56531C5DD1BDC149275A -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.06.24 21:55:14 | 000,000,512 | ---- | M] () MD5=5A56FBCAAE36D61B8480AAC847A7ACB8 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2005.03.24 13:51:08 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2006.09.29 14:28:20 | 000,021,504 | ---- | M] () -- \Program Files\Autodesk\3ds Max 9\stdplugs\ParserLoader.gup
[2006.09.29 14:45:52 | 000,043,520 | ---- | M] () -- \Program Files\Autodesk\3ds Max 9\stdplugs\SceneEffectLoader.dlu
[2005.03.16 19:16:50 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2012.08.30 14:45:24 | 004,372,840 | ---- | M] () -- \Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
[2012.08.30 13:27:28 | 000,088,154 | ---- | M] () -- \Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.sil
[2012.11.20 17:27:40 | 004,495,720 | ---- | M] () -- \Program Files\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
[2012.11.20 17:27:04 | 000,042,309 | ---- | M] () -- \Program Files\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.sil
[2010.08.26 17:21:14 | 000,004,176 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Resources\en-US\searching\ajax-loader.gif
[2010.08.26 17:21:14 | 000,000,500 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\DynamicComponents\ruby\dcloader.rb
[2010.08.26 17:21:14 | 000,003,949 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\SolarNorth\solarnorth_loader.rb
[2010.08.26 17:21:14 | 000,029,565 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\WebTextures\webtextures_loader.rb
[2012.06.07 15:52:03 | 000,077,824 | ---- | M] () -- \Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x86\bin\plugins\vray_GeomMeshLoader.dll
[2012.06.07 15:52:03 | 000,081,920 | ---- | M] () -- \Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x86\bin\plugins\vray_GeomMeshLoader1.dll
[2010.11.07 18:24:35 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.11.07 18:24:34 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.11.07 18:24:41 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.11.07 18:24:34 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.04 21:39:46 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.01.19 15:08:26 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.01.19 15:08:26 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.06.24 12:32:45 | 000,011,953 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\361SM3QO\loader_hm[1].gif
[2013.06.24 23:09:37 | 000,007,857 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3Y3KVACZ\loader[1].js
[2013.06.24 12:32:45 | 000,011,953 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3Y3KVACZ\loader_hm[1].gif
[2013.06.22 17:21:23 | 000,004,178 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5LNP2WYZ\ajax-loader[1].gif
[2013.06.24 22:57:29 | 000,007,857 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5LNP2WYZ\loader[1].js
[2013.06.24 11:04:31 | 000,002,105 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BPE3J2CX\loader.min[1].js
[2013.06.24 12:15:30 | 000,004,178 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DR5M67SB\ajax-loader[1].gif
[2013.06.24 13:52:41 | 000,009,427 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EQAVX1U8\ajax-loader[2].gif
[2013.06.24 12:00:03 | 000,001,849 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S0U1EMMA\ajax-loader[1].gif
[2013.06.23 23:21:30 | 000,005,431 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S0U1EMMA\imageLoader[1].js
[2013.06.24 17:50:11 | 000,000,181 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZKSTR2L2\imagepreloader[1].js
[2013.06.24 17:55:00 | 000,000,422 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZKSTR2L2\jquery.loader[1].js
[2013.04.23 09:59:16 | 000,009,427 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\LR2JQFVB\ajax-loader[1].gif
[2013.04.23 09:50:16 | 000,000,673 | ---- | M] () -- \Users\Štěpánka\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\LR2JQFVB\loader.white[1].gif
[2012.06.07 15:34:04 | 000,009,051 | ---- | M] () -- \Users\Štěpánka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.06.07 15:34:04 | 000,016,119 | ---- | M] () -- \Users\Štěpánka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.06.07 15:34:04 | 000,018,434 | ---- | M] () -- \Users\Štěpánka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.06.07 15:34:04 | 000,009,283 | ---- | M] () -- \Users\Štěpánka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.06.07 15:34:04 | 000,001,699 | ---- | M] () -- \Users\Štěpánka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2013.04.15 13:26:06 | 000,001,204 | ---- | M] () -- \Users\Štěpánka\AppData\Roaming\Microsoft\Windows\SendTo\AVS Mobile Uploader.lnk
[2013.04.15 13:26:10 | 000,001,192 | ---- | M] () -- \Users\Štěpánka\AppData\Roaming\Microsoft\Windows\SendTo\AVS Video Uploader.lnk
[2012.07.11 10:09:55 | 000,000,857 | ---- | M] () -- \Users\Štěpánka\Desktop\YouTube Downloader.lnk
[2007.11.07 18:43:11 | 003,726,575 | ---- | M] () -- \Users\Štěpánka\Music\směska muziky\Toploader - Dancing In The Moonlight.mp3
[2008.01.19 09:34:04 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.07.26 14:28:11 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.07.26 14:28:12 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.07.26 14:28:12 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2010.04.04 16:46:50 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2010.04.04 16:46:50 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2010.04.04 16:46:50 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008.07.26 14:26:11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.07.26 14:26:11 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.02.29 09:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.02.29 09:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.02.29 12:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.02.29 12:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.02.29 12:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.02.29 10:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.02.29 12:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.02.29 09:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.02.29 09:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.02.29 11:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.02.29 12:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.02.29 12:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.02.29 09:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.02.29 11:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 04:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.02.29 09:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.02.29 09:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.19 00:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.02.29 10:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.02.29 09:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.19 00:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 14:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 09:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 09:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:BF3D62E7
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:661DFA1C

< End of report >

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 25 čer 2013 08:37
od Imani
OTL Extras logfile created on: 24.6.2013 21:50:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Štěpánka\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1022,57 Mb Total Physical Memory | 409,32 Mb Available Physical Memory | 40,03% Memory free
2,26 Gb Paging File | 1,08 Gb Available in Paging File | 47,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 4,42 Gb Free Space | 7,90% Space Free | Partition Type: NTFS
Drive D: | 49,06 Gb Total Space | 10,07 Gb Free Space | 20,53% Space Free | Partition Type: NTFS
Drive G: | 14,64 Gb Total Space | 8,46 Gb Free Space | 57,80% Space Free | Partition Type: FAT32

Computer Name: STEPANKA-PC | User Name: Štěpánka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = WinHelpCustomView.Scenario] -- C:\Windows\system32\winhlp32.exe %1

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0128046C-D9CE-4FDE-8DDD-531867906CFC}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{10E2F3E5-6BD5-4215-8B9D-F6119CAC15DF}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{24B86025-41E6-4D7E-9CC3-7B4A167621D3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{2685D32B-8535-49E0-A09C-0D6BF9B2AEB2}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 9\3dsmax.exe |
"{2965BE8B-7D2C-4B1D-8A90-3EB3AD8659A3}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{39B5AD2A-5B56-46D2-97E4-1A9CD1B27E4B}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{548EA453-43E3-4298-B8AF-62480AB49608}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{5EB0AE7F-99FD-4813-AE7C-2F6C68BE3C56}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{605B69B5-5FEC-4D7C-9260-55AF54904B17}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{69408548-75D1-4AB2-9BDA-D5DCF9D21BDC}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{6B74FC2E-DEAA-4BDC-B618-BFAC0229B34A}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 9\3dsmax.exe |
"{76012B0D-4271-4408-BBFD-4AB181978EDD}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{7CB78832-65AB-4D2D-9E1B-00C3F966860B}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{87206223-BDFD-4D9D-87AE-442FCEF22220}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{9D0ADF29-CE56-48B9-80DA-34FF8CEED061}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{9E32B491-61E5-4653-957E-BFB22878235B}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{A8DA7041-8718-4E54-B084-9B16C970C420}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{B21EA516-42F8-4436-A529-41853275A099}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D457C27A-719A-4E3F-9D28-EFD6CB729934}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{F3F1F62E-E5F7-4858-B57E-0196FC3F03AE}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{F64EF4D2-6CED-40C5-9D87-FBD459A13E9F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"TCP Query User{03857D3B-DB79-4B80-8D33-1F7A280FA58D}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{0CFFA4D0-64F8-4E24-9683-7C4474158E0C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{11A40AB5-E5DB-4D2C-9C81-891B3FA7CFBE}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{13D70CEE-AAAA-4FDA-9D4B-6C5E12552DFA}C:\program files\total commander 7.56\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\total commander 7.56\totalcmd.exe |
"TCP Query User{2C51272D-18D8-4F5A-AE68-34F43139B8D3}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{463D9FE7-CB8A-48FB-A5E5-8C793436655D}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{47C4C18E-61C2-4625-BA6A-BA5AF39BFD58}C:\program files\google\google sketchup 8\sketchup.exe" = protocol=6 | dir=in | app=c:\program files\google\google sketchup 8\sketchup.exe |
"TCP Query User{49977935-663B-4177-965B-E6EB596252DD}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{4AA7F4E4-CB60-4768-A8B3-D5FAB2F484CF}C:\program files\k-lite codec pack\media player classic\mpc-hc.exe" = protocol=6 | dir=in | app=c:\program files\k-lite codec pack\media player classic\mpc-hc.exe |
"TCP Query User{4DE513CE-74CA-415E-98B2-334D3C89C6F4}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{557F54A3-DB73-45F7-94EE-4A6DDB4FCC04}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{6161DE96-24F9-4121-B6E9-3FF5CB8C9950}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{617D62C0-1DD2-4F75-AD00-F4AD401BCF49}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{AD44A6ED-5BC4-441A-8A23-1CF317513BE5}C:\program files\city car driving\bin\win32\starter.exe" = protocol=6 | dir=in | app=c:\program files\city car driving\bin\win32\starter.exe |
"TCP Query User{B0E99BB2-C812-4EFB-B53D-6EB0781B0A2C}D:\strongdc++\strongdc.exe" = protocol=6 | dir=in | app=d:\strongdc++\strongdc.exe |
"TCP Query User{B6955572-C5ED-4E35-B880-7EC01B321C16}G:\ceedo\program files\total commander\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=g:\ceedo\program files\total commander\totalcmd\totalcmd.exe |
"TCP Query User{BAB3AFB3-B4B5-4573-A619-434B6B061E86}C:\program files\autodesk\3ds max 9\3dsmax.exe" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 9\3dsmax.exe |
"TCP Query User{BC607755-4FB2-4C34-AA4F-F5560BB321E6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{BF117069-4E0B-4D83-88EE-3D84E97D7F78}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{D42B26CA-7F37-4742-BD5B-E13FD291CE26}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{D4D29643-7A60-43E1-A4BD-34EC67A3A69A}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{FA5FAB4B-65F3-4B92-B17E-D51FECA1494E}C:\program files\google\google sketchup 8\layout\layout.exe" = protocol=6 | dir=in | app=c:\program files\google\google sketchup 8\layout\layout.exe |
"TCP Query User{FEA16411-1B6F-4EB7-BCCE-5BC30190B189}C:\program files\common files\ahead\nero web\setupx.exe" = protocol=6 | dir=in | app=c:\program files\common files\ahead\nero web\setupx.exe |
"UDP Query User{0FB0F7D6-955E-49A9-AAEE-E1A71871852F}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{21F8F93B-F486-4FC3-88F2-A2A54EF77B42}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{4661E1A2-0D44-412F-94DA-E717841B9F30}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{4FA655BF-4B0A-41B7-A717-45B418F0C3B6}C:\program files\total commander 7.56\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\total commander 7.56\totalcmd.exe |
"UDP Query User{68B87368-657E-4986-BBC7-86BDAA8DA5A7}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{6C9E24B0-9894-4DB4-A608-01F61A97A2FD}C:\program files\city car driving\bin\win32\starter.exe" = protocol=17 | dir=in | app=c:\program files\city car driving\bin\win32\starter.exe |
"UDP Query User{82C40FE9-9FAD-4FB1-AA41-F7B6253318FB}C:\program files\common files\ahead\nero web\setupx.exe" = protocol=17 | dir=in | app=c:\program files\common files\ahead\nero web\setupx.exe |
"UDP Query User{94617C0B-33AC-445E-AC8B-CC0D41F43691}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{99E71F40-B6C9-4B3E-AF64-97DFDD12A21E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A43127A0-8833-4AA1-B9A0-77D3CE5597A8}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{A72B5561-697B-4B97-AB4F-F3106C67CE1E}C:\program files\k-lite codec pack\media player classic\mpc-hc.exe" = protocol=17 | dir=in | app=c:\program files\k-lite codec pack\media player classic\mpc-hc.exe |
"UDP Query User{ABFE3068-60D9-439B-83D3-9AE057D13F71}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{B0DBEE82-3F87-4EC9-9555-1D76CBB0F458}C:\program files\autodesk\3ds max 9\3dsmax.exe" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 9\3dsmax.exe |
"UDP Query User{B1AA819C-CFBF-4C34-B76D-2153EE73EDC8}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{BB3A5BC1-F398-4EB7-BE85-A496B1015A75}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{D08CBC90-5F38-423A-9CF9-90A75E341464}D:\strongdc++\strongdc.exe" = protocol=17 | dir=in | app=d:\strongdc++\strongdc.exe |
"UDP Query User{D5BA4805-3C2B-4023-94AD-070FDFB4B28B}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{D63788AC-4385-46C4-B5A8-213EF3461FDE}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D6ED4AE2-0B2C-42A3-B168-E4BC8796A140}G:\ceedo\program files\total commander\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=g:\ceedo\program files\total commander\totalcmd\totalcmd.exe |
"UDP Query User{DA752524-4705-4475-A925-07A0D2F4D4FA}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{E36D3CC2-4F96-4A43-B534-514C8CAFB9A9}C:\program files\google\google sketchup 8\layout\layout.exe" = protocol=17 | dir=in | app=c:\program files\google\google sketchup 8\layout\layout.exe |
"UDP Query User{F2673EBF-1ADD-4ECE-B9DD-505F4A1A4841}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{FA0EA8B8-BB45-4B7A-90F1-ED1066B29A5A}C:\program files\google\google sketchup 8\sketchup.exe" = protocol=17 | dir=in | app=c:\program files\google\google sketchup 8\sketchup.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove)
"{001FFFFF-FF08-FF01-FF11-01F00F02F000}" = ArchiCAD 8.1 CZE
"{04F707AE-1AFD-FCB3-15FB-678EB18E5276}" = Catalyst Control Center Graphics Light
"{09B775E9-0AB8-40C3-8DD4-29E2CD1DCACD}" = Document Express DjVu Plug-in
"{0B75F2BE-EA34-C35E-795B-14B6AD05EF33}" = CCC Help English
"{0C352FE8-D3C7-5679-3916-94B703AE2568}" = Catalyst Control Center Localization Portuguese
"{0CEF967E-5776-AAB4-24B7-B77B1CFD1F1B}" = ccc-utility
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{12127C0A-4364-AF17-890A-161497C7C445}" = CCC Help Polish
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F1D117B-2819-5686-F837-6F573CD98D1B}" = Catalyst Control Center Localization Thai
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26DBD556-77EA-04E4-ED34-9C341ECBCD10}" = Catalyst Control Center Localization Turkish
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2DE63F00-FDAA-54A5-CB0D-14CE878A6BEB}" = Catalyst Control Center Localization Czech
"{34B92C91-1B7F-CA25-A565-D7B93050A7E5}" = Catalyst Control Center Localization Spanish
"{363AA734-FEDD-B361-AC59-99F8F323881A}" = CCC Help Norwegian
"{36CEB090-7231-0532-59A3-3D5CD5EBB689}" = Catalyst Control Center Graphics Previews Vista
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3AB65E95-37D6-4DD7-8862-29AED3AFD54B}" = Google SketchUp Pro 8
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{3E46600E-8E92-AE52-F505-2552A0EA1697}" = CCC Help Danish
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4385133D-4A33-2565-7B46-80A89EA0E888}" = Catalyst Control Center Localization Italian
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{547C9628-C490-48AB-94F4-7F2495562930}" = PDF to DWG Converter
"{5783F2D7-0221-0405-0000-0060B0CE6BBA}" = DWG TrueConvert™
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{61F128C7-59EB-98EA-FE59-2BE6332DF04B}" = CCC Help Chinese Traditional
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63B3A1B7-DE32-A193-486A-6A39D08C235C}" = CCC Help Chinese Standard
"{63EC2860-FAC7-5BC0-5F6A-BCE20C0EBC80}" = Catalyst Control Center Localization Norwegian
"{666472B6-06A7-0C3A-6165-9A133013BDB2}" = Catalyst Control Center Localization Chinese Traditional
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B387AB8-A460-5B93-0517-0A9B0D4318B9}" = Catalyst Control Center Graphics Full New
"{6CF08F61-9C7D-8F20-ADED-7A40AEE6F2B7}" = Catalyst Control Center Localization Chinese Standard
"{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}" = ccc-Branding
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DCA752-2EAC-3FC8-60C9-19A0D3884302}" = CCC Help Hungarian
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7463A3EB-F88E-00FC-6081-AD02FB321C54}" = Catalyst Control Center Localization Swedish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{780950E3-008C-FE5E-AEE6-5EF77D81B31F}" = Catalyst Control Center Core Implementation
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{7D83D3A4-0F45-8075-0AB6-B6D1106CF1B8}" = CCC Help Dutch
"{83A40382-EA9B-A1DF-C2E9-32D65E0B8C23}" = Catalyst Control Center Localization Hungarian
"{83E06C1E-B97B-2679-5EFA-7D0D7FA1ADF1}" = CCC Help Swedish
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{863373A8-5B31-2CBA-16E2-6780AE724DB4}" = CCC Help Portuguese
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{876FF807-179D-663C-3989-B9E97DD7DF43}" = Catalyst Control Center Localization Russian
"{88F36928-8B64-08CB-983A-8B2042CF15D0}" = Catalyst Control Center Localization Dutch
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{937EC4CC-5B69-2990-FC5B-512E1520D0DA}" = CCC Help Russian
"{93DDECDF-0AA0-B360-6A6F-288099DD2D98}" = CCC Help Finnish
"{99D9B4EB-FE36-8A77-ABA9-1FA02E635E63}" = Catalyst Control Center Localization Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A3103F91-39CE-BEDE-680A-D41F26F97D8F}" = CCC Help Thai
"{A6752CB8-1FA2-070B-C80E-B3B67781603C}" = CCC Help Spanish
"{A7714FC2-BFEC-31A6-AA47-321676B73DFA}" = CCC Help German
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.1 - Czech
"{AD757BEF-0720-BA67-FD34-5FB5D950BD60}" = Catalyst Control Center Localization French
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B01C55C2-37BC-3B95-CAE2-4D12F50FAF8F}" = Catalyst Control Center Localization Korean
"{B021DB07-517A-1FE9-05E1-2FF29870C53D}" = Catalyst Control Center Localization German
"{B5D76EC0-13E1-DFEE-9DA4-5F8BC9F4C5CF}" = Catalyst Control Center Graphics Previews Common
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C3834E9A-09EE-3809-3479-0A2E0487EB64}" = CCC Help Greek
"{CD54A3A7-2CE4-CB17-F5BC-ED6F48501AF8}" = CCC Help French
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CEF65258-EB04-DA25-3C8B-93E44F2321C6}" = CCC Help Italian
"{D1371B55-1ABB-113F-980B-5531C9529416}" = CCC Help Czech
"{D36A399D-5F74-F01C-3102-3768514B2383}" = ccc-core-static
"{DB5C6904-E162-3DA7-8D92-9F5D70FA9E7F}" = CCC Help Japanese
"{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E0C2FD92-2054-781C-7719-F3FE978B571A}" = Catalyst Control Center Localization Finnish
"{E36D7B40-4411-3B38-DAC0-4CF6574C1DB9}" = Skins
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E96D4088-AAC5-437F-9E39-EC0E387897B4}" = Autodesk 3ds Max 9 32-bit
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED03EBC3-0621-1ED7-11FA-E22D8FC79909}" = Catalyst Control Center Localization Polish
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F33B21FC-D4B9-522A-5B67-F87A0BAA3268}" = CCC Help Korean
"{F36828A9-4231-579E-2393-E43B299D77B8}" = Catalyst Control Center Localization Japanese
"{F6D1EEB6-544C-7071-DB1B-11FA4A9AC432}" = Catalyst Control Center Graphics Full Existing
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = PowerForPhone
"{FC9CCB53-0EC6-A64E-52C2-68C70858AA56}" = CCC Help Turkish
"{FF216817-DAE6-3280-28EF-C4F12A88E33F}" = Catalyst Control Center Localization Greek
"7-Zip" = 7-Zip 4.42
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Any PDF to DWG Converter_is1" = Any PDF to DWG Converter 2010
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"ATI Uninstaller" = ATI Uninstaller
"avast" = avast! Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.2
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"FBX Plugin 2006.08 for Max 9.0" = FBX Plugin 2006.08 for Max 9.0
"Flash Renamer_is1" = Flash Renamer 6.71
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.8.3
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Nero - Burning Rom!UninstallKey" = Nero 6 Demo
"Net Transport_is1" = Net Transport 1.94.280
"pdfFactory Pro" = pdfFactory Pro
"QuickTime" = QuickTime
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam
"V-Ray for 3dsmax R9 for x86" = V-Ray for 3dsmax R9 for x86
"Winamp" = Winamp

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 14.12.2009 12:59:01 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

Error - 15.12.2009 5:55:57 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

Error - 17.12.2009 7:13:02 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

Error - 27.12.2009 8:35:38 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

Error - 2.1.2010 7:10:04 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

Error - 15.1.2010 6:32:59 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

Error - 22.1.2010 7:44:17 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

Error - 23.1.2010 15:57:06 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

Error - 3.2.2010 15:45:57 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

Error - 12.2.2010 6:19:45 | Computer Name = Štěpánka-PC | Source = avast! | ID = 33554522
Description =

[ System Events ]
Error - 24.6.2013 11:34:29 | Computer Name = Štěpánka-PC | Source = DCOM | ID = 10010
Description =

Error - 24.6.2013 11:37:42 | Computer Name = Štěpánka-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 24.6.2013 15:08:30 | Computer Name = Štěpánka-PC | Source = disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.


< End of report >

Re: Prosím o kontrolu logu - pomalý počítač

Napsal: 27 čer 2013 07:02
od vyosek
:arrow: Zapojte do PC vsechny USB klice (flashky, ext. disky apod.) :arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\anvsnddrv.sys -- (anvsnddrv)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?rlz=1W4CHBA_csCZ525
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[2008.07.10 13:22:45 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O33 - MountPoints2\{b1970a1e-9781-11dc-814a-001bfca97fed}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{b1970a1e-9781-11dc-814a-001bfca97fed}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
[2012.06.06 10:31:26 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2010.07.24 23:09:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\132fbe39f239519d94f61049b180c3da\*.tmp files -> C:\Windows\SoftwareDistribution\Download\132fbe39f239519d94f61049b180c3da\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c3bb5bc193a47674ff3ec8a89529053f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c3bb5bc193a47674ff3ec8a89529053f\*.tmp -> ]
[18 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2013.06.24 19:02:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.24 23:02:26 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.06.24 09:18:47 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-467801160-2783828001-1128931762-1000Core.job
[2013.06.24 23:16:01 | 000,000,974 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-467801160-2783828001-1128931762-1000UA.job
@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:BF3D62E7
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:661DFA1C

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz