prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 30 srp 2011 22:51

Tak můžeš smazat:
c:\windows\system32\drivers\cnnctfy2.sys

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)



Zvážil bych i odinstalaci:
IObit\Advanced SystemCare 4
či Windows Doctor ,
dělají spíš neplechu v registrech než pomáhají.

Pak zkus přeinstalovat ten zvuk ap. , pak napiš jak je to s těmi problémy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Reklama
Top
Tavare
Level 1
Level 1
Příspěvky: 64
Registrován: květen 10
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Tavare » 31 srp 2011 21:12

seká se průzkumník a zvuk pořád nejede asi budu muset reinstall...že?
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 31 srp 2011 21:45

s reinstalem bych ještě počkal...

Přeinstaluj ovladače a program ke zvukové kartě.

Jak se seká průzkumník? že to trvá dlouho?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Tavare
Level 1
Level 1
Příspěvky: 64
Registrován: květen 10
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Tavare » 01 zář 2011 09:10

když zpustím třeba ovládací panely tak se sekne, po delší době tj. 5min. pak systém hledá řešení a pak se systém zeptá jestli mám průzkumníka restartovat..po restartu je chvíli vpohodě a potom to samé.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 01 zář 2011 10:31

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Tavare
Level 1
Level 1
Příspěvky: 64
Registrován: květen 10
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Tavare » 01 zář 2011 11:23

----------------------------------------------------------------------------
CrystalDiskInfo 4.0.2 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x86)
Date : 2011/09/01 11:23:07

-- Controller Map ----------------------------------------------------------

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-22ZCT0 : 320.0 GB [0-X-X, pd1]

----------------------------------------------------------------------------
(1) WDC WD3200BEVT-22ZCT0
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-22ZCT0
Firmware : 11.01A11
Serial Number : WD-WXE708N78864
Disk Size : 320.0 GB (8.4/137.4/320.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 6043 hod.
Power On Count : 3072 krát
Temparature : 50 C (122 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 00000000000D Počet chyb čtení
03 188 185 _21 00000000062F Čas na roztočení ploten
04 _96 _96 __0 000000001032 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _92 _92 __0 00000000179B Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000C00 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000073 Počet vypnutí disku
C1 154 154 __0 000000022562 Počet cyklů načítání/vymazání
C2 _97 _84 __0 000000000032 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 58 45 37
020: 30 38 4E 37 38 38 36 34 00 00 40 00 00 32 31 31
030: 2E 30 31 41 31 31 57 44 43 20 57 44 33 32 30 30
040: 42 45 56 54 2D 32 32 5A 43 54 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 4C 00 40
0A0: 01 FE 00 00 74 6B 7F 09 61 63 74 69 BC 09 61 63
0B0: 20 7F 00 33 00 33 00 80 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 EA B0 25 42 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E0 00 BE BB 3A
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 9E 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 15 18 00 00 00 00 00 00 00 00 10 0E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A9 A5
Nahoru
Tavare
Level 1
Level 1
Příspěvky: 64
Registrován: květen 10
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Tavare » 01 zář 2011 11:34

myslím že je problém někde ve smazaných registrech...používal jsem RevoUninst. a nedávno se mi nějak sekl a před mazáním nevytvořil zálohu a mazal jsem nějaké prográmky...tak jsem toho možná smazal víc než bylo třeba.....:/
memtest běží potom sem hodim log
jinak jsem se díval a některé služby jsou zastaveny a nejdou spustit.....jde nějak ve win 7 nastavit default na spouštění systémových služeb???
Nahoru
Tavare
Level 1
Level 1
Příspěvky: 64
Registrován: květen 10
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Tavare » 01 zář 2011 11:36

ps...oprava hodim sem log z toho OTL až ukončím ten memtest :)
Nahoru
Tavare
Level 1
Level 1
Příspěvky: 64
Registrován: květen 10
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Tavare » 02 zář 2011 12:52

mem test ok

log OTL.txt:
kOTL logfile created on: 2.9.2011 7:52:12 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Orinoco\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,35% Memory free
5,00 Gb Paging File | 4,20 Gb Available in Paging File | 84,04% Paging File free
Paging file location(s): c:\pagefile.sys 3069 3069 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 94,43 Gb Free Space | 65,56% Space Free | Partition Type: NTFS
Drive D: | 137,50 Gb Total Space | 9,79 Gb Free Space | 7,12% Space Free | Partition Type: NTFS
Drive F: | 3,54 Gb Total Space | 0,46 Gb Free Space | 12,98% Space Free | Partition Type: NTFS

Computer Name: ORINOCO-PC | User Name: Orinoco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Orinoco\AppData\Local\temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Users\Orinoco\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
PRC - C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe (Uniblue Systems Limited)
PRC - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Windows\System32\vcsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Program Files\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)
PRC - C:\Program Files\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
PRC - C:\Program Files\Acer Bio Protection\CompPtcVUI.exe (Egis Technology Inc.)
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Windows\System32\ac3filter.acm ()


========== Win32 Services (SafeList) ==========

SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AdvancedSystemCareService) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (iprip) -- C:\Windows\System32\iprip.dll (Microsoft Corporation)
SRV - (vcsFPService) -- C:\Windows\System32\vcsFPService.exe (Validity Sensors, Inc.)
SRV - (IGBASVC) -- C:\Program Files\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)
SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (DfSdkS) -- C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe (mst software GmbH, Germany)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (CLHNService) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (SmartDefragDriver) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys ()
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (vmbus) -- C:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NETwLv32) Ovladač adaptéru řady Intel(R) -- C:\Windows\System32\drivers\NETwLv32.sys (Intel Corporation)
DRV - (netw5v32) Ovladač adaptéru Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (epfwwfpr) -- C:\Windows\System32\drivers\epfwwfpr.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\Windows\System32\drivers\eamon.sys (ESET)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E62x86.sys (Atheros Communications, Inc.)
DRV - (Serial) -- C:\Windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (NTIPPKernel) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (DCamUSBSTK02N) -- C:\Windows\System32\drivers\STK02NW2.sys (Syntek Ltd.)
DRV - (BTCAMDRV) -- C:\Windows\System32\drivers\BTCamDrv.sys (Windows (R) 2000 DDK provider)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3A E3 29 4D 5B BD CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: plugin2@gameplaylabs.com:2.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p="

FF - user.js..browser.search.openintab: false

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Orinoco\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Orinoco\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Orinoco\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.25 19:56:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.03 11:41:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.02.06 15:19:51 | 000,000,000 | ---D | M]

[2010.03.07 18:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Extensions
[2010.03.07 18:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.08.11 20:05:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Firefox\Profiles\el775hdk.default\extensions
[2010.03.28 14:08:22 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Firefox\Profiles\el775hdk.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2011.03.25 20:09:03 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Firefox\Profiles\el775hdk.default\extensions\plugin2@gameplaylabs.com
[2011.08.21 09:17:20 | 000,001,056 | ---- | M] () -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Firefox\Profiles\el775hdk.default\searchplugins\icqplugin.xml
[2010.04.12 14:01:50 | 000,005,495 | ---- | M] () -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Firefox\Profiles\el775hdk.default\searchplugins\SearchquWebSearch.xml
[2011.07.20 19:44:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.06.25 19:56:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.06.10 10:54:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.07.20 19:44:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.07.03 19:46:09 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011.07.03 19:46:09 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
() (No name found) -- C:\USERS\ORINOCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EL775HDK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.06.25 19:56:43 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.04.10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2006.10.26 21:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2010.04.04 01:43:36 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2010.03.19 18:00:45 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2010.03.19 18:00:45 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2010.03.19 18:00:45 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2010.03.19 18:00:45 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2010.03.19 18:00:45 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2010.03.19 18:00:45 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2010.03.19 18:00:45 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2011.06.25 19:56:45 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011.06.25 19:56:45 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.06.25 19:56:45 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.22 11:29:18 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.04.12 14:01:50 | 000,005,495 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml
[2011.06.25 19:56:45 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.06.25 19:56:45 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.06.25 19:56:45 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
[2011.06.24 16:38:46 | 000,000,846 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2011.08.30 14:35:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [RTHDVCPL] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9F844D6-93FA-49FE-9BF7-73369D61E45D}: DhcpNameServer = 10.10.10.250
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Nahoru
Tavare
Level 1
Level 1
Příspěvky: 64
Registrován: květen 10
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Tavare » 02 zář 2011 12:53

========== Files/Folders - Created Within 30 Days ==========

[2011.09.01 17:44:34 | 000,290,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTKVADDA.EXE
[2011.09.01 17:43:34 | 001,777,664 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2011.09.01 17:43:34 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2011.09.01 17:43:34 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2011.09.01 17:43:33 | 000,547,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2011.09.01 17:43:33 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2011.09.01 17:43:33 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2011.09.01 17:43:32 | 001,206,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2011.09.01 17:43:31 | 002,167,840 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2011.09.01 17:43:31 | 000,805,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2011.09.01 17:43:31 | 000,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2011.09.01 17:43:31 | 000,040,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2011.09.01 17:43:30 | 006,265,376 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2011.09.01 17:43:30 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2011.09.01 17:43:30 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2011.09.01 17:43:30 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2011.09.01 17:43:28 | 000,143,360 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll
[2011.09.01 17:43:26 | 000,319,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011.09.01 17:41:28 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\Desktop\Audio_Realtek_6.0.1.5683_Win7x86x64_AS6920G
[2011.09.01 11:22:27 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\AppData\Roaming\Uniblue
[2011.09.01 11:22:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011.09.01 11:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011.09.01 11:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2011.09.01 11:21:45 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\AppData\Roaming\OpenCandy
[2011.09.01 11:21:44 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2011.08.31 21:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011.08.31 20:11:07 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\Desktop\backups
[2011.08.30 22:19:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.08.30 16:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2011.08.30 16:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2011.08.30 14:39:59 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\AppData\Local\temp
[2011.08.30 14:18:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.08.30 14:18:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.08.30 14:18:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.08.30 14:18:46 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.08.30 14:18:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.08.30 08:54:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2011.08.30 08:54:04 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2011.08.30 08:54:02 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2011.08.30 08:54:01 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2011.08.30 08:54:01 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2011.08.30 08:53:56 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2011.08.30 08:53:56 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2011.08.30 08:53:56 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2011.08.30 08:53:56 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2011.08.30 08:53:55 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2011.08.30 08:53:55 | 001,501,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2011.08.30 08:53:55 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2011.08.30 08:53:55 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2011.08.30 08:53:55 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2011.08.30 08:53:55 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2011.08.30 08:53:55 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2011.08.30 08:53:55 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2011.08.30 08:53:54 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2011.08.30 08:53:54 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2011.08.30 08:53:53 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2011.08.30 08:53:53 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2011.08.30 08:53:43 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2011.08.30 08:53:43 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2011.08.30 08:53:43 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2011.08.30 08:53:43 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2011.08.30 08:53:43 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2011.08.30 08:53:43 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2011.08.30 08:53:42 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2011.08.30 08:53:42 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2011.08.30 08:53:42 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2011.08.30 08:53:42 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2011.08.30 08:53:42 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2011.08.30 08:53:42 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2011.08.30 08:53:42 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2011.08.30 08:53:42 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2011.08.30 08:53:41 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2011.08.30 08:53:38 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2011.08.30 08:53:38 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2011.08.30 08:49:59 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\AppData\Local\Adobe
[2011.08.30 07:48:19 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2011.08.29 17:31:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Doctor
[2011.08.29 17:10:54 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Orinoco\Desktop\HijackThis.exe
[2011.08.29 14:56:33 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2011.08.29 14:17:04 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2011.08.29 14:17:03 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2011.08.29 14:17:02 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2011.08.29 14:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2011.08.29 14:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2011.08.29 11:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.08.28 22:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.08.28 22:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.08.28 22:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011.08.28 19:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Cyberlink
[2011.08.28 04:04:21 | 000,000,000 | -H-D | C] -- C:\Windows\System32\WLANProfiles
[2011.08.28 04:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2011.08.27 20:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011.08.27 12:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MarySoft
[2011.08.27 12:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\MarySoft
[2011.08.26 12:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Mobility
[2011.08.24 10:02:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.08.22 10:19:10 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\AppData\Roaming\Mirillis
[2011.08.22 10:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Mirillis
[2011.08.22 10:19:08 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\AppData\Local\Mirillis
[2011.08.21 22:33:44 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011.08.21 22:29:18 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\AppData\Roaming\DVDFab
[2011.08.19 22:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011.08.19 22:00:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2011.08.19 22:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola
[2011.08.11 03:14:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.08.11 03:14:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.08.11 03:14:25 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.08.11 03:14:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.08.11 03:14:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.08.11 01:57:53 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.08.11 01:57:47 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.08.11 01:57:15 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011.08.11 01:57:15 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.08.11 01:57:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011.08.11 01:57:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.11 01:57:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.11 01:57:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011.08.11 01:57:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011.08.11 01:57:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.11 01:57:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011.08.11 01:57:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.11 01:57:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.11 01:57:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.11 01:57:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011.08.11 01:57:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011.08.11 01:57:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.11 01:57:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011.08.11 01:57:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.11 01:57:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011.08.11 01:57:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011.08.11 01:57:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.11 01:57:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.11 01:57:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011.08.11 01:57:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.11 01:57:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.11 01:57:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.11 01:57:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.11 01:57:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011.08.11 01:57:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011.08.11 01:57:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011.08.11 01:57:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011.08.11 01:57:02 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011.08.11 01:57:02 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2011.08.11 01:57:01 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011.08.11 01:57:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011.08.11 01:57:00 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011.08.10 22:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AV DVD Player Morpher
[2011.08.10 15:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011.08.05 15:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
[2011.08.03 11:40:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2011.08.03 11:16:30 | 000,000,000 | ---D | C] -- C:\Users\Orinoco\AppData\Roaming\ZipGenius
[2011.08.03 11:16:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZipGenius 6
[2011.08.03 11:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\ZipGenius 6
[2010.07.30 17:50:47 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Orinoco\AppData\Roaming\pcouffin.sys
[2010.02.04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.09.02 07:51:04 | 000,027,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.02 07:51:04 | 000,027,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.02 07:50:04 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-898472993-1252619046-1967421820-1001UA.job
[2011.09.02 07:43:59 | 000,000,436 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011.09.02 07:43:34 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2011.09.02 07:43:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.01 18:23:35 | 000,664,858 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.09.01 18:23:35 | 000,646,972 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.01 18:23:35 | 000,132,578 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.09.01 18:23:35 | 000,114,596 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.01 17:52:33 | 000,001,045 | ---- | M] () -- C:\Users\Orinoco\Desktop\OTL – zástupce.lnk
[2011.09.01 17:43:36 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2011.09.01 17:43:26 | 000,319,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011.09.01 17:40:38 | 000,000,952 | ---- | M] () -- C:\Users\Orinoco\AppData\Roaming\mainhst.zgh
[2011.09.01 11:22:26 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2011.09.01 11:21:47 | 000,001,930 | ---- | M] () -- C:\Users\Orinoco\Desktop\CrystalDiskInfo.lnk
[2011.08.31 21:38:49 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.08.31 21:38:49 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.08.31 20:50:01 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-898472993-1252619046-1967421820-1001Core.job
[2011.08.31 20:24:40 | 003,775,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.08.31 19:43:43 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.30 16:56:27 | 000,001,076 | ---- | M] () -- C:\Users\Orinoco\Desktop\EVEREST Home Edition.lnk
[2011.08.30 14:35:22 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.08.30 08:07:24 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini
[2011.08.29 17:10:58 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Orinoco\Desktop\HijackThis.exe
[2011.08.29 14:56:33 | 000,000,997 | ---- | M] () -- C:\Users\Orinoco\Desktop\KMPlayer.lnk
[2011.08.29 14:17:31 | 000,000,028 | ---- | M] () -- C:\Windows\Lic.xxx
[2011.08.29 14:17:03 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2011.08.29 14:17:02 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2011.08.29 14:17:01 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2011.08.28 22:18:32 | 000,001,220 | ---- | M] () -- C:\Users\Orinoco\Desktop\Spybot - Search & Destroy.lnk
[2011.08.28 17:10:30 | 000,227,328 | ---- | M] () -- C:\Users\Orinoco\AppData\Roaming\chrtmp
[2011.08.27 12:56:00 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Maryfi.lnk
[2011.08.27 11:52:26 | 000,001,038 | ---- | M] () -- C:\Windows\System32\ConfigStore.config
[2011.08.27 01:42:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2011.08.27 01:42:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2011.08.27 01:41:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2011.08.27 01:40:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.08.27 01:39:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2011.08.27 01:39:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2011.08.27 01:39:33 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_motusbdevice_01007.Wdf
[2011.08.16 16:57:40 | 001,501,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2011.08.15 18:41:19 | 000,007,607 | ---- | M] () -- C:\Users\Orinoco\AppData\Local\Resmon.ResmonCfg
[2011.08.10 23:57:29 | 000,000,000 | ---- | M] () -- C:\Windows\VDVD.INI
[2011.08.10 23:57:29 | 000,000,000 | ---- | M] () -- C:\Windows\Cover.INI
[2011.08.10 23:57:29 | 000,000,000 | ---- | M] () -- C:\Windows\avvcnvrt.INI
[2011.08.10 23:57:28 | 000,000,187 | ---- | M] () -- C:\Windows\VMorpher.INI
[2011.08.10 22:17:41 | 000,000,029 | ---- | M] () -- C:\Windows\AVFTP.INI
[2011.08.10 22:02:53 | 000,000,084 | ---- | M] () -- C:\Users\Orinoco\AppData\Roaming\AVSDVDPlayer.m3u
[2011.08.10 20:22:35 | 000,001,057 | ---- | M] () -- C:\Users\Orinoco\AppData\Roaming\vso_ts_preview.xml
[2011.08.10 15:32:51 | 000,001,628 | ---- | M] () -- C:\Users\Orinoco\Desktop\JDownloader.lnk
[2011.08.06 01:39:44 | 000,413,696 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2011.08.06 01:39:44 | 000,390,656 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2011.08.06 01:39:44 | 000,327,168 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2011.08.05 15:53:40 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\Video Search.lnk
[2011.08.05 15:53:35 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2011.08.03 11:16:12 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\ZipGenius 6.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.09.01 17:52:33 | 000,001,045 | ---- | C] () -- C:\Users\Orinoco\Desktop\OTL – zástupce.lnk
[2011.09.01 17:44:49 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss
[2011.09.01 17:43:35 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2011.09.01 11:22:31 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\DriverScanner.job
[2011.09.01 11:22:26 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2011.09.01 11:21:47 | 000,001,930 | ---- | C] () -- C:\Users\Orinoco\Desktop\CrystalDiskInfo.lnk
[2011.08.31 20:22:31 | 003,775,560 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.08.30 16:56:27 | 000,001,076 | ---- | C] () -- C:\Users\Orinoco\Desktop\EVEREST Home Edition.lnk
[2011.08.30 14:18:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.08.30 14:18:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.08.30 14:18:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.08.30 14:18:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.08.30 14:18:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.08.29 14:56:33 | 000,000,997 | ---- | C] () -- C:\Users\Orinoco\Desktop\KMPlayer.lnk
[2011.08.29 14:17:31 | 000,000,028 | ---- | C] () -- C:\Windows\Lic.xxx
[2011.08.29 11:55:21 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.28 22:18:32 | 000,001,220 | ---- | C] () -- C:\Users\Orinoco\Desktop\Spybot - Search & Destroy.lnk
[2011.08.27 12:56:00 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Maryfi.lnk
[2011.08.27 11:33:27 | 000,001,038 | ---- | C] () -- C:\Windows\System32\ConfigStore.config
[2011.08.27 01:42:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2011.08.27 01:42:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2011.08.27 01:41:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2011.08.27 01:40:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.08.27 01:39:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2011.08.27 01:39:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2011.08.27 01:39:33 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_motusbdevice_01007.Wdf
[2011.08.22 10:17:19 | 000,227,328 | ---- | C] () -- C:\Users\Orinoco\AppData\Roaming\chrtmp
[2011.08.10 23:57:29 | 000,000,000 | ---- | C] () -- C:\Windows\VDVD.INI
[2011.08.10 23:57:29 | 000,000,000 | ---- | C] () -- C:\Windows\Cover.INI
[2011.08.10 23:57:29 | 000,000,000 | ---- | C] () -- C:\Windows\avvcnvrt.INI
[2011.08.10 23:57:28 | 000,000,187 | ---- | C] () -- C:\Windows\VMorpher.INI
[2011.08.10 22:17:41 | 000,000,029 | ---- | C] () -- C:\Windows\AVFTP.INI
[2011.08.10 15:32:51 | 000,001,628 | ---- | C] () -- C:\Users\Orinoco\Desktop\JDownloader.lnk
[2011.08.05 15:53:35 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2011.08.03 18:28:21 | 000,000,952 | ---- | C] () -- C:\Users\Orinoco\AppData\Roaming\mainhst.zgh
[2011.08.03 11:16:12 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\ZipGenius 6.lnk
[2011.07.28 21:09:21 | 000,010,680 | ---- | C] () -- C:\Users\Orinoco\AppData\Roaming\NMM-MetaData.db
[2011.07.03 23:14:20 | 000,029,008 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011.07.03 23:14:20 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011.03.23 11:37:15 | 000,000,046 | ---- | C] () -- C:\Windows\System32\DonationCoder_processtamer_InstallInfo.dat
[2011.03.23 11:37:15 | 000,000,046 | ---- | C] () -- C:\Users\Orinoco\AppData\Local\DonationCoder_processtamer_InstallInfo.dat
[2011.03.22 15:44:04 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.03.22 15:41:39 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.03.19 18:46:04 | 000,000,028 | ---- | C] () -- C:\Windows\System32\autoscan.dll
[2010.12.31 01:57:33 | 000,000,420 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.12.12 11:20:21 | 000,000,023 | ---- | C] () -- C:\Windows\sign.ini
[2010.11.18 10:06:05 | 000,000,871 | ---- | C] () -- C:\Windows\QIII.INI
[2010.10.03 16:34:37 | 000,007,607 | ---- | C] () -- C:\Users\Orinoco\AppData\Local\Resmon.ResmonCfg
[2010.08.23 11:11:45 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.07.30 18:55:53 | 000,001,057 | ---- | C] () -- C:\Users\Orinoco\AppData\Roaming\vso_ts_preview.xml
[2010.07.30 17:50:47 | 000,007,887 | ---- | C] () -- C:\Users\Orinoco\AppData\Roaming\pcouffin.cat
[2010.07.30 17:50:47 | 000,001,144 | ---- | C] () -- C:\Users\Orinoco\AppData\Roaming\pcouffin.inf
[2010.07.07 11:45:46 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.06.20 19:18:25 | 000,000,084 | ---- | C] () -- C:\Users\Orinoco\AppData\Roaming\AVSDVDPlayer.m3u
[2010.05.25 19:13:04 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2010.04.10 20:41:36 | 000,066,560 | ---- | C] () -- C:\Windows\MOTA113.exe
[2010.04.10 20:41:34 | 000,217,073 | ---- | C] () -- C:\Windows\meta4.exe
[2010.04.10 20:41:31 | 000,502,784 | ---- | C] () -- C:\Windows\x2.64.exe
[2010.04.10 20:41:30 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.04.10 20:41:27 | 000,240,128 | ---- | C] () -- C:\Windows\System32\x.264.exe
[2010.04.10 20:41:19 | 000,471,552 | ---- | C] () -- C:\Windows\System32\Smab.dll
[2010.03.28 14:07:13 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.03.27 17:53:28 | 000,012,800 | ---- | C] () -- C:\Users\Orinoco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.15 05:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.03.12 12:49:57 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2010.03.07 19:40:12 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2010.03.07 19:40:12 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2010.03.07 19:40:12 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2010.03.07 18:10:26 | 000,021,496 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2009.07.14 10:44:22 | 000,664,858 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 10:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 10:44:22 | 000,132,578 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 10:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:05:48 | 000,646,972 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,114,596 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.09.11 21:01:00 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.09.09 18:38:48 | 000,097,792 | ---- | C] () -- C:\Windows\System32\INT15_64.dll
[2008.05.22 03:46:08 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2007.11.14 17:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2010.03.12 22:25:36 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Acer
[2011.03.23 11:37:15 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\DonationCoder
[2011.08.21 22:29:18 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\DVDFab
[2010.04.19 22:26:40 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Facebook
[2010.06.17 12:56:02 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\FreeCommander
[2010.05.27 13:45:58 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\FTWeak
[2010.03.28 14:17:56 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\GARMIN
[2011.02.05 16:48:42 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\GetRightToGo
[2011.02.05 15:59:16 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\gtk-2.0
[2010.07.11 21:47:22 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\HDRsoft
[2010.03.27 17:53:22 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\HighAndes
[2011.02.19 14:57:51 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\ICQ
[2011.07.03 23:14:21 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\IObit
[2010.03.28 14:09:07 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\LangSoft
[2011.08.22 10:19:10 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Mirillis
[2011.02.05 15:05:17 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Musicmatch
[2011.09.01 11:21:45 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\OpenCandy
[2010.12.24 14:22:48 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Opera
[2011.02.05 15:57:18 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Participatory Culture Foundation
[2010.10.03 13:21:48 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\PC Suite
[2011.03.20 13:26:48 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\PCF-VLC
[2011.06.09 22:43:29 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Samsung
[2010.04.14 13:40:34 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Spider Player
[2010.07.09 11:39:35 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.03.25 23:15:12 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\TuneUp Software
[2011.09.01 11:22:27 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Uniblue
[2010.03.12 12:57:14 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Validity
[2011.08.21 22:32:30 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Vso
[2011.01.25 15:18:16 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Win7codecs
[2011.08.03 18:28:21 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\ZipGenius
[2010.06.14 23:31:12 | 000,000,000 | ---D | M] -- C:\Users\Orinoco\AppData\Roaming\Zoner
[2011.09.02 07:43:34 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2011.08.29 10:44:56 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:9638A27E
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >
Nahoru
Tavare
Level 1
Level 1
Příspěvky: 64
Registrován: květen 10
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Tavare » 02 zář 2011 12:54

log etras.txt:




OTL Extras logfile created on: 2.9.2011 7:52:12 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Orinoco\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,35% Memory free
5,00 Gb Paging File | 4,20 Gb Available in Paging File | 84,04% Paging File free
Paging file location(s): c:\pagefile.sys 3069 3069 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 94,43 Gb Free Space | 65,56% Space Free | Partition Type: NTFS
Drive D: | 137,50 Gb Total Space | 9,79 Gb Free Space | 7,12% Space Free | Partition Type: NTFS
Drive F: | 3,54 Gb Total Space | 0,46 Gb Free Space | 12,98% Space Free | Partition Type: NTFS

Computer Name: ORINOCO-PC | User Name: Orinoco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\WinHlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\WinHlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- Reg Error: Value error.
Directory [Winamp.Enqueue] -- Reg Error: Value error.
Directory [Winamp.Play] -- Reg Error: Value error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4F5CE00D-82D7-4BDB-868E-F5FA2D2740E5}" = Intel Processor Diagnostic Tool
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{62A20ECA-920E-4052-BF77-88C78DD20FAA}" = Validity Sensors DDK
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63CFD835-FF50-4F8B-91CD-5662A8C640F8}" = Photo Transport
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70DC8913-5212-4936-AC8C-B366F55045CF}" = Maryfi - English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78E804CC-A148-4C8F-AD46-0B476EFE34C2}" = Microsoft Image Composite Editor
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zařízení Windows Mobile
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95BF39CE-EFED-4F35-8E14-FF8F7CC617AD}" = O&O PartitionManager Professional
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C538746-C2DC-40FC-B1FB-D4EA7966ABEB}" = Skype™ 5.1
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5C46C83-CF59-4A5F-AD95-AED24DB07D00}" = IObit Toolbar v4.5
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}" = Microsoft Windows Debugging Symbols
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.12.327
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye Webcam
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}" = STK02N 2.3
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.0.3.1150)
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EFA800BF-C5C8-46D1-B49D-13920D05417C}" = ESET NOD32 Antivirus
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}" = Validity Sensors software
"{F6E04BE8-2FA4-44C4-9BD3-142CE3EB15B4}_is1" = GPU Caps Viewer 1.10.0
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Active@ KillDisk FREE Suite" = Active@ KillDisk FREE Suite
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Ashampoo HDD Control_is1" = Ashampoo HDD Control 1.11
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20
"aTube Catcher" = aTube Catcher
"BearShare" = BearShare
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.0.2
"Digital Audio Editor_is1" = Digital Audio Editor v7.6.0.67
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FCleaner_is1" = FCleaner 1.3.1.621
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Free MP3 WMA WAV Converter_is1" = Free MP3 WMA WAV Converter v2.0
"FreeCommander_is1" = FreeCommander 2009.02a
"Game Booster_is1" = Game Booster
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"LManager" = Launch Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"PhotomatixPro3x32_is1" = Photomatix Pro version 3.2.6
"Plus500" = Plus500
"PowerISO" = PowerISO
"Process Tamer_is1" = Process Tamer 2.11.01
"Smart Defrag 2_is1" = Smart Defrag 2
"Spider Player_is1" = Spider Player 2.203
"SUPER ©" = SUPER © Version 2007.bld.22 (Mar 14, 2007)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"tintii" = indii.org/tintii
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Undelete Plus_is1" = Undelete Plus 2.93
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WinMend Registry Cleaner_is1" = WinMend Registry Cleaner 1.5.3
"Winrar 3.92" = Winrar 3.92

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12.3.2011 6:15:41 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Acer\empowering
technology\edatasecurity\x64\eDScsp.exe se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 12.3.2011 6:15:41 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Acer\empowering
technology\edatasecurity\x64\eDSLoader.exe se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 12.3.2011 6:15:41 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Acer\empowering
technology\edatasecurity\x64\eDStbmngr.exe se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 12.3.2011 6:15:41 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Acer\empowering
technology\edatasecurity\x64\eDS_CCPSD.exe se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 13.3.2011 8:43:12 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 13.3.2011 8:43:48 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\freecommander\DelZip179.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\freecommander\DelZip179.dll
na řádku 8. Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error - 13.3.2011 8:44:22 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Samsung\Samsung
PC Studio 7\TIS_VistaPIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 13.3.2011 8:45:15 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Acer\empowering
technology\edatasecurity\x64\eDScsp.exe se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 13.3.2011 8:45:15 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Acer\empowering
technology\edatasecurity\x64\eDSLoader.exe se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 13.3.2011 8:45:15 | Computer Name = Orinoco-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Acer\empowering
technology\edatasecurity\x64\eDStbmngr.exe se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ Media Center Events ]
Error - 29.8.2011 5:42:35 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 11:42:35 - Načtení položky MCESpotlight.cab se nezdařilo. (Chyba:
BITS 0x80040154)

Error - 30.8.2011 2:29:14 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 8:29:14 - Načtení položky MCESpotlight.cab se nezdařilo. (Chyba: BITS
0x80040154)

Error - 31.8.2011 14:32:23 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 20:32:23 - Chyba při připojování k Internetu 20:32:23 - Nelze kontaktovat
server..

Error - 31.8.2011 14:32:37 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 20:32:28 - Chyba při připojování k Internetu 20:32:28 - Nelze kontaktovat
server..

Error - 31.8.2011 15:32:50 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 21:32:50 - Načtení položky MCESpotlight.cab se nezdařilo. (Chyba:
BITS 0x80040154)

Error - 31.8.2011 15:32:52 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 21:32:51 - Načtení položky UpdateableMarkup-2.cab se nezdařilo. (Chyba:
BITS 0x80040154)

Error - 1.9.2011 12:09:43 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 18:09:43 - Načtení položky MCESpotlight.cab se nezdařilo. (Chyba:
BITS 0x80040154)

Error - 1.9.2011 12:09:44 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 18:09:44 - Načtení položky UpdateableMarkup-2.cab se nezdařilo. (Chyba:
BITS 0x80040154)

Error - 1.9.2011 13:10:08 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 19:10:08 - Načtení položky MCESpotlight.cab se nezdařilo. (Chyba:
BITS 0x80040154)

Error - 1.9.2011 13:10:15 | Computer Name = Orinoco-PC | Source = MCUpdate | ID = 0
Description = 19:10:09 - Načtení položky UpdateableMarkup-2.cab se nezdařilo. (Chyba:
BITS 0x80040154)

[ System Events ]
Error - 2.9.2011 1:45:58 | Computer Name = Orinoco-PC | Source = DCOM | ID = 10016
Description =

Error - 2.9.2011 1:45:58 | Computer Name = Orinoco-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba inteligentního přenosu na pozadí závisí na službě Systém
událostí COM+, která neuspěla při spuštění v důsledku následující chyby: %%0

Error - 2.9.2011 1:46:02 | Computer Name = Orinoco-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2.9.2011 1:46:02 | Computer Name = Orinoco-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2.9.2011 1:46:03 | Computer Name = Orinoco-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2.9.2011 1:46:03 | Computer Name = Orinoco-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2.9.2011 1:46:03 | Computer Name = Orinoco-PC | Source = WMPNetworkSvc | ID = 866301
Description =

Error - 2.9.2011 1:46:50 | Computer Name = Orinoco-PC | Source = DCOM | ID = 10016
Description =

Error - 2.9.2011 1:46:50 | Computer Name = Orinoco-PC | Source = DCOM | ID = 10016
Description =

Error - 2.9.2011 1:46:50 | Computer Name = Orinoco-PC | Source = DCOM | ID = 10016
Description =


< End of report >
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 02 zář 2011 15:33

Odinstaluj:
Spigot

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
[2010.03.07 18:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Extensions
[2010.03.07 18:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.04.12 14:01:50 | 000,005,495 | ---- | M] () -- C:\Users\Orinoco\AppData\Roaming\Mozilla\Firefox\Profiles\el775hdk.default\searchplugins\SearchquWebSearch.xml
[2011.07.20 19:44:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.03 19:46:09 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011.07.03 19:46:09 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
() (No name found) -- C:\USERS\ORINOCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EL775HDK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2010.04.12 14:01:50 | 000,005,495 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml
O1 HOSTS File: ([2011.08.30 14:35:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
[2011.09.01 18:23:35 | 000,664,858 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.09.01 18:23:35 | 000,646,972 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.01 18:23:35 | 000,132,578 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.09.01 18:23:35 | 000,114,596 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.30 17:50:47 | 000,007,887 | ---- | C] () -- C:\Users\Orinoco\AppData\Roaming\pcouffin.cat
[2010.07.30 17:50:47 | 000,001,144 | ---- | C] () -- C:\Users\Orinoco\AppData\Roaming\pcouffin.inf
[2009.07.14 10:44:22 | 000,664,858 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 10:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 10:44:22 | 000,132,578 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 10:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 04:05:48 | 000,646,972 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,114,596 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:9638A27E
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:CB0AACC9

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Windows\HideWin.exe
C:\Windows\SWREG.exe
C:\Windows\SWSC.exe
C:\Windows\NIRCMD.exe
C:\Qoobox
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
C:\Windows\System32\drivers\etc\hosts.ics
C:\Users\Orinoco\AppData\Roaming\mainhst.zgh
C:\Windows\System32\drivers\etc\hosts
C:\Windows\PEV.exe
C:\Windows\MBR.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\zip.exe
C:\Users\Orinoco\AppData\Roaming\chrtmp
C:\Windows\System32\ezsidmv.dat
C:\Windows\x2.64.exe
C:\Windows\System32\x.264.exe
C:\Users\Orinoco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\System32\unrar.dll

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.


V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\USetup.iss
C:\Windows\avvcnvrt.INI
C:\Windows\System32\autoscan.dll
C:\Windows\sign.ini
C:\Windows\QIII.INI
C:\Windows\reimage.ini

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti