Zdravim,
může se někdo, prosím, mrknout na log z mého PC?
Díky
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:10:20, on 8.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
Running processes:
F:\Programy(x86)\Fraps\fraps.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
F:\Programy(x86)\uTorrent\uTorrent.exe
F:\Programy(x86)\Desktop Sidebar_old\dsidebar.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
F:\Programy(x86)\FirefoxPreloader\FirefoxPreloader.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
F:\Programy(x86)\Winamp\winamp.exe
F:\Programy(x86)\iTunes\iTunesHelper.exe
F:\Programy(x86)\QIP Infium\infium.exe
F:\Programy(x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Users\CZechBoY\Desktop\server\ServerJabko2.exe
C:\Program Files (x86)\20Dollars2Surf\20dollars2surf.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
F:\Programy(x86)\Trend Micro\HiJackThis\HiJackThis.exe
F:\Programy(x86)\Opera\opera.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Programy(x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - F:\Programy(x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "F:\Programy(x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SIDEBAR] "F:\Programy(x86)\Desktop Sidebar_old\dsidebar.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Infium] "F:\Programy(x86)\QIP Infium\infium.exe" /autorun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: 20Dollars2Surf.lnk = C:\Program Files (x86)\20Dollars2Surf\20dollars2surf.exe
O4 - Global Startup: Firefox Preloader.lnk = F:\Programy(x86)\FirefoxPreloader\FirefoxPreloader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://F:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll/menuhandler.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2038154B-2980-46B6-B116-3AA4AF93D7AF}: NameServer = 10.0.0.100,10.0.0.200
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E509714-6D82-46A5-88A5-B2A714A244E0}: NameServer = 10.0.0.100,10.0.0.200
O17 - HKLM\System\CS2\Services\Tcpip\..\{2038154B-2980-46B6-B116-3AA4AF93D7AF}: NameServer = 10.0.0.100,10.0.0.200
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Ashampoo CoreTuner Helper Service (acthelper) - Ashampoo Development GmbH & Co. KG - F:\Programy(x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - F:\Programy(x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - F:\Programy(x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - F:\Programy\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - Unknown owner - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - F:\Programy\RealVNC\VNC4\WinVNC4.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10248 bytes
[HJT] Log mého PC +
-
CZechBoY
- Master Level 9.5
- Příspěvky: 8813
- Registrován: srpen 08
- Bydliště: Brno
- Pohlaví:
- Stav:
Offline
- Kontakt:
[HJT] Log mého PC +
PHP, Nette, MySQL, C#, TypeScript, Python
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: [HJT] Log mého PC
fix:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
CZechBoY
- Master Level 9.5
- Příspěvky: 8813
- Registrován: srpen 08
- Bydliště: Brno
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: [HJT] Log mého PC
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Verze databáze: 5271
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
8.12.2010 16:27:51
mbam-log-2010-12-08 (16-27-51).txt
Typ kontroly: Rychlý test
Testované objekty: 152935
Uplynulý čas: 1 minut, 50 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
nevíš proč mi systém žere přes 70% RAM(4GB celkem), když v minulých Win7 mi to žralo něco kolem 30-40%?
www.malwarebytes.org
Verze databáze: 5271
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
8.12.2010 16:27:51
mbam-log-2010-12-08 (16-27-51).txt
Typ kontroly: Rychlý test
Testované objekty: 152935
Uplynulý čas: 1 minut, 50 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
nevíš proč mi systém žere přes 70% RAM(4GB celkem), když v minulých Win7 mi to žralo něco kolem 30-40%?
PHP, Nette, MySQL, C#, TypeScript, Python
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: [HJT] Log mého PC
Co žere nejvíc? Nevidím tam na první pohled nic špatného, ale ...
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
CZechBoY
- Master Level 9.5
- Příspěvky: 8813
- Registrován: srpen 08
- Bydliště: Brno
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: [HJT] Log mého PC +
nejvíc žere
ten OTL udělám třeba večer, nechce se mi teď vše vypínat
ten OTL udělám třeba večer, nechce se mi teď vše vypínat
PHP, Nette, MySQL, C#, TypeScript, Python
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
-
CZechBoY
- Master Level 9.5
- Příspěvky: 8813
- Registrován: srpen 08
- Bydliště: Brno
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: [HJT] Log mého PC +
tak jsem to udělal (spadl mi PC-BSOD jinak bych to nedal nikdy asi 
)
http://www.upload.jabko.net/soubory/Extras.Txt
http://www.upload.jabko.net/soubory/OTL.Txt
)http://www.upload.jabko.net/soubory/Extras.Txt
http://www.upload.jabko.net/soubory/OTL.Txt
PHP, Nette, MySQL, C#, TypeScript, Python
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: [HJT] Log mého PC +
Vlož sem logy klidně naněkolikrát..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
CZechBoY
- Master Level 9.5
- Příspěvky: 8813
- Registrován: srpen 08
- Bydliště: Brno
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: [HJT] Log mého PC +
OTL:
OTL logfile created on: 8.12.2010 20:06:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\CZechBoY\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,25 Gb Total Space | 16,32 Gb Free Space | 43,81% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 4,94 Gb Free Space | 25,31% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 41,33 Gb Free Space | 84,64% Space Free | Partition Type: NTFS
Drive F: | 164,51 Gb Total Space | 19,24 Gb Free Space | 11,69% Space Free | Partition Type: NTFS
Computer Name: MNO | User Name: CZechBoY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\CZechBoY\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - F:\Programy(x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - F:\Programy(x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - F:\Programy(x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - F:\Programy(x86)\Opera\opera.exe (Opera Software)
PRC - F:\Programy(x86)\QIP Infium\infium.exe ()
PRC - F:\Programy(x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe ()
PRC - F:\Programy(x86)\Fraps\fraps.exe (Beepa P/L)
PRC - F:\Programy(x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe ()
PRC - C:\Program Files (x86)\20Dollars2Surf\20dollars2surf.exe (20Dollars2Surf.com)
PRC - F:\Programy(x86)\FirefoxPreloader\FirefoxPreloader.exe (6XGate Incorporated)
PRC - F:\Programy(x86)\Desktop Sidebar_old\dsidebar.exe (Idea2)
========== Modules (SafeList) ==========
MOD - C:\Users\CZechBoY\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - F:\Programy(x86)\Fraps\fraps32.dll (Beepa P/L)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Hamachi2Svc) -- F:\Programy(x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (OODefragAgent) -- F:\Programy\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AllShare) -- F:\Programy(x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe ()
SRV - (WinVNC4) -- F:\Programy\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\DRIVERS\nlndis.sys File not found
DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\DRIVERS\nlndis.sys File not found
DRV:64bit: - (CSN5PDTS82x64) -- C:\Windows\SysNative\Drivers\CSN5PDTS82x64.sys File not found
DRV:64bit: - (CSN5PDTS82) -- C:\Windows\SysNative\Drivers\CSN5PDTS82.sys File not found
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (vncmirror) -- C:\Windows\SysNative\drivers\vncmirror.sys (RealVNC Ltd.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV - (RivaTuner64) -- F:\Programy(x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (avfwot) -- C:\Windows\SysWOW64\drivers\avfwot.sys (Avira GmbH)
DRV - (VSPerfDrv100) -- F:\Programy(x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (ISODrive) -- F:\Programy(x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: F:\Programy(x86)\Mozilla Firefox\components [2010.11.07 00:16:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: F:\Programy(x86)\Mozilla Firefox\plugins [2010.11.07 00:16:11 | 000,000,000 | ---D | M]
[2010.10.13 17:52:26 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Extensions
[2010.10.13 17:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.12.03 22:45:55 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Firefox\Profiles\s4n70o8v.default\extensions
[2010.11.05 20:24:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Firefox\Profiles\s4n70o8v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.10.31 22:34:50 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Firefox\Profiles\s4n70o8v.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.12.03 22:35:43 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Firefox\Profiles\s4n70o8v.default\extensions\firebug@software.joehewitt.com
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Idea2 SidebarBrowserMonitor Class) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Programy(x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - F:\Programy(x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [OODefragTray] F:\Programy\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] F:\Programy(x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKCU..\Run: [Infium] F:\Programy(x86)\QIP Infium\infium.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SIDEBAR] F:\Programy(x86)\Desktop Sidebar_old\dsidebar.exe (Idea2)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [uTorrent] F:\Programy(x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O8:64bit: - Extra context menu item: Subscribe in Desktop Sidebar - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O8 - Extra context menu item: Subscribe in Desktop Sidebar - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.08 20:05:04 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2010.12.08 16:46:57 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\CZechBoY\Desktop\OTL.exe
[2010.12.08 16:25:13 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\Malwarebytes
[2010.12.08 16:25:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.08 16:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.08 16:25:05 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.12.08 16:18:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.12.07 21:54:20 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\.thumbnails
[2010.12.07 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\GHISLER
[2010.12.06 18:59:14 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.12.06 18:59:14 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.12.06 18:59:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.12.06 18:59:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.12.06 18:59:14 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.12.06 18:59:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.12.06 18:59:00 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.12.06 18:58:59 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.12.06 18:58:59 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.12.06 18:58:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010.12.06 18:58:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010.12.06 18:58:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2010.12.06 18:32:46 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\Microsoft FxCop
[2010.11.30 15:34:52 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Documents\Nová složka
[2010.11.30 15:10:51 | 000,962,612 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC42D.DLL
[2010.11.30 15:10:51 | 000,434,252 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVCRTD.DLL
[2010.11.30 15:10:51 | 000,061,493 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFCN42D.DLL
[2010.11.30 15:10:50 | 000,077,824 | ---- | C] (JVSoftware) -- C:\Windows\SysWow64\nmapwin.exe
[2010.11.30 15:10:49 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2010.11.30 15:10:49 | 000,114,688 | ---- | C] (Open Source Telecom) -- C:\Windows\SysWow64\CCGNU32.dll
[2010.11.30 15:10:46 | 001,009,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mschrt20.ocx
[2010.11.30 15:10:46 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomct2.ocx
[2010.11.30 15:10:46 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71d.dll
[2010.11.30 15:10:46 | 000,103,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMM32.OCX
[2010.11.30 15:10:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msado25.tlb
[2010.11.30 15:10:46 | 000,010,752 | ---- | C] (Almeida & Andrade Ltda) -- C:\Windows\SysWow64\aamd532.dll
[2010.11.30 15:10:45 | 000,939,224 | ---- | C] (Macromedia, Inc.) -- C:\Windows\SysWow64\Flash.ocx
[2010.11.30 15:10:45 | 000,561,179 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dao360.dll
[2010.11.30 15:10:45 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDBRPTR.DLL
[2010.11.30 15:10:45 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDERUN.DLL
[2010.11.30 15:10:45 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2010.11.30 15:10:45 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mswinsck.ocx
[2010.11.30 15:10:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msado20.tlb
[2010.11.30 15:10:44 | 001,077,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2010.11.30 15:10:44 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2010.11.30 15:10:44 | 000,209,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tabctl32.ocx
[2010.11.30 15:10:44 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\richtx32.ocx
[2010.11.30 15:10:44 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comct232.ocx
[2010.11.30 15:10:44 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Comdlg32.ocx
[2010.11.30 15:10:44 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.ocx
[2010.11.30 15:10:44 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2010.11.29 20:30:17 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Documents\gegl-0.0
[2010.11.29 20:30:17 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\.gimp-2.6
[2010.11.29 20:00:44 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\.idlerc
[2010.11.29 18:27:31 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Local\LogMeIn Hamachi
[2010.11.27 01:01:01 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Desktop\IntelBurnTest
[2010.11.25 21:20:26 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\Microsoft Corporation
[2010.11.25 19:42:44 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Documents\Remote Assistance Logs
[2010.11.24 20:52:01 | 006,365,696 | ---- | C] (Martin Prikryl) -- C:\Users\CZechBoY\Desktop\WinSCP.exe
[2010.11.24 20:52:01 | 000,089,600 | ---- | C] (Martin Prikryl) -- C:\Users\CZechBoY\Desktop\WinSCP.com
[2010.11.21 21:46:21 | 000,172,032 | ---- | C] (Simon Tatham) -- C:\Users\CZechBoY\Desktop\puttygen.exe
[2010.11.18 20:17:21 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\GetRightToGo
[2010.11.18 20:17:21 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Documents\Downloads
[2010.11.18 15:17:11 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\NumusAutoDiskBuilder
[2010.11.18 15:16:52 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2010.11.18 15:16:52 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Local\Xenocode
[2010.11.18 15:16:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010.11.18 15:16:52 | 000,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2010.11.18 14:33:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010.11.11 22:42:29 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\RealVNC
[2010.11.11 22:38:44 | 000,026,112 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\vncmirror.dll
[2010.11.11 22:38:44 | 000,004,608 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\drivers\vncmirror.sys
[2010.11.10 21:29:57 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.11.09 13:27:40 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wbemdisp.tlb
[2010.11.09 13:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\20Dollars2Surf
========== Files - Modified Within 30 Days ==========
[2010.12.08 20:02:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.08 20:02:50 | 3193,298,944 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.08 20:02:49 | 000,038,280 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2010.12.08 20:01:15 | 000,025,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.08 20:01:15 | 000,025,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.08 20:00:44 | 000,443,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.12.08 16:46:57 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\CZechBoY\Desktop\OTL.exe
[2010.12.08 16:09:13 | 000,002,979 | ---- | M] () -- C:\Users\CZechBoY\Desktop\HiJackThis.lnk
[2010.12.07 21:54:26 | 000,000,836 | ---- | M] () -- C:\Users\CZechBoY\.recently-used.xbel
[2010.12.07 21:38:06 | 000,003,497 | ---- | M] () -- C:\Windows\WINCMD.INI
[2010.12.03 10:45:43 | 000,000,600 | ---- | M] () -- C:\Users\CZechBoY\AppData\Local\PUTTY.RND
[2010.12.02 15:26:03 | 000,000,321 | ---- | M] () -- C:\Windows\WpePro_0delay.INI
[2010.12.01 15:53:36 | 000,000,600 | ---- | M] () -- C:\Users\CZechBoY\AppData\Roaming\winscp.rnd
[2010.11.30 15:10:53 | 000,000,694 | ---- | M] () -- C:\Users\CZechBoY\Desktop\NetTools.lnk
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.29 17:14:04 | 001,576,744 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.29 17:14:04 | 000,666,168 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.11.29 17:14:04 | 000,651,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.29 17:14:04 | 000,139,574 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.11.29 17:14:04 | 000,120,554 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\UC.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\RAR.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\PKZIP.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\PKUNZIP.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\NOCLOSE.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\LHA.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\ARJ.PIF
[2010.11.27 20:15:26 | 000,053,248 | ---- | M] () -- C:\Users\CZechBoY\Desktop\AutoClick.exe
[2010.11.24 21:21:41 | 000,010,963 | ---- | M] () -- C:\Users\CZechBoY\Desktop\WinSCP.ini
[2010.11.24 15:34:45 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.11.22 18:09:03 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.11.21 22:02:14 | 000,000,525 | ---- | M] () -- C:\Users\CZechBoY\Desktop\killer.vbs
[2010.11.21 21:55:06 | 000,000,432 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010.11.21 21:48:01 | 000,001,471 | ---- | M] () -- C:\Users\CZechBoY\Desktop\jabko_private.ppk
[2010.11.21 21:47:51 | 000,000,457 | ---- | M] () -- C:\Users\CZechBoY\Desktop\jabko_public
[2010.11.21 21:46:21 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Users\CZechBoY\Desktop\puttygen.exe
[2010.11.19 10:41:02 | 000,000,110 | ---- | M] () -- C:\Windows\GMouse.ini
[2010.11.18 20:19:24 | 000,246,272 | ---- | M] () -- C:\Users\CZechBoY\Desktop\Gmouse.exe
[2010.11.18 14:38:39 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010.11.18 14:38:37 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2010.11.09 17:56:28 | 000,936,362 | ---- | M] () -- C:\Users\CZechBoY\Desktop\lfs klavesnice.png
[2010.11.09 13:27:41 | 000,001,025 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
========== Files Created - No Company Name ==========
[2010.12.08 16:09:13 | 000,002,979 | ---- | C] () -- C:\Users\CZechBoY\Desktop\HiJackThis.lnk
[2010.12.07 21:54:26 | 000,000,836 | ---- | C] () -- C:\Users\CZechBoY\.recently-used.xbel
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2010.11.30 15:10:53 | 000,000,694 | ---- | C] () -- C:\Users\CZechBoY\Desktop\NetTools.lnk
[2010.11.30 15:10:50 | 000,809,345 | ---- | C] () -- C:\Windows\SysWow64\nmap-os-fingerprints
[2010.11.30 15:10:50 | 000,557,444 | ---- | C] () -- C:\Windows\SysWow64\nmap-service-probes
[2010.11.30 15:10:50 | 000,482,123 | ---- | C] () -- C:\Windows\SysWow64\nmapwin.chm
[2010.11.30 15:10:50 | 000,452,096 | ---- | C] () -- C:\Windows\SysWow64\nmap.exe
[2010.11.30 15:10:50 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\nmapserv.exe
[2010.11.30 15:10:50 | 000,225,546 | ---- | C] () -- C:\Windows\SysWow64\nmap-mac-prefixes
[2010.11.30 15:10:50 | 000,192,007 | ---- | C] () -- C:\Windows\SysWow64\CHANGELOG
[2010.11.30 15:10:50 | 000,108,536 | ---- | C] () -- C:\Windows\SysWow64\nmap-services
[2010.11.30 15:10:50 | 000,025,611 | ---- | C] () -- C:\Windows\SysWow64\COPYING
[2010.11.30 15:10:50 | 000,021,552 | ---- | C] () -- C:\Windows\SysWow64\nmap.xsl
[2010.11.30 15:10:50 | 000,017,955 | ---- | C] () -- C:\Windows\SysWow64\nmap-rpc
[2010.11.30 15:10:50 | 000,006,318 | ---- | C] () -- C:\Windows\SysWow64\nmap-protocols
[2010.11.30 15:10:50 | 000,000,192 | ---- | C] () -- C:\Windows\SysWow64\nmap_performance.reg
[2010.11.30 15:10:45 | 000,010,348 | ---- | C] () -- C:\Windows\SysWow64\SubclassingSink.tlb
[2010.11.27 20:15:26 | 000,053,248 | ---- | C] () -- C:\Users\CZechBoY\Desktop\AutoClick.exe
[2010.11.24 21:19:18 | 000,010,963 | ---- | C] () -- C:\Users\CZechBoY\Desktop\WinSCP.ini
[2010.11.24 20:52:08 | 000,000,600 | ---- | C] () -- C:\Users\CZechBoY\AppData\Roaming\winscp.rnd
[2010.11.24 15:34:45 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.11.21 22:01:05 | 000,000,525 | ---- | C] () -- C:\Users\CZechBoY\Desktop\killer.vbs
[2010.11.21 21:48:01 | 000,001,471 | ---- | C] () -- C:\Users\CZechBoY\Desktop\jabko_private.ppk
[2010.11.21 21:47:51 | 000,000,457 | ---- | C] () -- C:\Users\CZechBoY\Desktop\jabko_public
[2010.11.18 20:20:01 | 000,000,110 | ---- | C] () -- C:\Windows\GMouse.ini
[2010.11.18 20:19:21 | 000,246,272 | ---- | C] () -- C:\Users\CZechBoY\Desktop\Gmouse.exe
[2010.11.11 22:38:48 | 000,031,232 | ---- | C] () -- C:\Windows\SysNative\VNCpm.dll
[2010.11.09 17:56:25 | 000,936,362 | ---- | C] () -- C:\Users\CZechBoY\Desktop\lfs klavesnice.png
[2010.11.09 13:27:41 | 000,001,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
[2010.11.07 22:41:20 | 000,000,321 | ---- | C] () -- C:\Windows\WpePro_0delay.INI
[2010.11.03 16:26:10 | 000,000,600 | ---- | C] () -- C:\Users\CZechBoY\AppData\Local\PUTTY.RND
[2010.10.14 09:40:12 | 001,600,262 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.13 19:00:59 | 000,000,800 | ---- | C] () -- C:\Users\CZechBoY\AppData\Local\SRDownloader.nast
[2010.10.13 18:56:00 | 000,000,889 | ---- | C] () -- C:\Users\CZechBoY\AppData\Local\SRDownloader.err
[2010.10.13 17:47:35 | 000,003,497 | ---- | C] () -- C:\Windows\WINCMD.INI
[2010.10.13 16:33:05 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.08.25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.08.25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[1993.07.23 18:31:02 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll
========== LOP Check ==========
[2010.11.07 23:14:37 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Colasoft MAC Scanner
[2010.12.08 20:01:38 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Desktop Sidebar
[2010.12.07 15:42:04 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\FileZilla
[2010.10.22 20:44:17 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Foxit Software
[2010.11.18 20:17:49 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\GetRightToGo
[2010.12.07 21:38:22 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\GHISLER
[2010.10.13 17:01:30 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\IrfanView
[2010.11.18 15:17:11 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\NumusAutoDiskBuilder
[2010.10.13 16:40:51 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Opera
[2010.10.13 17:35:43 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\QIP
[2010.11.18 07:45:25 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\TeamViewer
[2010.10.22 20:53:24 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Transcend
[2010.11.01 01:13:19 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\TweakNow PowerPack 2010
[2010.12.08 20:07:58 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\uTorrent
[2010.10.20 18:13:15 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Zoner
[2009.07.14 06:08:49 | 000,008,954 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
OTL logfile created on: 8.12.2010 20:06:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\CZechBoY\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,25 Gb Total Space | 16,32 Gb Free Space | 43,81% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 4,94 Gb Free Space | 25,31% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 41,33 Gb Free Space | 84,64% Space Free | Partition Type: NTFS
Drive F: | 164,51 Gb Total Space | 19,24 Gb Free Space | 11,69% Space Free | Partition Type: NTFS
Computer Name: MNO | User Name: CZechBoY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\CZechBoY\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - F:\Programy(x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - F:\Programy(x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - F:\Programy(x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - F:\Programy(x86)\Opera\opera.exe (Opera Software)
PRC - F:\Programy(x86)\QIP Infium\infium.exe ()
PRC - F:\Programy(x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe ()
PRC - F:\Programy(x86)\Fraps\fraps.exe (Beepa P/L)
PRC - F:\Programy(x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe ()
PRC - C:\Program Files (x86)\20Dollars2Surf\20dollars2surf.exe (20Dollars2Surf.com)
PRC - F:\Programy(x86)\FirefoxPreloader\FirefoxPreloader.exe (6XGate Incorporated)
PRC - F:\Programy(x86)\Desktop Sidebar_old\dsidebar.exe (Idea2)
========== Modules (SafeList) ==========
MOD - C:\Users\CZechBoY\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - F:\Programy(x86)\Fraps\fraps32.dll (Beepa P/L)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Hamachi2Svc) -- F:\Programy(x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (OODefragAgent) -- F:\Programy\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AllShare) -- F:\Programy(x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe ()
SRV - (WinVNC4) -- F:\Programy\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\DRIVERS\nlndis.sys File not found
DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\DRIVERS\nlndis.sys File not found
DRV:64bit: - (CSN5PDTS82x64) -- C:\Windows\SysNative\Drivers\CSN5PDTS82x64.sys File not found
DRV:64bit: - (CSN5PDTS82) -- C:\Windows\SysNative\Drivers\CSN5PDTS82.sys File not found
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (vncmirror) -- C:\Windows\SysNative\drivers\vncmirror.sys (RealVNC Ltd.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV - (RivaTuner64) -- F:\Programy(x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (avfwot) -- C:\Windows\SysWOW64\drivers\avfwot.sys (Avira GmbH)
DRV - (VSPerfDrv100) -- F:\Programy(x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (ISODrive) -- F:\Programy(x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: F:\Programy(x86)\Mozilla Firefox\components [2010.11.07 00:16:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: F:\Programy(x86)\Mozilla Firefox\plugins [2010.11.07 00:16:11 | 000,000,000 | ---D | M]
[2010.10.13 17:52:26 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Extensions
[2010.10.13 17:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.12.03 22:45:55 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Firefox\Profiles\s4n70o8v.default\extensions
[2010.11.05 20:24:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Firefox\Profiles\s4n70o8v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.10.31 22:34:50 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Firefox\Profiles\s4n70o8v.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.12.03 22:35:43 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Mozilla\Firefox\Profiles\s4n70o8v.default\extensions\firebug@software.joehewitt.com
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Idea2 SidebarBrowserMonitor Class) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Programy(x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - F:\Programy(x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [OODefragTray] F:\Programy\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] F:\Programy(x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKCU..\Run: [Infium] F:\Programy(x86)\QIP Infium\infium.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SIDEBAR] F:\Programy(x86)\Desktop Sidebar_old\dsidebar.exe (Idea2)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [uTorrent] F:\Programy(x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O8:64bit: - Extra context menu item: Subscribe in Desktop Sidebar - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O8 - Extra context menu item: Subscribe in Desktop Sidebar - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Programy(x86)\Desktop Sidebar_old\sbhelp.dll (Idea2)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.08 20:05:04 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2010.12.08 16:46:57 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\CZechBoY\Desktop\OTL.exe
[2010.12.08 16:25:13 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\Malwarebytes
[2010.12.08 16:25:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.08 16:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.08 16:25:05 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.12.08 16:18:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.12.07 21:54:20 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\.thumbnails
[2010.12.07 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\GHISLER
[2010.12.06 18:59:14 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.12.06 18:59:14 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.12.06 18:59:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.12.06 18:59:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.12.06 18:59:14 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.12.06 18:59:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.12.06 18:59:00 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.12.06 18:58:59 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.12.06 18:58:59 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.12.06 18:58:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010.12.06 18:58:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010.12.06 18:58:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2010.12.06 18:32:46 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\Microsoft FxCop
[2010.11.30 15:34:52 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Documents\Nová složka
[2010.11.30 15:10:51 | 000,962,612 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC42D.DLL
[2010.11.30 15:10:51 | 000,434,252 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVCRTD.DLL
[2010.11.30 15:10:51 | 000,061,493 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFCN42D.DLL
[2010.11.30 15:10:50 | 000,077,824 | ---- | C] (JVSoftware) -- C:\Windows\SysWow64\nmapwin.exe
[2010.11.30 15:10:49 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2010.11.30 15:10:49 | 000,114,688 | ---- | C] (Open Source Telecom) -- C:\Windows\SysWow64\CCGNU32.dll
[2010.11.30 15:10:46 | 001,009,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mschrt20.ocx
[2010.11.30 15:10:46 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomct2.ocx
[2010.11.30 15:10:46 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71d.dll
[2010.11.30 15:10:46 | 000,103,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMM32.OCX
[2010.11.30 15:10:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msado25.tlb
[2010.11.30 15:10:46 | 000,010,752 | ---- | C] (Almeida & Andrade Ltda) -- C:\Windows\SysWow64\aamd532.dll
[2010.11.30 15:10:45 | 000,939,224 | ---- | C] (Macromedia, Inc.) -- C:\Windows\SysWow64\Flash.ocx
[2010.11.30 15:10:45 | 000,561,179 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dao360.dll
[2010.11.30 15:10:45 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDBRPTR.DLL
[2010.11.30 15:10:45 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDERUN.DLL
[2010.11.30 15:10:45 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2010.11.30 15:10:45 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mswinsck.ocx
[2010.11.30 15:10:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msado20.tlb
[2010.11.30 15:10:44 | 001,077,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2010.11.30 15:10:44 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2010.11.30 15:10:44 | 000,209,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tabctl32.ocx
[2010.11.30 15:10:44 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\richtx32.ocx
[2010.11.30 15:10:44 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comct232.ocx
[2010.11.30 15:10:44 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Comdlg32.ocx
[2010.11.30 15:10:44 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.ocx
[2010.11.30 15:10:44 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2010.11.29 20:30:17 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Documents\gegl-0.0
[2010.11.29 20:30:17 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\.gimp-2.6
[2010.11.29 20:00:44 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\.idlerc
[2010.11.29 18:27:31 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Local\LogMeIn Hamachi
[2010.11.27 01:01:01 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Desktop\IntelBurnTest
[2010.11.25 21:20:26 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\Microsoft Corporation
[2010.11.25 19:42:44 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Documents\Remote Assistance Logs
[2010.11.24 20:52:01 | 006,365,696 | ---- | C] (Martin Prikryl) -- C:\Users\CZechBoY\Desktop\WinSCP.exe
[2010.11.24 20:52:01 | 000,089,600 | ---- | C] (Martin Prikryl) -- C:\Users\CZechBoY\Desktop\WinSCP.com
[2010.11.21 21:46:21 | 000,172,032 | ---- | C] (Simon Tatham) -- C:\Users\CZechBoY\Desktop\puttygen.exe
[2010.11.18 20:17:21 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\GetRightToGo
[2010.11.18 20:17:21 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\Documents\Downloads
[2010.11.18 15:17:11 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\NumusAutoDiskBuilder
[2010.11.18 15:16:52 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2010.11.18 15:16:52 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Local\Xenocode
[2010.11.18 15:16:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010.11.18 15:16:52 | 000,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2010.11.18 14:33:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010.11.11 22:42:29 | 000,000,000 | ---D | C] -- C:\Users\CZechBoY\AppData\Roaming\RealVNC
[2010.11.11 22:38:44 | 000,026,112 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\vncmirror.dll
[2010.11.11 22:38:44 | 000,004,608 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\drivers\vncmirror.sys
[2010.11.10 21:29:57 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.11.09 13:27:40 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wbemdisp.tlb
[2010.11.09 13:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\20Dollars2Surf
========== Files - Modified Within 30 Days ==========
[2010.12.08 20:02:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.08 20:02:50 | 3193,298,944 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.08 20:02:49 | 000,038,280 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2010.12.08 20:01:15 | 000,025,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.08 20:01:15 | 000,025,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.08 20:00:44 | 000,443,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.12.08 16:46:57 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\CZechBoY\Desktop\OTL.exe
[2010.12.08 16:09:13 | 000,002,979 | ---- | M] () -- C:\Users\CZechBoY\Desktop\HiJackThis.lnk
[2010.12.07 21:54:26 | 000,000,836 | ---- | M] () -- C:\Users\CZechBoY\.recently-used.xbel
[2010.12.07 21:38:06 | 000,003,497 | ---- | M] () -- C:\Windows\WINCMD.INI
[2010.12.03 10:45:43 | 000,000,600 | ---- | M] () -- C:\Users\CZechBoY\AppData\Local\PUTTY.RND
[2010.12.02 15:26:03 | 000,000,321 | ---- | M] () -- C:\Windows\WpePro_0delay.INI
[2010.12.01 15:53:36 | 000,000,600 | ---- | M] () -- C:\Users\CZechBoY\AppData\Roaming\winscp.rnd
[2010.11.30 15:10:53 | 000,000,694 | ---- | M] () -- C:\Users\CZechBoY\Desktop\NetTools.lnk
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.29 17:14:04 | 001,576,744 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.29 17:14:04 | 000,666,168 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.11.29 17:14:04 | 000,651,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.29 17:14:04 | 000,139,574 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.11.29 17:14:04 | 000,120,554 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\UC.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\RAR.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\PKZIP.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\PKUNZIP.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\NOCLOSE.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\LHA.PIF
[2010.11.29 07:56:00 | 000,000,545 | ---- | M] () -- C:\Windows\ARJ.PIF
[2010.11.27 20:15:26 | 000,053,248 | ---- | M] () -- C:\Users\CZechBoY\Desktop\AutoClick.exe
[2010.11.24 21:21:41 | 000,010,963 | ---- | M] () -- C:\Users\CZechBoY\Desktop\WinSCP.ini
[2010.11.24 15:34:45 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.11.22 18:09:03 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.11.21 22:02:14 | 000,000,525 | ---- | M] () -- C:\Users\CZechBoY\Desktop\killer.vbs
[2010.11.21 21:55:06 | 000,000,432 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010.11.21 21:48:01 | 000,001,471 | ---- | M] () -- C:\Users\CZechBoY\Desktop\jabko_private.ppk
[2010.11.21 21:47:51 | 000,000,457 | ---- | M] () -- C:\Users\CZechBoY\Desktop\jabko_public
[2010.11.21 21:46:21 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Users\CZechBoY\Desktop\puttygen.exe
[2010.11.19 10:41:02 | 000,000,110 | ---- | M] () -- C:\Windows\GMouse.ini
[2010.11.18 20:19:24 | 000,246,272 | ---- | M] () -- C:\Users\CZechBoY\Desktop\Gmouse.exe
[2010.11.18 14:38:39 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010.11.18 14:38:37 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2010.11.09 17:56:28 | 000,936,362 | ---- | M] () -- C:\Users\CZechBoY\Desktop\lfs klavesnice.png
[2010.11.09 13:27:41 | 000,001,025 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
========== Files Created - No Company Name ==========
[2010.12.08 16:09:13 | 000,002,979 | ---- | C] () -- C:\Users\CZechBoY\Desktop\HiJackThis.lnk
[2010.12.07 21:54:26 | 000,000,836 | ---- | C] () -- C:\Users\CZechBoY\.recently-used.xbel
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2010.12.07 21:38:22 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2010.11.30 15:10:53 | 000,000,694 | ---- | C] () -- C:\Users\CZechBoY\Desktop\NetTools.lnk
[2010.11.30 15:10:50 | 000,809,345 | ---- | C] () -- C:\Windows\SysWow64\nmap-os-fingerprints
[2010.11.30 15:10:50 | 000,557,444 | ---- | C] () -- C:\Windows\SysWow64\nmap-service-probes
[2010.11.30 15:10:50 | 000,482,123 | ---- | C] () -- C:\Windows\SysWow64\nmapwin.chm
[2010.11.30 15:10:50 | 000,452,096 | ---- | C] () -- C:\Windows\SysWow64\nmap.exe
[2010.11.30 15:10:50 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\nmapserv.exe
[2010.11.30 15:10:50 | 000,225,546 | ---- | C] () -- C:\Windows\SysWow64\nmap-mac-prefixes
[2010.11.30 15:10:50 | 000,192,007 | ---- | C] () -- C:\Windows\SysWow64\CHANGELOG
[2010.11.30 15:10:50 | 000,108,536 | ---- | C] () -- C:\Windows\SysWow64\nmap-services
[2010.11.30 15:10:50 | 000,025,611 | ---- | C] () -- C:\Windows\SysWow64\COPYING
[2010.11.30 15:10:50 | 000,021,552 | ---- | C] () -- C:\Windows\SysWow64\nmap.xsl
[2010.11.30 15:10:50 | 000,017,955 | ---- | C] () -- C:\Windows\SysWow64\nmap-rpc
[2010.11.30 15:10:50 | 000,006,318 | ---- | C] () -- C:\Windows\SysWow64\nmap-protocols
[2010.11.30 15:10:50 | 000,000,192 | ---- | C] () -- C:\Windows\SysWow64\nmap_performance.reg
[2010.11.30 15:10:45 | 000,010,348 | ---- | C] () -- C:\Windows\SysWow64\SubclassingSink.tlb
[2010.11.27 20:15:26 | 000,053,248 | ---- | C] () -- C:\Users\CZechBoY\Desktop\AutoClick.exe
[2010.11.24 21:19:18 | 000,010,963 | ---- | C] () -- C:\Users\CZechBoY\Desktop\WinSCP.ini
[2010.11.24 20:52:08 | 000,000,600 | ---- | C] () -- C:\Users\CZechBoY\AppData\Roaming\winscp.rnd
[2010.11.24 15:34:45 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.11.21 22:01:05 | 000,000,525 | ---- | C] () -- C:\Users\CZechBoY\Desktop\killer.vbs
[2010.11.21 21:48:01 | 000,001,471 | ---- | C] () -- C:\Users\CZechBoY\Desktop\jabko_private.ppk
[2010.11.21 21:47:51 | 000,000,457 | ---- | C] () -- C:\Users\CZechBoY\Desktop\jabko_public
[2010.11.18 20:20:01 | 000,000,110 | ---- | C] () -- C:\Windows\GMouse.ini
[2010.11.18 20:19:21 | 000,246,272 | ---- | C] () -- C:\Users\CZechBoY\Desktop\Gmouse.exe
[2010.11.11 22:38:48 | 000,031,232 | ---- | C] () -- C:\Windows\SysNative\VNCpm.dll
[2010.11.09 17:56:25 | 000,936,362 | ---- | C] () -- C:\Users\CZechBoY\Desktop\lfs klavesnice.png
[2010.11.09 13:27:41 | 000,001,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
[2010.11.07 22:41:20 | 000,000,321 | ---- | C] () -- C:\Windows\WpePro_0delay.INI
[2010.11.03 16:26:10 | 000,000,600 | ---- | C] () -- C:\Users\CZechBoY\AppData\Local\PUTTY.RND
[2010.10.14 09:40:12 | 001,600,262 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.13 19:00:59 | 000,000,800 | ---- | C] () -- C:\Users\CZechBoY\AppData\Local\SRDownloader.nast
[2010.10.13 18:56:00 | 000,000,889 | ---- | C] () -- C:\Users\CZechBoY\AppData\Local\SRDownloader.err
[2010.10.13 17:47:35 | 000,003,497 | ---- | C] () -- C:\Windows\WINCMD.INI
[2010.10.13 16:33:05 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.08.25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.08.25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[1993.07.23 18:31:02 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll
========== LOP Check ==========
[2010.11.07 23:14:37 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Colasoft MAC Scanner
[2010.12.08 20:01:38 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Desktop Sidebar
[2010.12.07 15:42:04 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\FileZilla
[2010.10.22 20:44:17 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Foxit Software
[2010.11.18 20:17:49 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\GetRightToGo
[2010.12.07 21:38:22 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\GHISLER
[2010.10.13 17:01:30 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\IrfanView
[2010.11.18 15:17:11 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\NumusAutoDiskBuilder
[2010.10.13 16:40:51 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Opera
[2010.10.13 17:35:43 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\QIP
[2010.11.18 07:45:25 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\TeamViewer
[2010.10.22 20:53:24 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Transcend
[2010.11.01 01:13:19 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\TweakNow PowerPack 2010
[2010.12.08 20:07:58 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\uTorrent
[2010.10.20 18:13:15 | 000,000,000 | ---D | M] -- C:\Users\CZechBoY\AppData\Roaming\Zoner
[2009.07.14 06:08:49 | 000,008,954 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
PHP, Nette, MySQL, C#, TypeScript, Python
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
-
CZechBoY
- Master Level 9.5
- Příspěvky: 8813
- Registrován: srpen 08
- Bydliště: Brno
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: [HJT] Log mého PC +
OTL Extras logfile created on: 8.12.2010 20:06:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\CZechBoY\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,25 Gb Total Space | 16,32 Gb Free Space | 43,81% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 4,94 Gb Free Space | 25,31% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 41,33 Gb Free Space | 84,64% Space Free | Partition Type: NTFS
Drive F: | 164,51 Gb Total Space | 19,24 Gb Free Space | 11,69% Space Free | Partition Type: NTFS
Computer Name: MNO | User Name: CZechBoY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- F:\Programy(x86)\Opera\opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- F:\Programy(x86)\Opera\opera.exe (Opera Software)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "F:\Programy(x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "F:\Programy(x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "F:\Programy(x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\Programy(x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "F:\Programy(x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "F:\Programy(x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "F:\Programy(x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\Programy(x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{3DDACE1F-3B1E-D6AB-CD3D-B6E987511945}" = ATI Catalyst Install Manager
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{8027B1DD-D875-4315-8FE9-B2CFDD1BB8F1}" = O&O Defrag Professional
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BD430C50-784F-32CD-87E7-A8C47EE6107F}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{EAFC065C-0576-4DE9-8FDB-4D943367506E}" = Oracle VM VirtualBox 3.2.10
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"{FD53298A-4734-AFCB-B733-4C07776E589E}" = ccc-utility64
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"RealVNC_is1" = VNC Enterprise Edition E4.5.4
"VNCMirror_is1" = VNC Mirror Driver 1.8.0
"VNCPrinter_is1" = VNC Printer Driver 1.6.0
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{179C91E9-D9ED-D5CC-F0D8-9579DBDED8D6}" = CCC Help English
"{1EE9BBA1-312F-4EC0-9DEA-A8FE22BBABAA}_is1" = 20Dollars2Surf 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A389F44-8E35-49C8-9359-839A2B7550F5}" = Desktop Sidebar
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{5FD88490-011C-4DF1-B886-F298D955171B}" = MySQL Connector Net 6.3.5
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6C8B53B9-41EE-AD83-007A-55EE64DE6932}" = Catalyst Control Center Graphics Previews Common
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92D7264-1A13-45BE-B769-88445DD04FD6}" = Desktop Sidebar
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF5DE1DD-F7E6-694D-1E82-84C7C9C9ABDB}" = Catalyst Control Center Graphics Previews Vista
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F71E7762-8A64-AECC-0917-DA51677041CF}" = Catalyst Control Center InstallProxy
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{F9D65BA1-84C5-B4CB-91FE-D68F07ECBA24}" = ccc-core-static
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Premium Security Suite
"Firefox Preloader_is1" = Firefox Preloader
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NetTools_is1" = NetTools 5.0
"PSPad editor_is1" = PSPad editor
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 5" = TeamViewer 5
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"TweakNow PowerPack 2010_is1" = TweakNow PowerPack 2010
"UltraISO_is1" = UltraISO Premium V9.36
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.5
"QIP Infium" = QIP Infium 3.0.9040
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8.12.2010 15:09:13 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:14 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:15 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:16 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:17 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:18 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:19 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:20 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:21 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:22 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
[ System Events ]
Error - 8.12.2010 15:00:49 | Computer Name = MNO | Source = Service Control Manager | ID = 7024
Description = Služba Bonjour Service ukončena s chybou %%-1, specifickou pro službu.
Error - 8.12.2010 15:01:01 | Computer Name = MNO | Source = Service Control Manager | ID = 7000
Description = Služba TeamViewer 5 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 8.12.2010 15:02:52 | Computer Name = MNO | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (20:01:43, ?8.?12.?2010) bylo neočekávané.
Error - 8.12.2010 15:03:00 | Computer Name = MNO | Source = Service Control Manager | ID = 7024
Description = Služba Bonjour Service ukončena s chybou %%-1, specifickou pro službu.
Error - 8.12.2010 15:03:03 | Computer Name = MNO | Source = Service Control Manager | ID = 7000
Description = Služba TeamViewer 5 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 8.12.2010 15:04:53 | Computer Name = MNO | Source = Service Control Manager | ID = 7022
Description = Služba SAMSUNG AllShare Service přestala během spouštění reagovat.
Error - 8.12.2010 15:04:53 | Computer Name = MNO | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: CSN5PDTS82 CSN5PDTS82x64
Error - 8.12.2010 15:05:05 | Computer Name = MNO | Source = Service Control Manager | ID = 7030
Description = Služba LogMeIn Hamachi 2.0 Tunneling Engine je označena jako interaktivní
služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní
služby. Tato služba nebude fungovat správně.
Error - 8.12.2010 15:05:05 | Computer Name = MNO | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi 2.0 Tunneling Engine
bylo dosaženo časového limitu (30000 ms).
Error - 8.12.2010 15:05:05 | Computer Name = MNO | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi 2.0 Tunneling Engine neuspěla při spuštění
v důsledku následující chyby: %%1053
< End of report >
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\CZechBoY\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,25 Gb Total Space | 16,32 Gb Free Space | 43,81% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 4,94 Gb Free Space | 25,31% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 41,33 Gb Free Space | 84,64% Space Free | Partition Type: NTFS
Drive F: | 164,51 Gb Total Space | 19,24 Gb Free Space | 11,69% Space Free | Partition Type: NTFS
Computer Name: MNO | User Name: CZechBoY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- F:\Programy(x86)\Opera\opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- F:\Programy(x86)\Opera\opera.exe (Opera Software)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "F:\Programy(x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "F:\Programy(x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "F:\Programy(x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\Programy(x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "F:\Programy(x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "F:\Programy(x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "F:\Programy(x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\Programy(x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{3DDACE1F-3B1E-D6AB-CD3D-B6E987511945}" = ATI Catalyst Install Manager
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{8027B1DD-D875-4315-8FE9-B2CFDD1BB8F1}" = O&O Defrag Professional
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BD430C50-784F-32CD-87E7-A8C47EE6107F}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{EAFC065C-0576-4DE9-8FDB-4D943367506E}" = Oracle VM VirtualBox 3.2.10
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"{FD53298A-4734-AFCB-B733-4C07776E589E}" = ccc-utility64
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"RealVNC_is1" = VNC Enterprise Edition E4.5.4
"VNCMirror_is1" = VNC Mirror Driver 1.8.0
"VNCPrinter_is1" = VNC Printer Driver 1.6.0
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{179C91E9-D9ED-D5CC-F0D8-9579DBDED8D6}" = CCC Help English
"{1EE9BBA1-312F-4EC0-9DEA-A8FE22BBABAA}_is1" = 20Dollars2Surf 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A389F44-8E35-49C8-9359-839A2B7550F5}" = Desktop Sidebar
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{5FD88490-011C-4DF1-B886-F298D955171B}" = MySQL Connector Net 6.3.5
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6C8B53B9-41EE-AD83-007A-55EE64DE6932}" = Catalyst Control Center Graphics Previews Common
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92D7264-1A13-45BE-B769-88445DD04FD6}" = Desktop Sidebar
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF5DE1DD-F7E6-694D-1E82-84C7C9C9ABDB}" = Catalyst Control Center Graphics Previews Vista
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F71E7762-8A64-AECC-0917-DA51677041CF}" = Catalyst Control Center InstallProxy
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{F9D65BA1-84C5-B4CB-91FE-D68F07ECBA24}" = ccc-core-static
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Premium Security Suite
"Firefox Preloader_is1" = Firefox Preloader
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NetTools_is1" = NetTools 5.0
"PSPad editor_is1" = PSPad editor
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 5" = TeamViewer 5
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"TweakNow PowerPack 2010_is1" = TweakNow PowerPack 2010
"UltraISO_is1" = UltraISO Premium V9.36
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.5
"QIP Infium" = QIP Infium 3.0.9040
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8.12.2010 15:09:13 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:14 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:15 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:16 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:17 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:18 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:19 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:20 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:21 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
Error - 8.12.2010 15:09:22 | Computer Name = MNO | Source = PerfOS | ID = 2011
Description =
[ System Events ]
Error - 8.12.2010 15:00:49 | Computer Name = MNO | Source = Service Control Manager | ID = 7024
Description = Služba Bonjour Service ukončena s chybou %%-1, specifickou pro službu.
Error - 8.12.2010 15:01:01 | Computer Name = MNO | Source = Service Control Manager | ID = 7000
Description = Služba TeamViewer 5 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 8.12.2010 15:02:52 | Computer Name = MNO | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (20:01:43, ?8.?12.?2010) bylo neočekávané.
Error - 8.12.2010 15:03:00 | Computer Name = MNO | Source = Service Control Manager | ID = 7024
Description = Služba Bonjour Service ukončena s chybou %%-1, specifickou pro službu.
Error - 8.12.2010 15:03:03 | Computer Name = MNO | Source = Service Control Manager | ID = 7000
Description = Služba TeamViewer 5 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 8.12.2010 15:04:53 | Computer Name = MNO | Source = Service Control Manager | ID = 7022
Description = Služba SAMSUNG AllShare Service přestala během spouštění reagovat.
Error - 8.12.2010 15:04:53 | Computer Name = MNO | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: CSN5PDTS82 CSN5PDTS82x64
Error - 8.12.2010 15:05:05 | Computer Name = MNO | Source = Service Control Manager | ID = 7030
Description = Služba LogMeIn Hamachi 2.0 Tunneling Engine je označena jako interaktivní
služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní
služby. Tato služba nebude fungovat správně.
Error - 8.12.2010 15:05:05 | Computer Name = MNO | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi 2.0 Tunneling Engine
bylo dosaženo časového limitu (30000 ms).
Error - 8.12.2010 15:05:05 | Computer Name = MNO | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi 2.0 Tunneling Engine neuspěla při spuštění
v důsledku následující chyby: %%1053
< End of report >
PHP, Nette, MySQL, C#, TypeScript, Python
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: [HJT] Log mého PC +
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\DRIVERS\nlndis.sys File not found
DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\DRIVERS\nlndis.sys File not found
DRV:64bit: - (CSN5PDTS82x64) -- C:\Windows\SysNative\Drivers\CSN5PDTS82x64.sys File not found
DRV:64bit: - (CSN5PDTS82) -- C:\Windows\SysNative\Drivers\CSN5PDTS82.sys File not found
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
[2010.11.29 17:14:04 | 000,666,168 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.11.29 17:14:04 | 000,651,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.29 17:14:04 | 000,139,574 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.11.29 17:14:04 | 000,120,554 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Windows\XSxS
C:\Windows\SysNative\drivers\etc\hosts.ics
:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
CZechBoY
- Master Level 9.5
- Příspěvky: 8813
- Registrován: srpen 08
- Bydliště: Brno
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: [HJT] Log mého PC +
nenapsal si že bude něco chtít dělat s HOSTS souborem, já ho mám zamčenej přes Aviru :-)
log:
log:
All processes killed
Error: Unable to interpret <[resethosts]> in the current context!
Error: Unable to interpret <[purity]> in the current context!
Error: Unable to interpret <[emptytemp]> in the current context!
Error: Unable to interpret <[EMPTYFLASH]> in the current context!
Error: Unable to interpret <[start explorer]> in the current context!
Error: Unable to interpret <[Reboot]> in the current context!
OTL by OldTimer - Version 3.2.17.3 log created on 12182010_024719
Files\Folders moved on Reboot...
C:\Windows\System32\drivers\etc\Hosts moved successfully.
Registry entries deleted on Reboot...
PHP, Nette, MySQL, C#, TypeScript, Python
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
IntelliJ Idea, Docker, Opera browser, Linux Mint
iPhone XS
Raspberry PI 3 (KODI, Raspbian)
XBox One S, PS 4, nVidia GeForce NOW
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: [HJT] Log mého PC +
Tak ho musíš otevřít , je tam nákaza , pak to zkus znovu , celý script.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 118 hostů