Prosím o kontrolu logu, Claro search + Vyřešeno
- memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Nech si zobrazit skryté soubory.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
- Level 1
- Příspěvky: 53
- Registrován: listopad 12
- Bydliště: Les
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Právě že mám zapnuté zobrazení skrytých 

-
- Level 1
- Příspěvky: 53
- Registrován: listopad 12
- Bydliště: Les
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Hmm, tak jsem to měl předtím zapnuté, teď se podívám a z ničeho nic je to vypnuté. Tak dobře, zapnul jsem znova zobrazování skrytých, ALE ta složka tam pořád není. 

- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Ale je...
Tak jinak , ještě ten plugin javy chceš dát pryč?
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Tak jinak , ještě ten plugin javy chceš dát pryč?
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
- Level 1
- Příspěvky: 53
- Registrován: listopad 12
- Bydliště: Les
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Dobrý den! Děkuji za odpovědi. Tam v té složce je totiž jen to, co je v přiloženém souboru, a zobrazení skrytých je zapnuté
Nu, tak jestli působí bezpečnostní obtíže, tak by měl být odstraněn
Děkuji, jdu použít ten program 

Nu, tak jestli působí bezpečnostní obtíže, tak by měl být odstraněn


- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
c:\users\Spravce\AppData\Local\SwvUpdater jsi na správné cestě?
Jinak to máš nastaveno správně..
Jinak to máš nastaveno správně..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
- Level 1
- Příspěvky: 53
- Registrován: listopad 12
- Bydliště: Les
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Ano, jsem na správné cestě a složka nikde
Zde je tedy log OTL:
OTL logfile created on: 5.12.2012 19:39:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Spravce\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,98 Gb Total Physical Memory | 13,82 Gb Available Physical Memory | 86,44% Memory free
16,98 Gb Paging File | 14,85 Gb Available in Paging File | 87,47% Paging File free
Paging file location(s): c:\pagefile.sys 1024 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 10,42 Gb Free Space | 17,82% Space Free | Partition Type: NTFS
Drive D: | 407,17 Gb Total Space | 192,81 Gb Free Space | 47,36% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 314,51 Gb Free Space | 67,53% Space Free | Partition Type: NTFS
Computer Name: SPRAVCE-PC | User Name: Spravce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Spravce\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcp) -- C:\Windows\SysNative\drivers\BthAvrcp.sys (CSR, plc)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (Magic Tune) -- C:\Windows\SysNative\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (mod7700) -- C:\Windows\SysNative\drivers\dvb7700all.sys (DiBcom)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{973F004C-965D-473A-9D8D-288FB3525DFA}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: {25A1388B-6B18-46c3-BEBA-A81915D0DE8F}:1.7.8
FF - prefs.js..extensions.enabledAddons: artur.dubovoy@gmail.com:3.6.8
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.20 02:22:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.17 12:50:43 | 000,000,000 | ---D | M]
[2012.01.20 21:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\Extensions
[2012.12.05 16:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\Firefox\Profiles\tzhlleg7.default\extensions
[2012.09.29 21:13:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Spravce\AppData\Roaming\mozilla\Firefox\Profiles\tzhlleg7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.09.03 21:06:40 | 000,198,347 | ---- | M] () (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\firefox\profiles\tzhlleg7.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.07.20 02:20:35 | 000,301,714 | ---- | M] () (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\firefox\profiles\tzhlleg7.default\extensions\{25A1388B-6B18-46c3-BEBA-A81915D0DE8F}.xpi
[2012.08.24 14:00:22 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\firefox\profiles\tzhlleg7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.12.05 10:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.20 02:22:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.04.21 02:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2007.04.10 16:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2012.01.22 12:03:28 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.04.21 04:17:43 | 000,003,413 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012.04.21 04:17:43 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.04.21 04:17:43 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.21 04:17:44 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.04.21 04:17:44 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.04.21 04:17:44 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2012.12.04 23:53:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{801712D6-E416-402C-9126-302A0C3E8AB7}: DhcpNameServer = 213.46.172.36 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.12.04 14:19:40 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.05 19:38:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Spravce\Desktop\OTL.exe
[2012.12.05 16:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.12.05 15:07:06 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.12.05 15:07:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.12.05 15:03:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.12.05 15:03:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.12.05 15:03:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.12.05 15:03:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.12.05 15:03:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.12.05 15:03:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.12.05 15:03:36 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.12.05 15:03:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.12.05 15:03:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.12.05 15:03:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.12.05 15:03:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.12.05 15:03:35 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.12.05 15:03:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.12.05 15:03:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.12.05 15:03:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.12.05 15:01:55 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.12.05 15:01:54 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.12.05 15:01:54 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.12.05 15:01:54 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.12.05 15:00:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.12.05 15:00:55 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.12.05 15:00:55 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.12.05 15:00:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.12.05 15:00:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.12.05 15:00:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.12.05 15:00:51 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.12.05 15:00:51 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.12.05 15:00:51 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.12.05 15:00:50 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.12.05 15:00:50 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.12.05 10:09:21 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.12.05 10:09:21 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.12.05 10:09:21 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.12.05 10:09:21 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.12.05 10:09:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.12.05 09:59:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.05 00:01:20 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.12.04 23:46:16 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Local\CrashDumps
[2012.12.04 19:54:14 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.04 19:12:52 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Desktop\backups
[2012.12.04 16:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.12.04 16:10:31 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Local\Adobe
[2012.12.04 16:00:36 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Spravce\Desktop\HijackThis.exe
[2012.12.04 15:41:10 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Roaming\Malwarebytes
[2012.12.04 14:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2012.12.04 14:19:26 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012.12.04 14:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.12.04 14:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.04 00:35:35 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Local\Downloaded Installations
[2012.12.04 00:34:32 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Downloads
[2012.12.02 23:30:03 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XLN Audio
[2012.12.02 23:30:03 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Addictive Drums
[2012.12.02 23:29:32 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.11.26 00:41:21 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Desktop\autotest-c-3
[2012.11.25 14:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments
[2012.11.24 23:04:14 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Native Instruments
[2012.11.24 22:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2012.11.24 22:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments
[2012.11.17 14:30:58 | 000,000,000 | R--D | C] -- C:\Users\Spravce\Documents\Scanned Documents
[2012.11.17 14:30:57 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Fax
[2012.11.14 21:45:48 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Desktop\Kilofoto
[2012.11.13 17:53:30 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Almost Human
[2012.11.13 17:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2012.11.07 23:01:01 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Roaming\Audacity
[2012.11.07 23:00:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2012.11.06 14:12:38 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\FormatFactory
========== Files - Modified Within 30 Days ==========
[2012.12.05 19:38:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Spravce\Desktop\OTL.exe
[2012.12.05 16:39:47 | 000,024,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.05 16:39:47 | 000,024,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.05 16:32:08 | 003,020,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.05 16:31:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.05 16:31:33 | 4280,745,982 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.05 15:08:06 | 001,489,048 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.05 15:08:06 | 000,631,054 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.12.05 15:08:06 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.05 15:08:06 | 000,121,708 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.12.05 15:08:06 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.05 10:09:17 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.12.05 10:09:17 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.12.05 10:09:17 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.12.05 10:09:16 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.12.05 00:10:37 | 000,000,512 | ---- | M] () -- C:\Users\Spravce\Desktop\MBR.dat
[2012.12.04 23:53:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.12.04 20:14:55 | 000,540,743 | ---- | M] () -- C:\Users\Spravce\Desktop\adwcleaner.exe
[2012.12.04 16:00:40 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Spravce\Desktop\HijackThis.exe
[2012.12.04 14:19:40 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2012.12.03 20:06:45 | 000,001,886 | ---- | M] () -- C:\Users\Spravce\Desktop\Audition.lnk
[2012.12.02 23:29:32 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.12.02 16:29:40 | 014,450,277 | ---- | M] () -- C:\Users\Spravce\Desktop\GP v1.4.2 apkmania.com.apk
[2012.12.02 14:36:57 | 000,082,828 | ---- | M] () -- C:\Users\Spravce\Documents\cc_20121202_143652.reg
[2012.12.01 23:22:50 | 000,000,391 | ---- | M] () -- C:\Users\Spravce\Documents\bubble-town-240x320.jad
[2012.12.01 23:19:42 | 000,294,586 | ---- | M] () -- C:\Users\Spravce\Documents\bubble-town-240x320.jar
[2012.12.01 23:18:20 | 000,439,296 | ---- | M] () -- C:\Users\Spravce\Desktop\JADgen.exe
[2012.11.22 07:59:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.11.17 13:52:17 | 000,000,911 | ---- | M] () -- C:\Users\Spravce\Desktop\KEmulator – zástupce.lnk
[2012.11.13 17:52:07 | 000,000,666 | ---- | M] () -- C:\Users\Public\Desktop\Legend of Grimrock.lnk
[2012.11.07 23:00:57 | 000,001,011 | ---- | M] () -- C:\Users\Spravce\Desktop\Audacity.lnk
[2012.11.07 20:25:50 | 000,001,056 | ---- | M] () -- C:\Windows\AZPR3.INI
========== Files Created - No Company Name ==========
[2012.12.05 15:07:11 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.05 15:01:54 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.05 10:01:53 | 003,020,592 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.05 00:10:37 | 000,000,512 | ---- | C] () -- C:\Users\Spravce\Desktop\MBR.dat
[2012.12.04 20:14:52 | 000,540,743 | ---- | C] () -- C:\Users\Spravce\Desktop\adwcleaner.exe
[2012.12.04 14:19:40 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2012.12.02 16:29:29 | 014,450,277 | ---- | C] () -- C:\Users\Spravce\Desktop\GP v1.4.2 apkmania.com.apk
[2012.12.02 14:36:55 | 000,082,828 | ---- | C] () -- C:\Users\Spravce\Documents\cc_20121202_143652.reg
[2012.12.01 23:22:50 | 000,000,391 | ---- | C] () -- C:\Users\Spravce\Documents\bubble-town-240x320.jad
[2012.12.01 23:19:42 | 000,294,586 | ---- | C] () -- C:\Users\Spravce\Documents\bubble-town-240x320.jar
[2012.12.01 23:18:20 | 000,439,296 | ---- | C] () -- C:\Users\Spravce\Desktop\JADgen.exe
[2012.11.27 21:37:23 | 000,480,420 | ---- | C] () -- C:\Users\Spravce\Desktop\octin spraypaint free.ttf
[2012.11.17 13:52:17 | 000,000,911 | ---- | C] () -- C:\Users\Spravce\Desktop\KEmulator – zástupce.lnk
[2012.11.13 17:52:07 | 000,000,666 | ---- | C] () -- C:\Users\Public\Desktop\Legend of Grimrock.lnk
[2012.11.07 23:00:57 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012.11.07 23:00:57 | 000,001,011 | ---- | C] () -- C:\Users\Spravce\Desktop\Audacity.lnk
[2012.10.09 14:08:01 | 000,001,056 | ---- | C] () -- C:\Windows\AZPR3.INI
[2012.09.02 00:53:16 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.08.24 16:45:29 | 000,000,604 | ---- | C] () -- C:\Windows\Sof2.INI
[2012.08.20 16:57:34 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012.08.09 15:16:39 | 000,000,193 | ---- | C] () -- C:\Windows\cncscore.ini
[2012.07.29 03:10:15 | 000,000,992 | ---- | C] () -- C:\Users\Spravce\AppData\Local\SRDownloader.nast
[2012.07.17 16:43:13 | 000,000,538 | ---- | C] () -- C:\Windows\eReg.dat
[2012.02.08 00:18:48 | 000,000,702 | ---- | C] () -- C:\Users\Spravce\.jscreenfix.licence
[2012.01.21 10:14:41 | 000,000,017 | ---- | C] () -- C:\Users\Spravce\AppData\Local\resmon.resmoncfg
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.01.21 09:11:01 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Ashampoo
[2012.11.07 23:05:39 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Audacity
[2012.12.03 20:00:13 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Azureus
[2012.09.29 20:33:05 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\calibre
[2012.07.21 12:28:46 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Canon
[2012.12.03 20:00:13 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\DAEMON Tools Lite
[2012.02.13 17:18:40 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Exec
[2012.02.02 10:23:02 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Foxit Software
[2012.11.23 22:32:36 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\GeoGet
[2012.01.21 17:50:47 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\IrfanView
[2012.01.29 13:47:51 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Mobile Atlas Creator
[2012.05.15 16:33:05 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\National Instruments
[2012.01.24 23:10:56 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Nik Software
[2012.07.29 11:32:03 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Orbit
[2012.02.20 15:55:04 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\ProgSense
[2012.05.24 19:06:43 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Softland
[2012.12.05 10:00:39 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\uTorrent
[2012.01.21 20:44:27 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Zoner
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:7631EA83
< End of report >

Zde je tedy log OTL:
OTL logfile created on: 5.12.2012 19:39:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Spravce\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,98 Gb Total Physical Memory | 13,82 Gb Available Physical Memory | 86,44% Memory free
16,98 Gb Paging File | 14,85 Gb Available in Paging File | 87,47% Paging File free
Paging file location(s): c:\pagefile.sys 1024 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 10,42 Gb Free Space | 17,82% Space Free | Partition Type: NTFS
Drive D: | 407,17 Gb Total Space | 192,81 Gb Free Space | 47,36% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 314,51 Gb Free Space | 67,53% Space Free | Partition Type: NTFS
Computer Name: SPRAVCE-PC | User Name: Spravce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Spravce\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcp) -- C:\Windows\SysNative\drivers\BthAvrcp.sys (CSR, plc)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (Magic Tune) -- C:\Windows\SysNative\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (mod7700) -- C:\Windows\SysNative\drivers\dvb7700all.sys (DiBcom)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{973F004C-965D-473A-9D8D-288FB3525DFA}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: {25A1388B-6B18-46c3-BEBA-A81915D0DE8F}:1.7.8
FF - prefs.js..extensions.enabledAddons: artur.dubovoy@gmail.com:3.6.8
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.20 02:22:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.17 12:50:43 | 000,000,000 | ---D | M]
[2012.01.20 21:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\Extensions
[2012.12.05 16:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\Firefox\Profiles\tzhlleg7.default\extensions
[2012.09.29 21:13:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Spravce\AppData\Roaming\mozilla\Firefox\Profiles\tzhlleg7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.09.03 21:06:40 | 000,198,347 | ---- | M] () (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\firefox\profiles\tzhlleg7.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.07.20 02:20:35 | 000,301,714 | ---- | M] () (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\firefox\profiles\tzhlleg7.default\extensions\{25A1388B-6B18-46c3-BEBA-A81915D0DE8F}.xpi
[2012.08.24 14:00:22 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\firefox\profiles\tzhlleg7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.12.05 10:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.20 02:22:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.04.21 02:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2007.04.10 16:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2012.01.22 12:03:28 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.04.21 04:17:43 | 000,003,413 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012.04.21 04:17:43 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.04.21 04:17:43 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.21 04:17:44 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.04.21 04:17:44 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.04.21 04:17:44 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2012.12.04 23:53:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{801712D6-E416-402C-9126-302A0C3E8AB7}: DhcpNameServer = 213.46.172.36 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.12.04 14:19:40 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.05 19:38:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Spravce\Desktop\OTL.exe
[2012.12.05 16:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.12.05 15:07:06 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.12.05 15:07:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.12.05 15:03:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.12.05 15:03:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.12.05 15:03:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.12.05 15:03:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.12.05 15:03:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.12.05 15:03:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.12.05 15:03:36 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.12.05 15:03:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.12.05 15:03:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.12.05 15:03:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.12.05 15:03:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.12.05 15:03:35 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.12.05 15:03:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.12.05 15:03:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.12.05 15:03:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.12.05 15:01:55 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.12.05 15:01:54 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.12.05 15:01:54 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.12.05 15:01:54 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.12.05 15:00:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.12.05 15:00:55 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.12.05 15:00:55 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.12.05 15:00:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.12.05 15:00:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.12.05 15:00:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.12.05 15:00:51 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.12.05 15:00:51 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.12.05 15:00:51 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.12.05 15:00:50 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.12.05 15:00:50 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.12.05 10:09:21 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.12.05 10:09:21 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.12.05 10:09:21 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.12.05 10:09:21 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.12.05 10:09:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.12.05 09:59:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.05 00:01:20 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.12.04 23:46:16 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Local\CrashDumps
[2012.12.04 19:54:14 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.04 19:12:52 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Desktop\backups
[2012.12.04 16:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.12.04 16:10:31 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Local\Adobe
[2012.12.04 16:00:36 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Spravce\Desktop\HijackThis.exe
[2012.12.04 15:41:10 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Roaming\Malwarebytes
[2012.12.04 14:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2012.12.04 14:19:26 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012.12.04 14:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.12.04 14:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.04 00:35:35 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Local\Downloaded Installations
[2012.12.04 00:34:32 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Downloads
[2012.12.02 23:30:03 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XLN Audio
[2012.12.02 23:30:03 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Addictive Drums
[2012.12.02 23:29:32 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.11.26 00:41:21 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Desktop\autotest-c-3
[2012.11.25 14:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments
[2012.11.24 23:04:14 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Native Instruments
[2012.11.24 22:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2012.11.24 22:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments
[2012.11.17 14:30:58 | 000,000,000 | R--D | C] -- C:\Users\Spravce\Documents\Scanned Documents
[2012.11.17 14:30:57 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Fax
[2012.11.14 21:45:48 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Desktop\Kilofoto
[2012.11.13 17:53:30 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\Almost Human
[2012.11.13 17:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2012.11.07 23:01:01 | 000,000,000 | ---D | C] -- C:\Users\Spravce\AppData\Roaming\Audacity
[2012.11.07 23:00:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2012.11.06 14:12:38 | 000,000,000 | ---D | C] -- C:\Users\Spravce\Documents\FormatFactory
========== Files - Modified Within 30 Days ==========
[2012.12.05 19:38:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Spravce\Desktop\OTL.exe
[2012.12.05 16:39:47 | 000,024,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.05 16:39:47 | 000,024,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.05 16:32:08 | 003,020,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.05 16:31:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.05 16:31:33 | 4280,745,982 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.05 15:08:06 | 001,489,048 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.05 15:08:06 | 000,631,054 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.12.05 15:08:06 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.05 15:08:06 | 000,121,708 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.12.05 15:08:06 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.05 10:09:17 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.12.05 10:09:17 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.12.05 10:09:17 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.12.05 10:09:16 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.12.05 00:10:37 | 000,000,512 | ---- | M] () -- C:\Users\Spravce\Desktop\MBR.dat
[2012.12.04 23:53:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.12.04 20:14:55 | 000,540,743 | ---- | M] () -- C:\Users\Spravce\Desktop\adwcleaner.exe
[2012.12.04 16:00:40 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Spravce\Desktop\HijackThis.exe
[2012.12.04 14:19:40 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2012.12.03 20:06:45 | 000,001,886 | ---- | M] () -- C:\Users\Spravce\Desktop\Audition.lnk
[2012.12.02 23:29:32 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.12.02 16:29:40 | 014,450,277 | ---- | M] () -- C:\Users\Spravce\Desktop\GP v1.4.2 apkmania.com.apk
[2012.12.02 14:36:57 | 000,082,828 | ---- | M] () -- C:\Users\Spravce\Documents\cc_20121202_143652.reg
[2012.12.01 23:22:50 | 000,000,391 | ---- | M] () -- C:\Users\Spravce\Documents\bubble-town-240x320.jad
[2012.12.01 23:19:42 | 000,294,586 | ---- | M] () -- C:\Users\Spravce\Documents\bubble-town-240x320.jar
[2012.12.01 23:18:20 | 000,439,296 | ---- | M] () -- C:\Users\Spravce\Desktop\JADgen.exe
[2012.11.22 07:59:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.11.17 13:52:17 | 000,000,911 | ---- | M] () -- C:\Users\Spravce\Desktop\KEmulator – zástupce.lnk
[2012.11.13 17:52:07 | 000,000,666 | ---- | M] () -- C:\Users\Public\Desktop\Legend of Grimrock.lnk
[2012.11.07 23:00:57 | 000,001,011 | ---- | M] () -- C:\Users\Spravce\Desktop\Audacity.lnk
[2012.11.07 20:25:50 | 000,001,056 | ---- | M] () -- C:\Windows\AZPR3.INI
========== Files Created - No Company Name ==========
[2012.12.05 15:07:11 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.05 15:01:54 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.05 10:01:53 | 003,020,592 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.05 00:10:37 | 000,000,512 | ---- | C] () -- C:\Users\Spravce\Desktop\MBR.dat
[2012.12.04 20:14:52 | 000,540,743 | ---- | C] () -- C:\Users\Spravce\Desktop\adwcleaner.exe
[2012.12.04 14:19:40 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2012.12.02 16:29:29 | 014,450,277 | ---- | C] () -- C:\Users\Spravce\Desktop\GP v1.4.2 apkmania.com.apk
[2012.12.02 14:36:55 | 000,082,828 | ---- | C] () -- C:\Users\Spravce\Documents\cc_20121202_143652.reg
[2012.12.01 23:22:50 | 000,000,391 | ---- | C] () -- C:\Users\Spravce\Documents\bubble-town-240x320.jad
[2012.12.01 23:19:42 | 000,294,586 | ---- | C] () -- C:\Users\Spravce\Documents\bubble-town-240x320.jar
[2012.12.01 23:18:20 | 000,439,296 | ---- | C] () -- C:\Users\Spravce\Desktop\JADgen.exe
[2012.11.27 21:37:23 | 000,480,420 | ---- | C] () -- C:\Users\Spravce\Desktop\octin spraypaint free.ttf
[2012.11.17 13:52:17 | 000,000,911 | ---- | C] () -- C:\Users\Spravce\Desktop\KEmulator – zástupce.lnk
[2012.11.13 17:52:07 | 000,000,666 | ---- | C] () -- C:\Users\Public\Desktop\Legend of Grimrock.lnk
[2012.11.07 23:00:57 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012.11.07 23:00:57 | 000,001,011 | ---- | C] () -- C:\Users\Spravce\Desktop\Audacity.lnk
[2012.10.09 14:08:01 | 000,001,056 | ---- | C] () -- C:\Windows\AZPR3.INI
[2012.09.02 00:53:16 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.08.24 16:45:29 | 000,000,604 | ---- | C] () -- C:\Windows\Sof2.INI
[2012.08.20 16:57:34 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012.08.09 15:16:39 | 000,000,193 | ---- | C] () -- C:\Windows\cncscore.ini
[2012.07.29 03:10:15 | 000,000,992 | ---- | C] () -- C:\Users\Spravce\AppData\Local\SRDownloader.nast
[2012.07.17 16:43:13 | 000,000,538 | ---- | C] () -- C:\Windows\eReg.dat
[2012.02.08 00:18:48 | 000,000,702 | ---- | C] () -- C:\Users\Spravce\.jscreenfix.licence
[2012.01.21 10:14:41 | 000,000,017 | ---- | C] () -- C:\Users\Spravce\AppData\Local\resmon.resmoncfg
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.01.21 09:11:01 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Ashampoo
[2012.11.07 23:05:39 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Audacity
[2012.12.03 20:00:13 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Azureus
[2012.09.29 20:33:05 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\calibre
[2012.07.21 12:28:46 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Canon
[2012.12.03 20:00:13 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\DAEMON Tools Lite
[2012.02.13 17:18:40 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Exec
[2012.02.02 10:23:02 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Foxit Software
[2012.11.23 22:32:36 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\GeoGet
[2012.01.21 17:50:47 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\IrfanView
[2012.01.29 13:47:51 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Mobile Atlas Creator
[2012.05.15 16:33:05 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\National Instruments
[2012.01.24 23:10:56 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Nik Software
[2012.07.29 11:32:03 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Orbit
[2012.02.20 15:55:04 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\ProgSense
[2012.05.24 19:06:43 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Softland
[2012.12.05 10:00:39 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\uTorrent
[2012.01.21 20:44:27 | 000,000,000 | ---D | M] -- C:\Users\Spravce\AppData\Roaming\Zoner
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:7631EA83
< End of report >
-
- Level 1
- Příspěvky: 53
- Registrován: listopad 12
- Bydliště: Les
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
A zde je tedy log Extras:
OTL Extras logfile created on: 5.12.2012 19:39:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Spravce\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,98 Gb Total Physical Memory | 13,82 Gb Available Physical Memory | 86,44% Memory free
16,98 Gb Paging File | 14,85 Gb Available in Paging File | 87,47% Paging File free
Paging file location(s): c:\pagefile.sys 1024 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 10,42 Gb Free Space | 17,82% Space Free | Partition Type: NTFS
Drive D: | 407,17 Gb Total Space | 192,81 Gb Free Space | 47,36% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 314,51 Gb Free Space | 67,53% Space Free | Partition Type: NTFS
Computer Name: SPRAVCE-PC | User Name: Spravce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{126CEC0F-93CB-45B3-9C12-268E84D06D0C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{15FEB3CD-4142-4008-A84F-6F574D5DB004}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18591A6B-9E0B-4589-85E7-AD7D03C63B8C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D3E91DB-DA3E-4AD0-98B8-3DD1B793E952}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2531994C-104D-4B60-82A0-E93A3D922277}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{265CF6EB-A1E4-4FCD-AF7F-CBC0DD639627}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3E91E7EB-3A99-485D-96FB-17A963EF8F6E}" = lport=137 | protocol=17 | dir=in | app=system |
"{40C6B978-0DE3-4E86-9221-8935D088368B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{64A21608-DDE4-4F9A-B652-F6D5526A0420}" = rport=137 | protocol=17 | dir=out | app=system |
"{686717DC-470C-4005-9AF2-D9894FF3E6B4}" = lport=139 | protocol=6 | dir=in | app=system |
"{6C4DB5A7-DB24-46C8-9DEA-AEF640005588}" = rport=139 | protocol=6 | dir=out | app=system |
"{73A1FEED-83F6-4F44-8E05-5EA6FF6D0D2F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86B42A44-9E3B-4D98-B075-E2899DDD67CC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{923F9109-4B3D-434E-A401-A56DFD8BF8B2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A9147568-B09C-4881-9102-E4B52A317721}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B439C697-F749-469D-B756-9E900B81E7CC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B4BDB11C-C84B-4E23-9F51-D5C7494FA697}" = lport=445 | protocol=6 | dir=in | app=system |
"{BA0052CF-9AB3-428B-B24F-A5E5D4EE7365}" = rport=138 | protocol=17 | dir=out | app=system |
"{C4D08E89-6439-42E2-ADB6-D451D998DC5B}" = rport=445 | protocol=6 | dir=out | app=system |
"{C577AFC3-4028-47EE-A931-54DE7FE363D5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C6EDBF6F-42AD-4B8C-A2B0-E33D94E4E064}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{EE0119EB-CFE7-422A-B237-84044874162D}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0654190D-D94A-46BB-8D24-7C8138BE71EA}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0D76DD40-C109-47C3-A0F3-106D19FC87ED}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{15E5F5B5-7F51-40BE-AC6E-79FB2745A6D4}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1E4BA66B-C43E-4A97-9DA7-F52C4D194ECB}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{1F70D92B-0FE0-4C77-95DB-923B602F30DE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{2763E4A1-D0CA-45DE-BCA8-9069FEBA1DCC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{28AAA9B9-EF3B-4BE5-BA5E-156BCB3CF100}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{2BD57FB6-BBC2-4256-AC49-650A9EA7E0EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31733B74-AB18-4A44-ADFD-C85BE42014C0}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{31EF8DA9-1482-4356-8A09-5A54874BD588}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{44C5AE01-D29E-451C-8FA7-4A0EA5DD6791}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{473A4247-5BD6-4D43-B4B7-2286C3701D14}" = dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{4A232249-7888-4562-B2BE-9AB3903895D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4AFACCC6-7FCB-475D-BCBF-0EC3E45F7D07}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4B169C5D-C9BE-48D1-AA12-7FDF088CCD68}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5960F59D-E064-4186-B4E2-8F4383A1A255}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5E6EB646-0079-48A7-9B4A-F7003059822D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6800F00D-81F7-4E43-A5AD-A90CCD601528}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{81E3F9F5-788C-40F9-BC03-EC329ECF5575}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8CEDFCB6-14BD-449E-BDD2-BC41B721E019}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E398362-C9F5-40D6-B46B-452C7FD9AAE9}" = protocol=58 | dir=in | app=system |
"{8E44431B-9C15-4578-8B93-94DA9F6CC6B8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{92C95788-B3D1-4A1C-94D4-F67B2224F34F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D7F177D-9651-48B4-B267-6A3321C5C6EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9F9FAA4A-19B8-4727-B3BE-D734F7FB60CB}" = protocol=6 | dir=out | app=system |
"{A076D7FD-B846-4275-8AE9-00D10DD053B2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A6E596DD-BBB6-40B8-B7F3-8C512127B475}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B30B8D2E-A332-44DE-963F-6FA0B749D82C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BEAF8E19-889A-493B-9C12-7CB647652080}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C1775F8D-8CAF-49B8-A118-D284BA056233}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CBEC68A2-0F42-4708-A0D9-241C7A16D51D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DD92FF8A-8A52-4F99-90F4-D627423DE6B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E347F48E-FA80-4533-9D1B-0DA7F6613403}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E362643F-63EE-48CD-BC40-8FBA063949FF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F2CBDBD4-7867-477C-BC28-AB3BAB618C1E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F78B5165-011F-4705-A0DE-55C122FF8D15}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{56BC3AD7-6AAE-4F61-A1F1-7F8A286870EE}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{4599E9F1-6410-4D0D-AE6B-870C44753D43}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E44D14E2-A6D0-4F38-BF06-2E4244E23FED}" = Topaz InFocus (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"doPDF 7 printer_is1" = doPDF 7.3 printer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{31E12803-3F3B-46A6-BE0D-3FF07677CE79}" = Rage Maker Image Pack
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{7299052B-02A4-4627-81F2-1818DA5D550D}" = Microsoft Visual C++ 2005 Redistributable
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C1E66AFC-3A37-4B4E-B51F-B3D603F9AF36}" = Ses2Sesx
"{D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57}" = Adobe Audition CS5.5
"{DD7F0FB7-9908-4DA5-95C5-7C6ABE6918C7}" = Rage Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4F365AB-BD66-4775-A36A-E3D8055873FD}" = EZXMetalHeads
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"CDisplay_is1" = CDisplay 1.8
"GeoGet_is1" = GeoGet 2.7.3.699
"Legend of Grimrock_is1" = Legend of Grimrock
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PC_Drummer_Pro_500" = PC Drummer Pro 5.05
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8097
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4.12.2012 11:41:13 | Computer Name = Spravce-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary 31131777.
System
Error: Systém nemůže nalézt uvedený soubor. .
Error - 4.12.2012 14:17:11 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 4.12.2012 14:51:21 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 4.12.2012 15:06:36 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 4.12.2012 18:44:24 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 4.12.2012 18:46:12 | Computer Name = Spravce-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 12.0.0.4493, časové
razítko: 0x4f9207d9 Název chybujícího modulu: xul.dll, verze: 12.0.0.4493, časové
razítko: 0x4f92069e Kód výjimky: 0xc0000005 Posun chyby: 0x001115b8 ID chybujícího
procesu: 0xf38 Čas spuštění chybující aplikace: 0x01cdd270d086eaa3 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: 66abe015-3e64-11e2-ad78-8c89a56c2ef7
Error - 4.12.2012 20:54:24 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.12.2012 4:47:01 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.12.2012 5:03:42 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.12.2012 9:55:49 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.12.2012 11:33:24 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 4.12.2012 11:08:03 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 4.12.2012 14:58:50 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 15:00:31 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 17:35:14 | Computer Name = Spravce-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 4.12.2012 18:51:25 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 18:52:46 | Computer Name = Spravce-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.
Error - 4.12.2012 18:53:10 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 18:58:59 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 19:00:16 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 5.12.2012 10:11:25 | Computer Name = Spravce-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >

OTL Extras logfile created on: 5.12.2012 19:39:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Spravce\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,98 Gb Total Physical Memory | 13,82 Gb Available Physical Memory | 86,44% Memory free
16,98 Gb Paging File | 14,85 Gb Available in Paging File | 87,47% Paging File free
Paging file location(s): c:\pagefile.sys 1024 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 10,42 Gb Free Space | 17,82% Space Free | Partition Type: NTFS
Drive D: | 407,17 Gb Total Space | 192,81 Gb Free Space | 47,36% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 314,51 Gb Free Space | 67,53% Space Free | Partition Type: NTFS
Computer Name: SPRAVCE-PC | User Name: Spravce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{126CEC0F-93CB-45B3-9C12-268E84D06D0C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{15FEB3CD-4142-4008-A84F-6F574D5DB004}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18591A6B-9E0B-4589-85E7-AD7D03C63B8C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D3E91DB-DA3E-4AD0-98B8-3DD1B793E952}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2531994C-104D-4B60-82A0-E93A3D922277}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{265CF6EB-A1E4-4FCD-AF7F-CBC0DD639627}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3E91E7EB-3A99-485D-96FB-17A963EF8F6E}" = lport=137 | protocol=17 | dir=in | app=system |
"{40C6B978-0DE3-4E86-9221-8935D088368B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{64A21608-DDE4-4F9A-B652-F6D5526A0420}" = rport=137 | protocol=17 | dir=out | app=system |
"{686717DC-470C-4005-9AF2-D9894FF3E6B4}" = lport=139 | protocol=6 | dir=in | app=system |
"{6C4DB5A7-DB24-46C8-9DEA-AEF640005588}" = rport=139 | protocol=6 | dir=out | app=system |
"{73A1FEED-83F6-4F44-8E05-5EA6FF6D0D2F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86B42A44-9E3B-4D98-B075-E2899DDD67CC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{923F9109-4B3D-434E-A401-A56DFD8BF8B2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A9147568-B09C-4881-9102-E4B52A317721}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B439C697-F749-469D-B756-9E900B81E7CC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B4BDB11C-C84B-4E23-9F51-D5C7494FA697}" = lport=445 | protocol=6 | dir=in | app=system |
"{BA0052CF-9AB3-428B-B24F-A5E5D4EE7365}" = rport=138 | protocol=17 | dir=out | app=system |
"{C4D08E89-6439-42E2-ADB6-D451D998DC5B}" = rport=445 | protocol=6 | dir=out | app=system |
"{C577AFC3-4028-47EE-A931-54DE7FE363D5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C6EDBF6F-42AD-4B8C-A2B0-E33D94E4E064}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{EE0119EB-CFE7-422A-B237-84044874162D}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0654190D-D94A-46BB-8D24-7C8138BE71EA}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0D76DD40-C109-47C3-A0F3-106D19FC87ED}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{15E5F5B5-7F51-40BE-AC6E-79FB2745A6D4}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1E4BA66B-C43E-4A97-9DA7-F52C4D194ECB}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{1F70D92B-0FE0-4C77-95DB-923B602F30DE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{2763E4A1-D0CA-45DE-BCA8-9069FEBA1DCC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{28AAA9B9-EF3B-4BE5-BA5E-156BCB3CF100}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{2BD57FB6-BBC2-4256-AC49-650A9EA7E0EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31733B74-AB18-4A44-ADFD-C85BE42014C0}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{31EF8DA9-1482-4356-8A09-5A54874BD588}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{44C5AE01-D29E-451C-8FA7-4A0EA5DD6791}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{473A4247-5BD6-4D43-B4B7-2286C3701D14}" = dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{4A232249-7888-4562-B2BE-9AB3903895D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4AFACCC6-7FCB-475D-BCBF-0EC3E45F7D07}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4B169C5D-C9BE-48D1-AA12-7FDF088CCD68}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5960F59D-E064-4186-B4E2-8F4383A1A255}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5E6EB646-0079-48A7-9B4A-F7003059822D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6800F00D-81F7-4E43-A5AD-A90CCD601528}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{81E3F9F5-788C-40F9-BC03-EC329ECF5575}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8CEDFCB6-14BD-449E-BDD2-BC41B721E019}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E398362-C9F5-40D6-B46B-452C7FD9AAE9}" = protocol=58 | dir=in | app=system |
"{8E44431B-9C15-4578-8B93-94DA9F6CC6B8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{92C95788-B3D1-4A1C-94D4-F67B2224F34F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D7F177D-9651-48B4-B267-6A3321C5C6EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9F9FAA4A-19B8-4727-B3BE-D734F7FB60CB}" = protocol=6 | dir=out | app=system |
"{A076D7FD-B846-4275-8AE9-00D10DD053B2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A6E596DD-BBB6-40B8-B7F3-8C512127B475}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B30B8D2E-A332-44DE-963F-6FA0B749D82C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BEAF8E19-889A-493B-9C12-7CB647652080}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C1775F8D-8CAF-49B8-A118-D284BA056233}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CBEC68A2-0F42-4708-A0D9-241C7A16D51D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DD92FF8A-8A52-4F99-90F4-D627423DE6B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E347F48E-FA80-4533-9D1B-0DA7F6613403}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E362643F-63EE-48CD-BC40-8FBA063949FF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F2CBDBD4-7867-477C-BC28-AB3BAB618C1E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F78B5165-011F-4705-A0DE-55C122FF8D15}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{56BC3AD7-6AAE-4F61-A1F1-7F8A286870EE}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{4599E9F1-6410-4D0D-AE6B-870C44753D43}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E44D14E2-A6D0-4F38-BF06-2E4244E23FED}" = Topaz InFocus (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"doPDF 7 printer_is1" = doPDF 7.3 printer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{31E12803-3F3B-46A6-BE0D-3FF07677CE79}" = Rage Maker Image Pack
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{7299052B-02A4-4627-81F2-1818DA5D550D}" = Microsoft Visual C++ 2005 Redistributable
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C1E66AFC-3A37-4B4E-B51F-B3D603F9AF36}" = Ses2Sesx
"{D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57}" = Adobe Audition CS5.5
"{DD7F0FB7-9908-4DA5-95C5-7C6ABE6918C7}" = Rage Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4F365AB-BD66-4775-A36A-E3D8055873FD}" = EZXMetalHeads
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"CDisplay_is1" = CDisplay 1.8
"GeoGet_is1" = GeoGet 2.7.3.699
"Legend of Grimrock_is1" = Legend of Grimrock
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PC_Drummer_Pro_500" = PC Drummer Pro 5.05
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8097
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4.12.2012 11:41:13 | Computer Name = Spravce-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary 31131777.
System
Error: Systém nemůže nalézt uvedený soubor. .
Error - 4.12.2012 14:17:11 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 4.12.2012 14:51:21 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 4.12.2012 15:06:36 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 4.12.2012 18:44:24 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 4.12.2012 18:46:12 | Computer Name = Spravce-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 12.0.0.4493, časové
razítko: 0x4f9207d9 Název chybujícího modulu: xul.dll, verze: 12.0.0.4493, časové
razítko: 0x4f92069e Kód výjimky: 0xc0000005 Posun chyby: 0x001115b8 ID chybujícího
procesu: 0xf38 Čas spuštění chybující aplikace: 0x01cdd270d086eaa3 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: 66abe015-3e64-11e2-ad78-8c89a56c2ef7
Error - 4.12.2012 20:54:24 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.12.2012 4:47:01 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.12.2012 5:03:42 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.12.2012 9:55:49 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.12.2012 11:33:24 | Computer Name = Spravce-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 4.12.2012 11:08:03 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 4.12.2012 14:58:50 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 15:00:31 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 17:35:14 | Computer Name = Spravce-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 4.12.2012 18:51:25 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 18:52:46 | Computer Name = Spravce-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.
Error - 4.12.2012 18:53:10 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 18:58:59 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 4.12.2012 19:00:16 | Computer Name = Spravce-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 5.12.2012 10:11:25 | Computer Name = Spravce-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >

- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Tak tam už asi není ta složka..
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Můžeš zkusit:
http://www.dll-files.com/dllindex/dll-files.shtml?xul
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{973F004C-965D-473A-9D8D-288FB3525DFA}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
FF - prefs.js..extensions.enabledAddons: {25A1388B-6B18-46c3-BEBA-A81915D0DE8F}:1.7.8
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2012.01.20 21:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\Extensions
[2012.01.22 12:03:28 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.20 02:20:35 | 000,301,714 | ---- | M] () (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\firefox\profiles\tzhlleg7.default\extensions\{25A1388B-6B18-46c3-BEBA-A81915D0DE8F}.xpi
[2012.08.24 14:00:22 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Spravce\AppData\Roaming\mozilla\firefox\profiles\tzhlleg7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.12.05 10:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
O1 HOSTS File: ([2012.12.04 23:53:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2012.12.05 15:08:06 | 000,631,054 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.12.05 15:08:06 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.05 15:08:06 | 000,121,708 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.12.05 15:08:06 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:7631EA83
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
c:\users\Spravce\AppData\Local\SwvUpdater
:Reg
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Error - 4.12.2012 18:46:12 | Computer Name = Spravce-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 12.0.0.4493, časové
razítko: 0x4f9207d9 Název chybujícího modulu: xul.dll, verze: 12.0.0.4493, časové
razítko: 0x4f92069e Kód výjimky: 0xc0000005 Posun chyby: 0x001115b8 ID chybujícího
procesu: 0xf38 Čas spuštění chybující aplikace: 0x01cdd270d086eaa3 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: 66abe015-3e64-11e2-ad78-8c89a56c2ef7
Můžeš zkusit:
http://www.dll-files.com/dllindex/dll-files.shtml?xul
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
- Level 1
- Příspěvky: 53
- Registrován: listopad 12
- Bydliště: Les
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Modrý den!
Děkuji za odpověď! Udělal jsem opravu. OTL ale neudělal žádný log. OVšem když jsem spustil Firefox, objevily se stránky, jako bych právě nainstaloval nové plugíny
Ale ten log nikde, jen ten starý, který udělal předtím 
Děkuji za odpověď! Udělal jsem opravu. OTL ale neudělal žádný log. OVšem když jsem spustil Firefox, objevily se stránky, jako bych právě nainstaloval nové plugíny


-
- Level 1
- Příspěvky: 53
- Registrován: listopad 12
- Bydliště: Les
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Ale vyměnil jsem ten xul za ten z té stránky a nejde mi spustit fajrfox 

-
- Level 1
- Příspěvky: 53
- Registrován: listopad 12
- Bydliště: Les
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, Claro search
Uchopil jsem tedy mozbackup (protože jsem nemohl udělat zálohu z vnitřku programu), udělal jsem zálohu a oddělal jsem firefox a dal tam nový a obnovil zálohu a v záloze byly jen záložky 

Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 95 hostů