Ahoj,
moc prosím o kontrolu logu. Učím ve škole a mám pocit, že jsem si z jistého počítače něco dotáhl k sobě do PC, protože mi tady začínají některé věci nefungovat jak by měly. Včera jsem třeba vůbec nemoh najít Google earth, ač jsem ho na počítači měl.
Díky moc!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:52:21, on 16.4.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CooL Wallpaper Changer\coolwpc.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\QIP\qip.exe
C:\Program Files (x86)\PowerStrip\PStrip.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\stickies\stickies.exe
C:\totalcmd\TOTALCMD.EXE
D:\Instalace\Antiviry\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search13.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Hurvajz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Hurvajz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [CooLWPC3] C:\Program Files (x86)\CooL Wallpaper Changer\coolwpc.exe /boot
O4 - HKCU\..\Run: [BitComet] "C:\Program Files (x86)\BitLord\BitLord.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [QIP2005] C:\Program Files (x86)\QIP\qip.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: PowerStrip.lnk = C:\Program Files (x86)\PowerStrip\PStrip.exe
O4 - Startup: Stickies.lnk = C:\Program Files (x86)\stickies\stickies.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Stylish Profile\ct.htm
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Stylish Profile\ct.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12284 bytes
Prosím o kontrolu logu, asi vir..
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, asi vir..
Odinstaluj:
pdfforge Toolbar
DAEMON Tools Toolbar
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
pdfforge Toolbar
DAEMON Tools Toolbar
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Hurvajz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu, asi vir..
Našlo to jeden problém.
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Verze databáze: 3995
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
16.4.2010 12:32:14
mbam-log-2010-04-16 (12-32-14).txt
Typ skenu: Rychlý sken
Skenované objekty: 107136
Uplynulý čas: 3 minuta(y), 44 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 1
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Verze databáze: 3995
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
16.4.2010 12:32:14
mbam-log-2010-04-16 (12-32-14).txt
Typ skenu: Rychlý sken
Skenované objekty: 107136
Uplynulý čas: 3 minuta(y), 44 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 1
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, asi vir..
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu, asi vir..
OTL Extras logfile created on: 16.4.2010 17:05:09 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Hurvajz\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 3,56 Gb Free Space | 10,40% Space Free | Partition Type: NTFS
Drive D: | 197,24 Gb Total Space | 1,84 Gb Free Space | 0,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HURVAJZ-PC
Current User Name: Hurvajz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{07ca6bb4-36d6-4abd-9939-57e8755e5cc7}" = Nero 9 Lite
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}" = Opera 10.00
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 11
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SONY_MEDIAMGR2)
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{4B296228-DF7C-43EA-8DED-76027355B219}" = Opera 10.01
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{51FD8515-2F15-4E6D-A93C-BC6988AEC29A}" = Sony Media Manager 2.3
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{61A64EFD-2CEC-4C6E-91DE-5EDE74C25ED9}" = Jalbum
"{690BE098-6D0D-493D-B079-BD7E8F81A141}" = Opera 10.10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7B2D81BE-31A0-44E4-ACFE-10A3F7241899}" = face2face Pre-intermediate
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISER_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISER_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISER_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISER_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitLord" = BitLord 1.1
"BSPlayer1" = BSPlayer
"CAL" = Canon Camera Access Library
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"CooLWPC3" = CooL Wallpaper Changer (odinstalovat)
"CyberLink PowerDVD 10.0.1516.51" = CyberLink PowerDVD 10.0.1516.51 - odinstalovat češtinu
"Čeština do Windows Movie Maker2" = Čeština do Windows Movie Maker2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"FileZilla Client" = FileZilla Client 3.3.1
"GOM Player" = GOM Player
"HASP4 Device Drivers" = HASP4 Device Drivers
"Helicon Focus_is1" = Helicon Focus 5.1.2
"HijackThis" = HijackThis 2.0.2
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Magic ISO Maker v5.5 (build 0261)" = Magic ISO Maker v5.5 (build 0261)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Nokia PC Suite" = Nokia PC Suite
"PC Translator" = PC Translator
"PhotoStitch" = Canon Utilities PhotoStitch
"PowerStrip 3 (remove only)" = PowerStrip 3 (remove only)
"QuicktimeAlt_is1" = QuickTime Alternative 1.68 beta
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 12.0" = RealPlayer
"Recognita Standard OCR 3.2" = Recognita Standard OCR 3.2
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SCREEN2EXE_is1" = SCREEN2EXE 2.8 (build:2178)
"TeamViewer 5" = TeamViewer 5
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Xerox WC PE120 Series PS" = Xerox WC PE120 Series PS
"ZhornStickies" = Stickies 7.0b
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"QIP 2005" = QIP 2005 8095
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.4.2010 1:57:59 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CALMAIN.exe, verze: 8.2.0.1, časové razítko:
0x442b232e Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x00009966 ID chybujícího procesu:
0xbec Čas spuštění chybující aplikace: 0x01cadacb2979e7f3 Cesta k chybující aplikaci:
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\msvcrt.dll
ID
zprávy: 82cd3d41-46c1-11df-84c1-001b38b6c610
Error - 13.4.2010 6:43:14 | Computer Name = Hurvajz-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 13.4.2010 9:36:54 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CALMAIN.exe, verze: 8.2.0.1, časové razítko:
0x442b232e Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x00009966 ID chybujícího procesu:
0x88c Čas spuštění chybující aplikace: 0x01cadb0be346fb7a Cesta k chybující aplikaci:
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\msvcrt.dll
ID
zprávy: 9f080282-4701-11df-ad12-001b38b6c610
Error - 13.4.2010 14:19:38 | Computer Name = Hurvajz-PC | Source = RasClient | ID = 20227
Description =
Error - 13.4.2010 16:23:18 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: face2face.exe, verze: 2.0.26.0, časové razítko:
0x2a425e19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdb3b Kód výjimky: 0xc0000005 Posun chyby: 0x0002de64 ID chybujícího procesu:
0x12a0 Čas spuštění chybující aplikace: 0x01cadb46ee994644 Cesta k chybující aplikaci:
C:\Program Files (x86)\Cambridge\f2f-PreIntermediate\face2face.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: 64ff952f-473a-11df-ad12-001b38b6c610
Error - 14.4.2010 7:22:45 | Computer Name = Hurvajz-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 15.4.2010 13:04:26 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CALMAIN.exe, verze: 8.2.0.1, časové razítko:
0x442b232e Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x00009966 ID chybujícího procesu:
0x6c Čas spuštění chybující aplikace: 0x01cadc5cec74ef43 Cesta k chybující aplikaci:
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\msvcrt.dll
ID
zprávy: f1e1c175-48b0-11df-b4a0-001b38b6c610
Error - 16.4.2010 3:56:13 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CALMAIN.exe, verze: 8.2.0.1, časové razítko:
0x442b232e Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x00009966 ID chybujícího procesu:
0xc40 Čas spuštění chybující aplikace: 0x01cadd2a08f42790 Cesta k chybující aplikaci:
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\msvcrt.dll
ID
zprávy: 869d73e4-492d-11df-93ae-001b38b6c610
Error - 16.4.2010 4:04:21 | Computer Name = Hurvajz-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 16.4.2010 11:00:05 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Photoshop.exe, verze: 10.0.0.0, časové razítko:
0x4601eae8 Název chybujícího modulu: adobe_epic.dll, verze: 2.0.1.1082, časové razítko:
0x45e64522 Kód výjimky: 0xc0000005 Posun chyby: 0x00023a35 ID chybujícího procesu:
0x724 Čas spuštění chybující aplikace: 0x01cadd73a5be3c68 Cesta k chybující aplikaci:
C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\adobe_epic.dll ID zprávy:
bd83c7f2-4968-11df-98aa-001b38b6c610
[ OSession Events ]
Error - 22.2.2010 9:55:48 | Computer Name = Hurvajz-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 1245 seconds with 960 seconds of active time. This session ended with a
crash.
Error - 11.3.2010 10:44:55 | Computer Name = Hurvajz-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 77843 seconds with 5040 seconds of active time. This session ended with
a crash.
Error - 1.4.2010 10:35:47 | Computer Name = Hurvajz-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18340
seconds with 1320 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 15.4.2010 14:57:45 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.4.2010 1:59:19 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 16.4.2010 1:59:19 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.4.2010 1:59:48 | Computer Name = Hurvajz-PC | Source = Service Control Manager | ID = 7000
Description = Služba Hardlock neuspěla při spuštění v důsledku následující chyby:
%%577
Error - 16.4.2010 2:00:06 | Computer Name = Hurvajz-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 16.4.2010 3:56:14 | Computer Name = Hurvajz-PC | Source = Service Control Manager | ID = 7034
Description = Služba Canon Camera Access Library 8 byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 16.4.2010 9:34:34 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 16.4.2010 9:34:34 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.4.2010 9:34:59 | Computer Name = Hurvajz-PC | Source = Service Control Manager | ID = 7000
Description = Služba Hardlock neuspěla při spuštění v důsledku následující chyby:
%%577
Error - 16.4.2010 10:37:00 | Computer Name = Hurvajz-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Hurvajz\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 3,56 Gb Free Space | 10,40% Space Free | Partition Type: NTFS
Drive D: | 197,24 Gb Total Space | 1,84 Gb Free Space | 0,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HURVAJZ-PC
Current User Name: Hurvajz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{07ca6bb4-36d6-4abd-9939-57e8755e5cc7}" = Nero 9 Lite
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}" = Opera 10.00
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 11
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SONY_MEDIAMGR2)
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{4B296228-DF7C-43EA-8DED-76027355B219}" = Opera 10.01
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{51FD8515-2F15-4E6D-A93C-BC6988AEC29A}" = Sony Media Manager 2.3
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{61A64EFD-2CEC-4C6E-91DE-5EDE74C25ED9}" = Jalbum
"{690BE098-6D0D-493D-B079-BD7E8F81A141}" = Opera 10.10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7B2D81BE-31A0-44E4-ACFE-10A3F7241899}" = face2face Pre-intermediate
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISER_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISER_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISER_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISER_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitLord" = BitLord 1.1
"BSPlayer1" = BSPlayer
"CAL" = Canon Camera Access Library
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"CooLWPC3" = CooL Wallpaper Changer (odinstalovat)
"CyberLink PowerDVD 10.0.1516.51" = CyberLink PowerDVD 10.0.1516.51 - odinstalovat češtinu
"Čeština do Windows Movie Maker2" = Čeština do Windows Movie Maker2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"FileZilla Client" = FileZilla Client 3.3.1
"GOM Player" = GOM Player
"HASP4 Device Drivers" = HASP4 Device Drivers
"Helicon Focus_is1" = Helicon Focus 5.1.2
"HijackThis" = HijackThis 2.0.2
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Magic ISO Maker v5.5 (build 0261)" = Magic ISO Maker v5.5 (build 0261)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Nokia PC Suite" = Nokia PC Suite
"PC Translator" = PC Translator
"PhotoStitch" = Canon Utilities PhotoStitch
"PowerStrip 3 (remove only)" = PowerStrip 3 (remove only)
"QuicktimeAlt_is1" = QuickTime Alternative 1.68 beta
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 12.0" = RealPlayer
"Recognita Standard OCR 3.2" = Recognita Standard OCR 3.2
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SCREEN2EXE_is1" = SCREEN2EXE 2.8 (build:2178)
"TeamViewer 5" = TeamViewer 5
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Xerox WC PE120 Series PS" = Xerox WC PE120 Series PS
"ZhornStickies" = Stickies 7.0b
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"QIP 2005" = QIP 2005 8095
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.4.2010 1:57:59 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CALMAIN.exe, verze: 8.2.0.1, časové razítko:
0x442b232e Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x00009966 ID chybujícího procesu:
0xbec Čas spuštění chybující aplikace: 0x01cadacb2979e7f3 Cesta k chybující aplikaci:
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\msvcrt.dll
ID
zprávy: 82cd3d41-46c1-11df-84c1-001b38b6c610
Error - 13.4.2010 6:43:14 | Computer Name = Hurvajz-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 13.4.2010 9:36:54 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CALMAIN.exe, verze: 8.2.0.1, časové razítko:
0x442b232e Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x00009966 ID chybujícího procesu:
0x88c Čas spuštění chybující aplikace: 0x01cadb0be346fb7a Cesta k chybující aplikaci:
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\msvcrt.dll
ID
zprávy: 9f080282-4701-11df-ad12-001b38b6c610
Error - 13.4.2010 14:19:38 | Computer Name = Hurvajz-PC | Source = RasClient | ID = 20227
Description =
Error - 13.4.2010 16:23:18 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: face2face.exe, verze: 2.0.26.0, časové razítko:
0x2a425e19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdb3b Kód výjimky: 0xc0000005 Posun chyby: 0x0002de64 ID chybujícího procesu:
0x12a0 Čas spuštění chybující aplikace: 0x01cadb46ee994644 Cesta k chybující aplikaci:
C:\Program Files (x86)\Cambridge\f2f-PreIntermediate\face2face.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: 64ff952f-473a-11df-ad12-001b38b6c610
Error - 14.4.2010 7:22:45 | Computer Name = Hurvajz-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 15.4.2010 13:04:26 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CALMAIN.exe, verze: 8.2.0.1, časové razítko:
0x442b232e Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x00009966 ID chybujícího procesu:
0x6c Čas spuštění chybující aplikace: 0x01cadc5cec74ef43 Cesta k chybující aplikaci:
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\msvcrt.dll
ID
zprávy: f1e1c175-48b0-11df-b4a0-001b38b6c610
Error - 16.4.2010 3:56:13 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CALMAIN.exe, verze: 8.2.0.1, časové razítko:
0x442b232e Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x00009966 ID chybujícího procesu:
0xc40 Čas spuštění chybující aplikace: 0x01cadd2a08f42790 Cesta k chybující aplikaci:
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\msvcrt.dll
ID
zprávy: 869d73e4-492d-11df-93ae-001b38b6c610
Error - 16.4.2010 4:04:21 | Computer Name = Hurvajz-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 16.4.2010 11:00:05 | Computer Name = Hurvajz-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Photoshop.exe, verze: 10.0.0.0, časové razítko:
0x4601eae8 Název chybujícího modulu: adobe_epic.dll, verze: 2.0.1.1082, časové razítko:
0x45e64522 Kód výjimky: 0xc0000005 Posun chyby: 0x00023a35 ID chybujícího procesu:
0x724 Čas spuštění chybující aplikace: 0x01cadd73a5be3c68 Cesta k chybující aplikaci:
C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\adobe_epic.dll ID zprávy:
bd83c7f2-4968-11df-98aa-001b38b6c610
[ OSession Events ]
Error - 22.2.2010 9:55:48 | Computer Name = Hurvajz-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 1245 seconds with 960 seconds of active time. This session ended with a
crash.
Error - 11.3.2010 10:44:55 | Computer Name = Hurvajz-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 77843 seconds with 5040 seconds of active time. This session ended with
a crash.
Error - 1.4.2010 10:35:47 | Computer Name = Hurvajz-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18340
seconds with 1320 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 15.4.2010 14:57:45 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.4.2010 1:59:19 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 16.4.2010 1:59:19 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.4.2010 1:59:48 | Computer Name = Hurvajz-PC | Source = Service Control Manager | ID = 7000
Description = Služba Hardlock neuspěla při spuštění v důsledku následující chyby:
%%577
Error - 16.4.2010 2:00:06 | Computer Name = Hurvajz-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 16.4.2010 3:56:14 | Computer Name = Hurvajz-PC | Source = Service Control Manager | ID = 7034
Description = Služba Canon Camera Access Library 8 byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 16.4.2010 9:34:34 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 16.4.2010 9:34:34 | Computer Name = Hurvajz-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.4.2010 9:34:59 | Computer Name = Hurvajz-PC | Source = Service Control Manager | ID = 7000
Description = Služba Hardlock neuspěla při spuštění v důsledku následující chyby:
%%577
Error - 16.4.2010 10:37:00 | Computer Name = Hurvajz-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >
Re: Prosím o kontrolu logu, asi vir..
OTL logfile created on: 16.4.2010 17:05:09 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Hurvajz\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 3,56 Gb Free Space | 10,40% Space Free | Partition Type: NTFS
Drive D: | 197,24 Gb Total Space | 1,84 Gb Free Space | 0,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HURVAJZ-PC
Current User Name: Hurvajz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Hurvajz\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\stickies\stickies.exe (Zhorn Software)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files (x86)\PowerStrip\PStrip.exe (EnTech Taiwan)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\QIP\qip.exe (The Author of QIP)
PRC - C:\Program Files (x86)\Winamp\winampa.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\totalcmd\TOTALCMD.EXE (C. Ghisler & Co.)
PRC - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
PRC - C:\Program Files (x86)\CooL Wallpaper Changer\coolwpc.exe (Pavel Chmelař)
========== Modules (SafeList) ==========
MOD - C:\Users\Hurvajz\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\PowerStrip\PShook.dll (EnTech Taiwan)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) Služba DTC (Distributed Transaction Coordinator) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifimp) -- C:\Windows\SysNative\drivers\vwifimp.sys (Microsoft Corporation)
DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (usbvideo) Zobrazovací zařízení USB (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (OlyUsbCam) -- C:\Windows\SysNative\drivers\OlyUsbCam.sys (OLYMPUS IMAGING CORP.)
DRV:64bit: - (PStrip64) -- C:\Windows\SysNative\drivers\pstrip64.sys ()
DRV:64bit: - (Hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (CSC) -- C:\Windows\CSC [2009.10.29 23:41:46 | 000,000,000 | ---D | M]
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (DgiVecp) -- C:\Windows\SysWOW64\drivers\Dgivecp.Sys (DeviceGuys, Inc.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search13.net/search.php?clid=486&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.startup.homepage: "http://search13.net?clid=486"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA82}:1.0.2
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA81}:1.0.2
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.22
FF - prefs.js..extensions.enabledItems: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}:1.0
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
FF - prefs.js..keyword.URL: "http://search13.net/search.php?clid=486&q="
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.03.13 15:15:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.04.12 15:37:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.12 15:37:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.12 15:38:02 | 000,000,000 | ---D | M]
[2009.11.01 23:58:28 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Extensions
[2009.11.01 23:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.04.16 10:32:23 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions
[2010.01.29 09:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010.01.29 09:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA81}
[2010.01.29 09:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
[2010.03.26 17:59:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2009.11.08 14:11:27 | 000,000,000 | ---D | M] (FBFan) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
[2010.02.17 19:05:09 | 000,000,000 | ---D | M] (U Flv) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
[2010.03.30 08:25:02 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar
[2010.02.11 09:40:59 | 000,002,055 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\searchplugins\daemon-search.xml
[2010.04.16 10:31:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.01.08 22:49:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.01.08 22:49:36 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2010.01.08 22:49:36 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2010.01.08 22:49:37 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2010.04.12 15:37:44 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.04.12 15:38:02 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
[2010.04.12 15:37:36 | 000,098,304 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
[2009.11.15 23:24:32 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2009.11.15 23:24:32 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.11.15 23:24:32 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.11.15 23:24:32 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.11.15 23:24:32 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.11.15 23:24:32 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
[2010.01.04 14:41:29 | 000,000,808 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Hurvajz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [BitComet] C:\Program Files (x86)\BitLord\BitLord.exe (www.BitLord.com)
O4 - HKCU..\Run: [CooLWPC3] C:\Program Files (x86)\CooL Wallpaper Changer\coolwpc.exe (Pavel Chmelař)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [QIP2005] C:\Program Files (x86)\QIP\qip.exe (The Author of QIP)
O4 - Startup: C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk = C:\Program Files (x86)\PowerStrip\PStrip.exe (EnTech Taiwan)
O4 - Startup: C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files (x86)\stickies\stickies.exe (Zhorn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Stylish Profile\ct.htm ()
O9 - Extra 'Tools' menuitem : StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Stylish Profile\ct.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 158.194.108.164 158.194.244.2
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Hurvajz\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 3,56 Gb Free Space | 10,40% Space Free | Partition Type: NTFS
Drive D: | 197,24 Gb Total Space | 1,84 Gb Free Space | 0,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HURVAJZ-PC
Current User Name: Hurvajz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Hurvajz\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\stickies\stickies.exe (Zhorn Software)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files (x86)\PowerStrip\PStrip.exe (EnTech Taiwan)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\QIP\qip.exe (The Author of QIP)
PRC - C:\Program Files (x86)\Winamp\winampa.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\totalcmd\TOTALCMD.EXE (C. Ghisler & Co.)
PRC - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
PRC - C:\Program Files (x86)\CooL Wallpaper Changer\coolwpc.exe (Pavel Chmelař)
========== Modules (SafeList) ==========
MOD - C:\Users\Hurvajz\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\PowerStrip\PShook.dll (EnTech Taiwan)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) Služba DTC (Distributed Transaction Coordinator) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifimp) -- C:\Windows\SysNative\drivers\vwifimp.sys (Microsoft Corporation)
DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (usbvideo) Zobrazovací zařízení USB (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (OlyUsbCam) -- C:\Windows\SysNative\drivers\OlyUsbCam.sys (OLYMPUS IMAGING CORP.)
DRV:64bit: - (PStrip64) -- C:\Windows\SysNative\drivers\pstrip64.sys ()
DRV:64bit: - (Hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (CSC) -- C:\Windows\CSC [2009.10.29 23:41:46 | 000,000,000 | ---D | M]
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (DgiVecp) -- C:\Windows\SysWOW64\drivers\Dgivecp.Sys (DeviceGuys, Inc.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search13.net/search.php?clid=486&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.startup.homepage: "http://search13.net?clid=486"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA82}:1.0.2
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA81}:1.0.2
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.22
FF - prefs.js..extensions.enabledItems: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}:1.0
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
FF - prefs.js..keyword.URL: "http://search13.net/search.php?clid=486&q="
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.03.13 15:15:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.04.12 15:37:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.12 15:37:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.12 15:38:02 | 000,000,000 | ---D | M]
[2009.11.01 23:58:28 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Extensions
[2009.11.01 23:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.04.16 10:32:23 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions
[2010.01.29 09:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010.01.29 09:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA81}
[2010.01.29 09:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
[2010.03.26 17:59:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2009.11.08 14:11:27 | 000,000,000 | ---D | M] (FBFan) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
[2010.02.17 19:05:09 | 000,000,000 | ---D | M] (U Flv) -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
[2010.03.30 08:25:02 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar
[2010.02.11 09:40:59 | 000,002,055 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\searchplugins\daemon-search.xml
[2010.04.16 10:31:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.01.08 22:49:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.01.08 22:49:36 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2010.01.08 22:49:36 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2010.01.08 22:49:37 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2010.04.12 15:37:44 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
[2006.01.11 01:08:30 | 000,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.04.12 15:38:02 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
[2010.04.12 15:37:36 | 000,098,304 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
[2009.11.15 23:24:32 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2009.11.15 23:24:32 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.11.15 23:24:32 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.11.15 23:24:32 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.11.15 23:24:32 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.11.15 23:24:32 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
[2010.01.04 14:41:29 | 000,000,808 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Hurvajz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [BitComet] C:\Program Files (x86)\BitLord\BitLord.exe (www.BitLord.com)
O4 - HKCU..\Run: [CooLWPC3] C:\Program Files (x86)\CooL Wallpaper Changer\coolwpc.exe (Pavel Chmelař)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [QIP2005] C:\Program Files (x86)\QIP\qip.exe (The Author of QIP)
O4 - Startup: C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk = C:\Program Files (x86)\PowerStrip\PStrip.exe (EnTech Taiwan)
O4 - Startup: C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files (x86)\stickies\stickies.exe (Zhorn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Stylish Profile\ct.htm ()
O9 - Extra 'Tools' menuitem : StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Stylish Profile\ct.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 158.194.108.164 158.194.244.2
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Re: Prosím o kontrolu logu, asi vir..
========== Files/Folders - Created Within 30 Days ==========
[2010.04.16 15:29:50 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\Hurvajz\Desktop\OTL.exe
[2010.04.16 12:20:49 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\Malwarebytes
[2010.04.16 12:20:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.16 12:20:30 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.16 12:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.04.16 12:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.16 11:01:57 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\DoctorWeb
[2010.04.16 08:49:12 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\stickies
[2010.04.16 08:49:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stickies
[2010.04.15 07:29:41 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.04.15 07:29:40 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.04.15 07:29:39 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.04.15 07:29:29 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.04.15 07:29:29 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.04.14 10:06:39 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.04.14 10:06:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.04.14 10:06:39 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.04.14 10:06:39 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.04.12 15:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2010.04.08 16:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Recognita Standard OCR 3.2
[2010.04.08 09:50:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Installer Clean Up
[2010.04.08 09:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE
[2010.04.07 11:33:10 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Local\Cyberlink
[2010.04.07 11:33:05 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\Documents\CyberLink
[2010.04.07 11:33:04 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\CyberLink
[2010.04.07 11:23:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2010.04.07 10:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010.04.07 10:17:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2010.04.07 10:11:49 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.04.07 10:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010.04.01 14:01:06 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\TeamViewer
[2010.04.01 14:00:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2010.04.01 10:26:20 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2010.03.31 10:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters Inc
[2010.03.31 10:12:05 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010.03.31 10:12:05 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010.03.31 10:12:05 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010.03.31 10:12:04 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.03.31 10:12:04 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010.03.31 10:12:04 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.03.31 10:12:04 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010.03.31 10:12:04 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.03.31 10:11:08 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\GetRightToGo
[2010.03.30 15:22:48 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\OLYMPUS
[2010.03.30 15:18:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2010.03.30 12:49:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Helicon
[2010.03.30 12:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Helicon Software
[2010.03.30 12:35:29 | 000,034,632 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2010.03.30 12:35:21 | 000,036,168 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2010.03.30 12:35:21 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010.03.30 12:35:20 | 000,025,928 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2010.03.30 12:35:20 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010.03.30 12:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2010
[2010.03.30 12:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.03.30 12:34:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.03.27 19:20:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerStrip
[2010.03.26 14:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\WMV9_VCM
[2010.03.26 14:32:30 | 000,296,448 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\hardlock.sys
[2010.03.26 14:32:29 | 003,063,808 | ---- | C] (Aladdin Knowledge Systems.) -- C:\Windows\SysWow64\hinstd.dll
[2010.03.26 14:32:29 | 002,164,411 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysWow64\haspds_windows.dll
[2010.03.26 14:06:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPHOTO CAMERA 2.2
[2010.03.26 13:54:31 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Local\OLYMPUS
[2010.03.26 13:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OLYMPUS
[2010.03.26 13:50:50 | 001,079,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc80u.dll
[2010.03.26 13:50:50 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2010.03.26 13:50:50 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2010.03.26 13:50:50 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl80.dll
[2010.03.26 12:27:26 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\ZoomBrowser EX
[2010.03.26 12:06:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2010.03.26 12:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2010.03.26 12:06:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon
[2009.11.03 11:37:38 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\pscript5.dll
========== Files - Modified Within 30 Days ==========
[2010.04.16 17:07:29 | 003,670,016 | -HS- | M] () -- C:\Users\Hurvajz\NTUSER.DAT
[2010.04.16 17:05:36 | 006,912,590 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\CooLWPC Wallpaper.bmp
[2010.04.16 17:04:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2646040906-3391474901-3083940661-1000UA.job
[2010.04.16 16:59:34 | 005,590,016 | ---- | M] () -- C:\Users\Hurvajz\Desktop\Xylobanus x Cautires.ppt
[2010.04.16 16:37:28 | 000,000,644 | ---- | M] () -- C:\Windows\win.ini
[2010.04.16 16:19:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.16 15:42:13 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.16 15:42:13 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.16 15:35:36 | 000,009,194 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.ini
[2010.04.16 15:35:33 | 000,009,194 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bak
[2010.04.16 15:35:21 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.16 15:34:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.16 15:34:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.16 15:34:29 | 1609,076,736 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.16 15:32:31 | 001,426,033 | -H-- | M] () -- C:\Users\Hurvajz\AppData\Local\IconCache.db
[2010.04.16 15:32:23 | 000,009,194 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bk!
[2010.04.16 15:29:50 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Hurvajz\Desktop\OTL.exe
[2010.04.16 14:17:29 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2646040906-3391474901-3083940661-1000Core.job
[2010.04.16 12:20:34 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.16 12:04:58 | 000,008,608 | ---- | M] () -- C:\Users\Hurvajz\Desktop\Letenky Turecko.xlsx
[2010.04.16 10:48:11 | 001,586,164 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.04.16 10:48:11 | 000,672,622 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.04.16 10:48:11 | 000,656,802 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.04.16 10:48:11 | 000,137,882 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.04.16 10:48:11 | 000,122,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.04.16 08:49:12 | 000,001,065 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2010.04.16 08:49:12 | 000,000,643 | ---- | M] () -- C:\Windows\uninstallstickies.bat
[2010.04.16 07:59:44 | 000,009,194 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bko
[2010.04.15 12:46:21 | 000,137,728 | ---- | M] () -- C:\Users\Hurvajz\Desktop\Kubecek&Bocak.doc
[2010.04.15 12:23:30 | 000,890,608 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.6.jpg
[2010.04.15 12:23:14 | 000,649,661 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.3.jpg
[2010.04.15 12:22:55 | 000,572,463 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.4.jpg
[2010.04.15 12:22:32 | 000,889,825 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.5.jpg
[2010.04.15 12:22:20 | 000,797,034 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.2.jpg
[2010.04.15 12:22:08 | 000,815,548 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.1.jpg
[2010.04.14 13:38:38 | 000,002,850 | ---- | M] () -- C:\Windows\WDICT32.INI
[2010.04.14 11:35:04 | 000,076,800 | ---- | M] () -- C:\Users\Hurvajz\Desktop\RK_SYSBEZ_Checklist.doc
[2010.04.13 15:23:52 | 000,002,288 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.12 15:37:45 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2010.04.12 15:37:33 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2010.04.12 15:37:32 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2010.04.12 15:36:41 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010.04.12 15:36:41 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010.04.08 16:16:24 | 000,000,010 | ---- | M] () -- C:\Windows\WININIT.INI
[2010.04.08 09:52:57 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.04.07 11:28:35 | 000,002,121 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010.04.07 11:22:38 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.04.07 11:22:37 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010.04.01 21:52:51 | 002,344,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.04.01 19:59:40 | 000,110,880 | ---- | M] () -- C:\Users\Hurvajz\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.01 14:01:03 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.04.01 10:25:34 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010.03.31 15:04:28 | 000,002,267 | ---- | M] () -- C:\Users\Hurvajz\Desktop\Google Chrome.lnk
[2010.03.30 12:35:09 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.03.30 12:35:09 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.03.30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.03.29 23:59:04 | 000,013,953 | ---- | M] () -- C:\Users\Hurvajz\Desktop\abstrakty.docx
[2010.03.29 23:58:53 | 000,033,487 | ---- | M] () -- C:\Users\Hurvajz\Desktop\články.docx
[2010.03.28 17:35:34 | 001,965,928 | ---- | M] () -- C:\Users\Hurvajz\Desktop\English presentation.pptx
[2010.03.28 17:32:56 | 000,012,084 | ---- | M] () -- C:\Users\Hurvajz\Desktop\presentation.docx
[2010.03.27 20:10:08 | 000,001,472 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk
[2010.03.27 19:20:41 | 000,000,945 | ---- | M] () -- C:\Users\Hurvajz\Desktop\PowerStrip.lnk
[2010.03.26 12:16:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.03.26 12:06:55 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2010.03.26 12:06:23 | 000,001,344 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2010.03.23 22:25:28 | 005,952,044 | ---- | M] () -- C:\Users\Hurvajz\Desktop\VR23-03-2010_211913.wav
[2010.03.23 16:16:07 | 000,001,894 | ---- | M] () -- C:\Windows\Helicon Debug Window.ini
[2010.03.18 18:05:20 | 000,086,030 | ---- | M] () -- C:\Users\Hurvajz\Desktop\termite-11.gif
[2010.03.18 18:05:16 | 000,080,206 | ---- | M] () -- C:\Users\Hurvajz\Desktop\4026E8C25D8333F04CF6B52178B08F83.gif
[2010.03.18 18:05:11 | 000,102,607 | ---- | M] () -- C:\Users\Hurvajz\Desktop\04310A621EB11CB7BCB1142A1416E0AD.gif
========== Files Created - No Company Name ==========
[2010.04.16 16:59:28 | 005,590,016 | ---- | C] () -- C:\Users\Hurvajz\Desktop\Xylobanus x Cautires.ppt
[2010.04.16 12:20:34 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.16 12:04:57 | 000,008,608 | ---- | C] () -- C:\Users\Hurvajz\Desktop\Letenky Turecko.xlsx
[2010.04.16 08:49:12 | 000,001,065 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2010.04.16 08:49:12 | 000,000,643 | ---- | C] () -- C:\Windows\uninstallstickies.bat
[2010.04.15 12:46:20 | 000,137,728 | ---- | C] () -- C:\Users\Hurvajz\Desktop\Kubecek&Bocak.doc
[2010.04.15 10:26:45 | 000,890,608 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.6.jpg
[2010.04.15 10:26:43 | 000,649,661 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.3.jpg
[2010.04.15 10:26:42 | 000,572,463 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.4.jpg
[2010.04.15 10:26:37 | 000,889,825 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.5.jpg
[2010.04.15 10:26:36 | 000,815,548 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.1.jpg
[2010.04.15 10:26:33 | 000,797,034 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.2.jpg
[2010.04.14 11:29:22 | 000,076,800 | ---- | C] () -- C:\Users\Hurvajz\Desktop\RK_SYSBEZ_Checklist.doc
[2010.04.13 15:23:52 | 000,002,288 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.09 00:05:21 | 006,912,590 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\CooLWPC Wallpaper.bmp
[2010.04.08 16:16:24 | 000,000,010 | ---- | C] () -- C:\Windows\WININIT.INI
[2010.04.07 11:28:35 | 000,002,121 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010.04.01 14:01:03 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.04.01 10:25:34 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010.03.30 12:35:09 | 000,002,181 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.03.30 12:35:09 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.03.30 08:23:03 | 000,009,194 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bko
[2010.03.29 23:59:03 | 000,013,953 | ---- | C] () -- C:\Users\Hurvajz\Desktop\abstrakty.docx
[2010.03.29 23:58:51 | 000,033,487 | ---- | C] () -- C:\Users\Hurvajz\Desktop\články.docx
[2010.03.28 10:18:39 | 000,009,194 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bk!
[2010.03.28 09:55:39 | 000,009,194 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bak
[2010.03.27 20:04:54 | 000,001,472 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk
[2010.03.27 20:04:51 | 000,009,194 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.ini
[2010.03.27 19:20:41 | 000,000,945 | ---- | C] () -- C:\Users\Hurvajz\Desktop\PowerStrip.lnk
[2010.03.27 19:20:29 | 000,013,008 | ---- | C] () -- C:\Windows\SysNative\drivers\pstrip64.sys
[2010.03.26 14:32:29 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2010.03.26 14:32:29 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\hdduinst.exe
[2010.03.26 12:16:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.03.26 12:06:55 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2010.03.26 12:06:23 | 000,001,344 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2010.03.23 22:25:28 | 005,952,044 | ---- | C] () -- C:\Users\Hurvajz\Desktop\VR23-03-2010_211913.wav
[2010.03.23 12:14:57 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.23 12:14:56 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.23 10:24:22 | 001,965,928 | ---- | C] () -- C:\Users\Hurvajz\Desktop\English presentation.pptx
[2010.03.18 18:05:20 | 000,086,030 | ---- | C] () -- C:\Users\Hurvajz\Desktop\termite-11.gif
[2010.03.18 18:05:16 | 000,080,206 | ---- | C] () -- C:\Users\Hurvajz\Desktop\4026E8C25D8333F04CF6B52178B08F83.gif
[2010.03.18 18:05:11 | 000,102,607 | ---- | C] () -- C:\Users\Hurvajz\Desktop\04310A621EB11CB7BCB1142A1416E0AD.gif
[2010.02.19 09:39:15 | 000,000,213 | ---- | C] () -- C:\Users\Hurvajz\.jalbum-recent-projects.properties
[2010.02.19 09:39:14 | 000,000,723 | ---- | C] () -- C:\Users\Hurvajz\.jalbum-defaults.jap
[2010.02.11 10:06:17 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini
[2009.11.20 14:39:27 | 000,018,432 | -HS- | C] () -- C:\Users\Hurvajz\AppData\Roaming\Thumbs.db
[2009.11.08 17:27:04 | 001,603,560 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.11.04 23:42:39 | 000,004,608 | ---- | C] () -- C:\Users\Hurvajz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.04 13:21:24 | 000,001,894 | ---- | C] () -- C:\Windows\Helicon Debug Window.ini
[2009.11.01 22:59:04 | 000,000,033 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2009.11.01 22:58:35 | 000,002,753 | ---- | C] () -- C:\Windows\UN32P.INI
[2009.11.01 22:58:05 | 000,001,779 | ---- | C] () -- C:\Windows\MAILTRAN.INI
[2009.11.01 22:58:04 | 000,002,840 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2009.11.01 22:57:56 | 000,004,580 | ---- | C] () -- C:\Windows\WTRAN32.INI
[2009.11.01 22:57:56 | 000,002,850 | ---- | C] () -- C:\Windows\WDICT32.INI
[2009.10.29 23:53:45 | 003,670,016 | -HS- | C] () -- C:\Users\Hurvajz\NTUSER.DAT
[2009.10.29 23:53:45 | 000,524,288 | -HS- | C] () -- C:\Users\Hurvajz\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009.10.29 23:53:45 | 000,524,288 | -HS- | C] () -- C:\Users\Hurvajz\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009.10.29 23:53:45 | 000,262,144 | -HS- | C] () -- C:\Users\Hurvajz\ntuser.dat.LOG1
[2009.10.29 23:53:45 | 000,065,536 | -HS- | C] () -- C:\Users\Hurvajz\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009.10.29 23:53:45 | 000,000,020 | -HS- | C] () -- C:\Users\Hurvajz\ntuser.ini
[2009.10.29 23:53:45 | 000,000,000 | -HS- | C] () -- C:\Users\Hurvajz\ntuser.dat.LOG2
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2010.02.19 08:00:47 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Canneverbe_Limited
[2009.11.02 22:55:34 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\com.cbs.himym.desktop.E9E67C1457924EABBA27327D1BAF79E9B78ADD40.1
[2010.02.11 09:50:27 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\DAEMON Tools Lite
[2010.04.05 09:54:51 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\FileZilla
[2010.03.31 10:11:49 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\GetRightToGo
[2009.10.30 00:12:57 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\GHISLER
[2010.02.19 10:10:15 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\JAlbum
[2010.03.23 10:05:38 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Nokia
[2010.03.30 15:22:48 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\OLYMPUS
[2009.10.30 02:37:49 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Opera
[2009.11.03 22:48:04 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\PC Suite
[2009.11.10 00:21:18 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Publish Providers
[2009.11.09 01:10:27 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Sony
[2010.04.16 15:35:34 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\stickies
[2010.04.01 21:57:59 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\TeamViewer
[2009.10.30 12:55:31 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\TuneUp Software
[2010.01.08 12:39:27 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\WinBatch
[2009.10.31 20:38:54 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Zoner
[2010.03.20 19:03:45 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2010.03.23 10:12:33 | 004,819,261 | ---- | M] ()(C:\Users\Hurvajz\Desktop\DIPLOMOV? PR?CE KUBE.docx) -- C:\Users\Hurvajz\Desktop\DIPLOMOV� PR�CE KUBE.docx
[2010.03.23 10:12:33 | 004,819,261 | ---- | C] ()(C:\Users\Hurvajz\Desktop\DIPLOMOV? PR?CE KUBE.docx) -- C:\Users\Hurvajz\Desktop\DIPLOMOV� PR�CE KUBE.docx
========== Alternate Data Streams ==========
@Alternate Data Stream - 400 bytes -> C:\Users\Hurvajz\AppData\Local\desktop.ini:5c43de08f544da0e2ebf87ecd84498e6
@Alternate Data Stream - 400 bytes -> C:\Users\Hurvajz\AppData\Local\desktop.ini:3e07d7c0320e1040da5b895ad8a55486
@Alternate Data Stream - 400 bytes -> C:\Users\Hurvajz\AppData\Local\desktop.ini:3a96398c0f384e4adf5faa1736aeaf96
@Alternate Data Stream - 400 bytes -> C:\Users\Hurvajz\AppData\Local\desktop.ini:11797fbfcf3cb424fc7643a177c92a31
< End of report >
[2010.04.16 15:29:50 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\Hurvajz\Desktop\OTL.exe
[2010.04.16 12:20:49 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\Malwarebytes
[2010.04.16 12:20:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.16 12:20:30 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.16 12:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.04.16 12:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.16 11:01:57 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\DoctorWeb
[2010.04.16 08:49:12 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\stickies
[2010.04.16 08:49:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stickies
[2010.04.15 07:29:41 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.04.15 07:29:40 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.04.15 07:29:39 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.04.15 07:29:29 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.04.15 07:29:29 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.04.14 10:06:39 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.04.14 10:06:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.04.14 10:06:39 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.04.14 10:06:39 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.04.12 15:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2010.04.08 16:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Recognita Standard OCR 3.2
[2010.04.08 09:50:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Installer Clean Up
[2010.04.08 09:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE
[2010.04.07 11:33:10 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Local\Cyberlink
[2010.04.07 11:33:05 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\Documents\CyberLink
[2010.04.07 11:33:04 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\CyberLink
[2010.04.07 11:23:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2010.04.07 10:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010.04.07 10:17:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2010.04.07 10:11:49 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.04.07 10:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010.04.01 14:01:06 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\TeamViewer
[2010.04.01 14:00:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2010.04.01 10:26:20 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2010.03.31 10:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters Inc
[2010.03.31 10:12:05 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010.03.31 10:12:05 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010.03.31 10:12:05 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010.03.31 10:12:04 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.03.31 10:12:04 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010.03.31 10:12:04 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.03.31 10:12:04 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010.03.31 10:12:04 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.03.31 10:11:08 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\GetRightToGo
[2010.03.30 15:22:48 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\OLYMPUS
[2010.03.30 15:18:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2010.03.30 12:49:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Helicon
[2010.03.30 12:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Helicon Software
[2010.03.30 12:35:29 | 000,034,632 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2010.03.30 12:35:21 | 000,036,168 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2010.03.30 12:35:21 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010.03.30 12:35:20 | 000,025,928 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2010.03.30 12:35:20 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010.03.30 12:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2010
[2010.03.30 12:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.03.30 12:34:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.03.27 19:20:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerStrip
[2010.03.26 14:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\WMV9_VCM
[2010.03.26 14:32:30 | 000,296,448 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\hardlock.sys
[2010.03.26 14:32:29 | 003,063,808 | ---- | C] (Aladdin Knowledge Systems.) -- C:\Windows\SysWow64\hinstd.dll
[2010.03.26 14:32:29 | 002,164,411 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysWow64\haspds_windows.dll
[2010.03.26 14:06:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPHOTO CAMERA 2.2
[2010.03.26 13:54:31 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Local\OLYMPUS
[2010.03.26 13:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OLYMPUS
[2010.03.26 13:50:50 | 001,079,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc80u.dll
[2010.03.26 13:50:50 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2010.03.26 13:50:50 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2010.03.26 13:50:50 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl80.dll
[2010.03.26 12:27:26 | 000,000,000 | ---D | C] -- C:\Users\Hurvajz\AppData\Roaming\ZoomBrowser EX
[2010.03.26 12:06:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2010.03.26 12:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2010.03.26 12:06:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon
[2009.11.03 11:37:38 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\pscript5.dll
========== Files - Modified Within 30 Days ==========
[2010.04.16 17:07:29 | 003,670,016 | -HS- | M] () -- C:\Users\Hurvajz\NTUSER.DAT
[2010.04.16 17:05:36 | 006,912,590 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\CooLWPC Wallpaper.bmp
[2010.04.16 17:04:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2646040906-3391474901-3083940661-1000UA.job
[2010.04.16 16:59:34 | 005,590,016 | ---- | M] () -- C:\Users\Hurvajz\Desktop\Xylobanus x Cautires.ppt
[2010.04.16 16:37:28 | 000,000,644 | ---- | M] () -- C:\Windows\win.ini
[2010.04.16 16:19:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.16 15:42:13 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.16 15:42:13 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.16 15:35:36 | 000,009,194 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.ini
[2010.04.16 15:35:33 | 000,009,194 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bak
[2010.04.16 15:35:21 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.16 15:34:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.16 15:34:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.16 15:34:29 | 1609,076,736 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.16 15:32:31 | 001,426,033 | -H-- | M] () -- C:\Users\Hurvajz\AppData\Local\IconCache.db
[2010.04.16 15:32:23 | 000,009,194 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bk!
[2010.04.16 15:29:50 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Hurvajz\Desktop\OTL.exe
[2010.04.16 14:17:29 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2646040906-3391474901-3083940661-1000Core.job
[2010.04.16 12:20:34 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.16 12:04:58 | 000,008,608 | ---- | M] () -- C:\Users\Hurvajz\Desktop\Letenky Turecko.xlsx
[2010.04.16 10:48:11 | 001,586,164 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.04.16 10:48:11 | 000,672,622 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.04.16 10:48:11 | 000,656,802 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.04.16 10:48:11 | 000,137,882 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.04.16 10:48:11 | 000,122,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.04.16 08:49:12 | 000,001,065 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2010.04.16 08:49:12 | 000,000,643 | ---- | M] () -- C:\Windows\uninstallstickies.bat
[2010.04.16 07:59:44 | 000,009,194 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bko
[2010.04.15 12:46:21 | 000,137,728 | ---- | M] () -- C:\Users\Hurvajz\Desktop\Kubecek&Bocak.doc
[2010.04.15 12:23:30 | 000,890,608 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.6.jpg
[2010.04.15 12:23:14 | 000,649,661 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.3.jpg
[2010.04.15 12:22:55 | 000,572,463 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.4.jpg
[2010.04.15 12:22:32 | 000,889,825 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.5.jpg
[2010.04.15 12:22:20 | 000,797,034 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.2.jpg
[2010.04.15 12:22:08 | 000,815,548 | ---- | M] () -- C:\Users\Hurvajz\Desktop\foto č.1.jpg
[2010.04.14 13:38:38 | 000,002,850 | ---- | M] () -- C:\Windows\WDICT32.INI
[2010.04.14 11:35:04 | 000,076,800 | ---- | M] () -- C:\Users\Hurvajz\Desktop\RK_SYSBEZ_Checklist.doc
[2010.04.13 15:23:52 | 000,002,288 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.12 15:37:45 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2010.04.12 15:37:33 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2010.04.12 15:37:32 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2010.04.12 15:36:41 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010.04.12 15:36:41 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010.04.08 16:16:24 | 000,000,010 | ---- | M] () -- C:\Windows\WININIT.INI
[2010.04.08 09:52:57 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.04.07 11:28:35 | 000,002,121 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010.04.07 11:22:38 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.04.07 11:22:37 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010.04.01 21:52:51 | 002,344,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.04.01 19:59:40 | 000,110,880 | ---- | M] () -- C:\Users\Hurvajz\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.01 14:01:03 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.04.01 10:25:34 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010.03.31 15:04:28 | 000,002,267 | ---- | M] () -- C:\Users\Hurvajz\Desktop\Google Chrome.lnk
[2010.03.30 12:35:09 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.03.30 12:35:09 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.03.30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.03.29 23:59:04 | 000,013,953 | ---- | M] () -- C:\Users\Hurvajz\Desktop\abstrakty.docx
[2010.03.29 23:58:53 | 000,033,487 | ---- | M] () -- C:\Users\Hurvajz\Desktop\články.docx
[2010.03.28 17:35:34 | 001,965,928 | ---- | M] () -- C:\Users\Hurvajz\Desktop\English presentation.pptx
[2010.03.28 17:32:56 | 000,012,084 | ---- | M] () -- C:\Users\Hurvajz\Desktop\presentation.docx
[2010.03.27 20:10:08 | 000,001,472 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk
[2010.03.27 19:20:41 | 000,000,945 | ---- | M] () -- C:\Users\Hurvajz\Desktop\PowerStrip.lnk
[2010.03.26 12:16:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.03.26 12:06:55 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2010.03.26 12:06:23 | 000,001,344 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2010.03.23 22:25:28 | 005,952,044 | ---- | M] () -- C:\Users\Hurvajz\Desktop\VR23-03-2010_211913.wav
[2010.03.23 16:16:07 | 000,001,894 | ---- | M] () -- C:\Windows\Helicon Debug Window.ini
[2010.03.18 18:05:20 | 000,086,030 | ---- | M] () -- C:\Users\Hurvajz\Desktop\termite-11.gif
[2010.03.18 18:05:16 | 000,080,206 | ---- | M] () -- C:\Users\Hurvajz\Desktop\4026E8C25D8333F04CF6B52178B08F83.gif
[2010.03.18 18:05:11 | 000,102,607 | ---- | M] () -- C:\Users\Hurvajz\Desktop\04310A621EB11CB7BCB1142A1416E0AD.gif
========== Files Created - No Company Name ==========
[2010.04.16 16:59:28 | 005,590,016 | ---- | C] () -- C:\Users\Hurvajz\Desktop\Xylobanus x Cautires.ppt
[2010.04.16 12:20:34 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.16 12:04:57 | 000,008,608 | ---- | C] () -- C:\Users\Hurvajz\Desktop\Letenky Turecko.xlsx
[2010.04.16 08:49:12 | 000,001,065 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2010.04.16 08:49:12 | 000,000,643 | ---- | C] () -- C:\Windows\uninstallstickies.bat
[2010.04.15 12:46:20 | 000,137,728 | ---- | C] () -- C:\Users\Hurvajz\Desktop\Kubecek&Bocak.doc
[2010.04.15 10:26:45 | 000,890,608 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.6.jpg
[2010.04.15 10:26:43 | 000,649,661 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.3.jpg
[2010.04.15 10:26:42 | 000,572,463 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.4.jpg
[2010.04.15 10:26:37 | 000,889,825 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.5.jpg
[2010.04.15 10:26:36 | 000,815,548 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.1.jpg
[2010.04.15 10:26:33 | 000,797,034 | ---- | C] () -- C:\Users\Hurvajz\Desktop\foto č.2.jpg
[2010.04.14 11:29:22 | 000,076,800 | ---- | C] () -- C:\Users\Hurvajz\Desktop\RK_SYSBEZ_Checklist.doc
[2010.04.13 15:23:52 | 000,002,288 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.09 00:05:21 | 006,912,590 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\CooLWPC Wallpaper.bmp
[2010.04.08 16:16:24 | 000,000,010 | ---- | C] () -- C:\Windows\WININIT.INI
[2010.04.07 11:28:35 | 000,002,121 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010.04.01 14:01:03 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.04.01 10:25:34 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010.03.30 12:35:09 | 000,002,181 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.03.30 12:35:09 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.03.30 08:23:03 | 000,009,194 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bko
[2010.03.29 23:59:03 | 000,013,953 | ---- | C] () -- C:\Users\Hurvajz\Desktop\abstrakty.docx
[2010.03.29 23:58:51 | 000,033,487 | ---- | C] () -- C:\Users\Hurvajz\Desktop\články.docx
[2010.03.28 10:18:39 | 000,009,194 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bk!
[2010.03.28 09:55:39 | 000,009,194 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.bak
[2010.03.27 20:04:54 | 000,001,472 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk
[2010.03.27 20:04:51 | 000,009,194 | ---- | C] () -- C:\Users\Hurvajz\AppData\Roaming\PStrip.ini
[2010.03.27 19:20:41 | 000,000,945 | ---- | C] () -- C:\Users\Hurvajz\Desktop\PowerStrip.lnk
[2010.03.27 19:20:29 | 000,013,008 | ---- | C] () -- C:\Windows\SysNative\drivers\pstrip64.sys
[2010.03.26 14:32:29 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2010.03.26 14:32:29 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\hdduinst.exe
[2010.03.26 12:16:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.03.26 12:06:55 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2010.03.26 12:06:23 | 000,001,344 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2010.03.23 22:25:28 | 005,952,044 | ---- | C] () -- C:\Users\Hurvajz\Desktop\VR23-03-2010_211913.wav
[2010.03.23 12:14:57 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.23 12:14:56 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.23 10:24:22 | 001,965,928 | ---- | C] () -- C:\Users\Hurvajz\Desktop\English presentation.pptx
[2010.03.18 18:05:20 | 000,086,030 | ---- | C] () -- C:\Users\Hurvajz\Desktop\termite-11.gif
[2010.03.18 18:05:16 | 000,080,206 | ---- | C] () -- C:\Users\Hurvajz\Desktop\4026E8C25D8333F04CF6B52178B08F83.gif
[2010.03.18 18:05:11 | 000,102,607 | ---- | C] () -- C:\Users\Hurvajz\Desktop\04310A621EB11CB7BCB1142A1416E0AD.gif
[2010.02.19 09:39:15 | 000,000,213 | ---- | C] () -- C:\Users\Hurvajz\.jalbum-recent-projects.properties
[2010.02.19 09:39:14 | 000,000,723 | ---- | C] () -- C:\Users\Hurvajz\.jalbum-defaults.jap
[2010.02.11 10:06:17 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini
[2009.11.20 14:39:27 | 000,018,432 | -HS- | C] () -- C:\Users\Hurvajz\AppData\Roaming\Thumbs.db
[2009.11.08 17:27:04 | 001,603,560 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.11.04 23:42:39 | 000,004,608 | ---- | C] () -- C:\Users\Hurvajz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.04 13:21:24 | 000,001,894 | ---- | C] () -- C:\Windows\Helicon Debug Window.ini
[2009.11.01 22:59:04 | 000,000,033 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2009.11.01 22:58:35 | 000,002,753 | ---- | C] () -- C:\Windows\UN32P.INI
[2009.11.01 22:58:05 | 000,001,779 | ---- | C] () -- C:\Windows\MAILTRAN.INI
[2009.11.01 22:58:04 | 000,002,840 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2009.11.01 22:57:56 | 000,004,580 | ---- | C] () -- C:\Windows\WTRAN32.INI
[2009.11.01 22:57:56 | 000,002,850 | ---- | C] () -- C:\Windows\WDICT32.INI
[2009.10.29 23:53:45 | 003,670,016 | -HS- | C] () -- C:\Users\Hurvajz\NTUSER.DAT
[2009.10.29 23:53:45 | 000,524,288 | -HS- | C] () -- C:\Users\Hurvajz\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009.10.29 23:53:45 | 000,524,288 | -HS- | C] () -- C:\Users\Hurvajz\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009.10.29 23:53:45 | 000,262,144 | -HS- | C] () -- C:\Users\Hurvajz\ntuser.dat.LOG1
[2009.10.29 23:53:45 | 000,065,536 | -HS- | C] () -- C:\Users\Hurvajz\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009.10.29 23:53:45 | 000,000,020 | -HS- | C] () -- C:\Users\Hurvajz\ntuser.ini
[2009.10.29 23:53:45 | 000,000,000 | -HS- | C] () -- C:\Users\Hurvajz\ntuser.dat.LOG2
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2010.02.19 08:00:47 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Canneverbe_Limited
[2009.11.02 22:55:34 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\com.cbs.himym.desktop.E9E67C1457924EABBA27327D1BAF79E9B78ADD40.1
[2010.02.11 09:50:27 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\DAEMON Tools Lite
[2010.04.05 09:54:51 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\FileZilla
[2010.03.31 10:11:49 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\GetRightToGo
[2009.10.30 00:12:57 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\GHISLER
[2010.02.19 10:10:15 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\JAlbum
[2010.03.23 10:05:38 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Nokia
[2010.03.30 15:22:48 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\OLYMPUS
[2009.10.30 02:37:49 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Opera
[2009.11.03 22:48:04 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\PC Suite
[2009.11.10 00:21:18 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Publish Providers
[2009.11.09 01:10:27 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Sony
[2010.04.16 15:35:34 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\stickies
[2010.04.01 21:57:59 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\TeamViewer
[2009.10.30 12:55:31 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\TuneUp Software
[2010.01.08 12:39:27 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\WinBatch
[2009.10.31 20:38:54 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Zoner
[2010.03.20 19:03:45 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2010.03.23 10:12:33 | 004,819,261 | ---- | M] ()(C:\Users\Hurvajz\Desktop\DIPLOMOV? PR?CE KUBE.docx) -- C:\Users\Hurvajz\Desktop\DIPLOMOV� PR�CE KUBE.docx
[2010.03.23 10:12:33 | 004,819,261 | ---- | C] ()(C:\Users\Hurvajz\Desktop\DIPLOMOV? PR?CE KUBE.docx) -- C:\Users\Hurvajz\Desktop\DIPLOMOV� PR�CE KUBE.docx
========== Alternate Data Streams ==========
@Alternate Data Stream - 400 bytes -> C:\Users\Hurvajz\AppData\Local\desktop.ini:5c43de08f544da0e2ebf87ecd84498e6
@Alternate Data Stream - 400 bytes -> C:\Users\Hurvajz\AppData\Local\desktop.ini:3e07d7c0320e1040da5b895ad8a55486
@Alternate Data Stream - 400 bytes -> C:\Users\Hurvajz\AppData\Local\desktop.ini:3a96398c0f384e4adf5faa1736aeaf96
@Alternate Data Stream - 400 bytes -> C:\Users\Hurvajz\AppData\Local\desktop.ini:11797fbfcf3cb424fc7643a177c92a31
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, asi vir..
Google earth---budeš muset přeinstalovat.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search13.net/search.php?clid=486&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.startup.homepage: "http://search13.net?clid=486"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..keyword.URL: "http://search13.net/search.php?clid=486&q="
[2010.03.30 08:25:02 | 000,000,000 | ---D | M] -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar
[2010.02.11 09:40:59 | 000,002,055 | ---- | M] () -- C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\searchplugins\daemon-search.xml
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Hurvajz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4 - HKLM..\Run: [] File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\Users\Hurvajz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\tasks\SA.DAT
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu, asi vir..
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Web Search" removed from browser.search.defaultenginename
Prefs.js: "http://search13.net/search.php?clid=486&q=" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=971163" removed from browser.search.param.yahoo-fr
Prefs.js: "http://search13.net?clid=486" removed from browser.startup.homepage
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
Prefs.js: bkmrksync@nokia.com:1.0.0.723 removed from extensions.enabledItems
Prefs.js: pdfforge@mybrowserbar.com:1.1.2 removed from extensions.enabledItems
Prefs.js: radiobar@toolbar:1.0.0 removed from extensions.enabledItems
Prefs.js: searchsettings@spigot.com:1.2.3 removed from extensions.enabledItems
Prefs.js: "http://search13.net/search.php?clid=486&q=" removed from keyword.URL
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar\META-INF folder moved successfully.
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar\components folder moved successfully.
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar\chrome folder moved successfully.
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar folder moved successfully.
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\searchplugins\daemon-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Users\Hurvajz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE7CD045-E861-484f-8273-0445EE161910}\ not found.
File move failed. C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ deleted successfully.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646040906-3391474901-3083940661-1000Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646040906-3391474901-3083940661-1000UA.job moved successfully.
C:\Users\Hurvajz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Hurvajz
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 178185362 bytes
->Java cache emptied: 25493603 bytes
->FireFox cache emptied: 38670364 bytes
->Google Chrome cache emptied: 6657959 bytes
->Flash cache emptied: 1001381 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 79315206 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85315 bytes
RecycleBin emptied: 11741102 bytes
Total Files Cleaned = 325,00 mb
OTL by OldTimer - Version 3.2.1.1 log created on 04162010_185343
Files\Folders moved on Reboot...
File move failed. C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Web Search" removed from browser.search.defaultenginename
Prefs.js: "http://search13.net/search.php?clid=486&q=" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=971163" removed from browser.search.param.yahoo-fr
Prefs.js: "http://search13.net?clid=486" removed from browser.startup.homepage
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
Prefs.js: bkmrksync@nokia.com:1.0.0.723 removed from extensions.enabledItems
Prefs.js: pdfforge@mybrowserbar.com:1.1.2 removed from extensions.enabledItems
Prefs.js: radiobar@toolbar:1.0.0 removed from extensions.enabledItems
Prefs.js: searchsettings@spigot.com:1.2.3 removed from extensions.enabledItems
Prefs.js: "http://search13.net/search.php?clid=486&q=" removed from keyword.URL
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar\META-INF folder moved successfully.
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar\components folder moved successfully.
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar\chrome folder moved successfully.
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\extensions\radiobar@toolbar folder moved successfully.
C:\Users\Hurvajz\AppData\Roaming\Mozilla\Firefox\Profiles\ghu30t3w.default\searchplugins\daemon-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Users\Hurvajz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE7CD045-E861-484f-8273-0445EE161910}\ not found.
File move failed. C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ deleted successfully.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646040906-3391474901-3083940661-1000Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646040906-3391474901-3083940661-1000UA.job moved successfully.
C:\Users\Hurvajz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Hurvajz
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 178185362 bytes
->Java cache emptied: 25493603 bytes
->FireFox cache emptied: 38670364 bytes
->Google Chrome cache emptied: 6657959 bytes
->Flash cache emptied: 1001381 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 79315206 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85315 bytes
RecycleBin emptied: 11741102 bytes
Total Files Cleaned = 325,00 mb
OTL by OldTimer - Version 3.2.1.1 log created on 04162010_185343
Files\Folders moved on Reboot...
File move failed. C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, asi vir..
Smaž složku:
C:\_OTL
Spusť F-Secure Online Scanner
Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .
C:\_OTL
Spusť F-Secure Online Scanner
Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu, asi vir..
Zkoušel jsem ten scanner uz nekolikrat pustit, ale vzdycky to jede strasne dlouho. Jelo to cely vecer, celou noc a rano to ukazovalo pres 2 mil. projetych souboru, ale pouze 15% hotoveho testu. Navic je to asi dost narocny proces, takze kdyz je to pustene, sekaji se mi filmy..Navic potrebuju pocitac obcas vypinat, takze asi nerealne tenhle test udelat. Leda ten rychly scan, ten uz jsem si udelal.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, asi vir..
Nejspíš odchází HDD , zkus kontrolu HDD na chyby a RAM Memtestem.
Zazálohuj si důležité dokumenty..
Zazálohuj si důležité dokumenty..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 98 hostů