Prosim o kontrolu

[PolBulva]

OTL Extras logfile created on: 2.6.2012 19:38:13 - Run 1
OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\Pól Bulva\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,97 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 47,97% Memory free
5,93 Gb Paging File | 4,44 Gb Available in Paging File | 74,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,20 Gb Total Space | 1,44 Gb Free Space | 4,92% Space Free | Partition Type: NTFS
Drive D: | 268,79 Gb Total Space | 165,88 Gb Free Space | 61,71% Space Free | Partition Type: NTFS

Computer Name: PÓLBULVA-PC | User Name: Pól Bulva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1094954035-2023778115-2423788019-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\Office\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1717F02A-DC3F-4F65-B7E5-30AACCC07BB1}" = rport=445 | protocol=6 | dir=out | app=system |
"{1C106FCF-841C-466C-929E-62DEA91127A2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1CF64944-93BD-4548-ADA6-9CB154042629}" = rport=139 | protocol=6 | dir=out | app=system |
"{1D9A1849-46D5-43DE-9FDB-BD9CD3C959A8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{227770A0-AE59-4566-9944-762B98E46419}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{307E57EC-AABF-40FF-B9B0-438BE07A5281}" = lport=445 | protocol=6 | dir=in | app=system |
"{31F037D8-90B5-4A8F-9365-792F6832233E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{46986057-FE9D-4C58-9E09-F3BD5B7223D8}" = lport=6004 | protocol=17 | dir=in | app=d:\office\office12\outlook.exe |
"{5053955F-1FC2-4F6F-8495-3CDA879ADD1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62FEADC0-A7AA-4ACD-9FEE-C5A95E32F536}" = lport=139 | protocol=6 | dir=in | app=system |
"{7F3ECFC8-11F8-4E8F-8DFE-BED99728FA9C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{878E8C07-3304-457B-8AF6-15E4C80CEACE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD789335-13AA-4F0D-8285-E9DEDB891AE3}" = lport=137 | protocol=17 | dir=in | app=system |
"{BCFAEB7C-CB7A-4760-B5DB-B86ABF5671F2}" = rport=138 | protocol=17 | dir=out | app=system |
"{CFD08398-0591-492A-A6D6-718995EC4BED}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3CBE1B3-00C3-4041-9C5E-EEFF9B550A9F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6992E5D-9DC1-4EAA-8E2D-15A20958EDE2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DB0FBBB6-447B-4C41-84E8-EC07B9A6D18E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E35DFB48-0DF0-400F-B09C-1A2D9A4EC575}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E8363194-D0F5-4848-B3E6-2D59D9CC6794}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8B0228E-5FEE-4689-9944-9306C31509B1}" = lport=138 | protocol=17 | dir=in | app=system |
"{FE757EE8-3296-4B9D-9AC3-32416962A2EB}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0679AD76-DDC9-41E9-8EA3-5C6D5211D6A6}" = dir=in | app=c:\users\pól bulva\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{0B65BCF0-A516-44CE-88F0-FD3B5FFFDB87}" = protocol=17 | dir=in | app=c:\users\pól bulva\appdata\roaming\dropbox\bin\dropbox.exe |
"{1A80D99E-B05B-4B42-9589-105EE786B9BA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2B7ED730-F95A-4384-9818-546C84E66060}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{301DCE18-0380-45D3-BD32-B0A636AF6F20}" = protocol=6 | dir=in | app=c:\users\pól bulva\appdata\roaming\dropbox\bin\dropbox.exe |
"{35173411-B4A1-405F-A889-66D183CBE0C0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3AFE55E8-9E5F-4757-9009-0A0431C82613}" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{3E6E4748-0A09-452B-AE8B-6DFE4FF2F943}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{42E651F3-BD05-484D-A8A5-964098D7BDC4}" = protocol=17 | dir=in | app=d:\office\office12\onenote.exe |
"{46515B50-8673-4038-B354-44D6507D74E3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{4764742C-CBA1-406A-92E7-2565FB28BC65}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4BCE9861-4A3D-483C-B0DF-61DD18F2E19B}" = protocol=6 | dir=out | app=system |
"{4D3DDA3A-9E3A-4049-87A6-8DE2D44F79BB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{4F91B811-8F51-4F87-8506-0D35CD007D08}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{586B0462-4EE8-465C-B402-D4D61DA31754}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5D1D17B1-3044-4253-9044-37A736CE0AE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F56404E-886F-4761-9B76-EFA6BBE63238}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{602E7367-6762-4130-AE45-A2C9FFB7D300}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{60F3E2F9-08B3-4531-ACFA-A5299438C97A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{688B7F75-3A36-4BCE-973C-5C9838F845CF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{71A1AE86-E79E-40E2-964E-430B9B53EF08}" = protocol=17 | dir=in | app=d:\hry\steam\steam.exe |
"{7A4D48C2-6867-4017-9F03-1C59AC3D6AB2}" = protocol=6 | dir=in | app=d:\office\office12\onenote.exe |
"{7AED30E6-4ADE-4289-AAA9-37F0E89EADD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7E89E99C-56FE-4A44-A482-FC68458FFD54}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{7ED12B04-6343-4852-B976-1BFDF7E02D3A}" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{7FDB782D-102E-47F4-BA18-1BBAC0AD8E30}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C44AEA9-8941-4306-8E55-6B41E88D2678}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{8E8C7F7B-1022-4D2F-A53E-924727C05D4D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8FD55049-52E4-421F-B574-8AAAB7F24960}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A8678C11-C340-4470-8931-412AABA1B161}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE5388C7-F538-482C-B6E9-6C7431A48345}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C57CFFAA-0C1D-4EB7-880E-3C6CD036753D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E67CBBD4-652D-4D45-9B96-3F1CD581C2AD}" = protocol=6 | dir=in | app=d:\office\office12\groove.exe |
"{E765EEB4-F3E7-4419-9501-FAB40815358B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FA2D66E4-FB21-4188-9728-D13770A1FF71}" = protocol=6 | dir=in | app=d:\hry\steam\steam.exe |
"{FA515FBE-A39B-4343-ADC7-D99C5EC3D6A7}" = protocol=17 | dir=in | app=d:\office\office12\groove.exe |
"TCP Query User{18979416-7315-4326-BDC1-693C481346C1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{2DE0EB34-C2E1-41F3-AA60-40C053712FE8}C:\users\pól bulva\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\pól bulva\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{50AAF167-43EA-476D-9935-C4DE5304A64C}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{52B47D1A-21BF-4AF0-B035-4AA81683F890}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{57AF7995-F789-4CD6-86B9-BA67C5D0674B}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{7610E2C0-66E2-4D73-864E-73BA38BAC696}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{7898BC3B-2BBC-490A-B6FC-BFEAE77C070D}C:\program files\qip infium jadrispack\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip infium jadrispack\qip.exe |
"TCP Query User{9AA256E8-0EC3-411B-9108-F459488E5BA8}D:\hry\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=d:\hry\stronghold crusader\stronghold crusader.exe |
"TCP Query User{AF39D6F2-AC00-4194-81F3-E602A1173696}C:\program files\route 66\route 66 sync\route66sync.exe" = protocol=6 | dir=in | app=c:\program files\route 66\route 66 sync\route66sync.exe |
"TCP Query User{AF57D9B9-3BEA-4166-BCC9-6F6558FC60FD}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{BB0881D3-421C-4218-B338-4294EFA2CADB}C:\program files\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\program files\eclipse\eclipse.exe |
"TCP Query User{BB2EFAB7-6DA7-43E5-A282-850E939F20CB}C:\program files\ubisoft\heroes 3 complete\heroes3.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes 3 complete\heroes3.exe |
"UDP Query User{023C18C8-4363-45C3-97FA-FFC6A40495DB}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3180DFD2-9E23-4B05-B7BF-6683CFB61AE1}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{46636139-DB5E-42C7-938B-A222F557D852}C:\program files\qip infium jadrispack\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip infium jadrispack\qip.exe |
"UDP Query User{4C20FB84-B53B-48E9-B0BE-4309EA311D03}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{703FE516-308F-4387-B342-BC1A33405DA5}C:\users\pól bulva\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\pól bulva\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{7822063F-CC7C-4A94-8FF6-0F413307D52A}D:\hry\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=d:\hry\stronghold crusader\stronghold crusader.exe |
"UDP Query User{888C3B34-DCE6-4681-B866-E9899A1B79E4}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{A215DA7E-C126-4876-9E5F-5060E2270C8B}C:\program files\route 66\route 66 sync\route66sync.exe" = protocol=17 | dir=in | app=c:\program files\route 66\route 66 sync\route66sync.exe |
"UDP Query User{B0D73E2A-C4C6-4C38-9A14-0B00BFC8D360}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{D04B6852-E89D-4D4A-A978-0BFD80DBEFE1}C:\program files\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\program files\eclipse\eclipse.exe |
"UDP Query User{DB1CA9A9-6A83-4ED4-A783-491847191D4B}C:\program files\ubisoft\heroes 3 complete\heroes3.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes 3 complete\heroes3.exe |
"UDP Query User{F5F59104-CF16-4AE7-943E-8F35ED2FE3C8}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{085A087C-8559-AC21-F988-9B885923B58B}" = CCC Help Japanese
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{17BDCAD2-39E2-A44B-CDCA-6854FA71421E}" = Catalyst Control Center Localization All
"{1D7DBD8E-4E22-B307-81F4-D55080B16FC7}" = ccc-utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2E0A8315-9A0B-4310-BD0A-14471A7CB69F}_is1" = MyFound_6.0.8.1
"{31D9C74D-CD7A-4215-B1E4-DF8099AEA997}" = Catalyst Control Center - Branding
"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{37D6F9FA-A5F2-3040-AF7B-78BE92957D89}" = CCC Help Thai
"{38CA1644-39F5-44EB-F200-DFC6C5E9C5A8}" = CCC Help Chinese Standard
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E92DCCC-A2F0-4C27-A5B9-B3B1A2143149}" = HP 3D DriveGuard
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D833CF3-A3AE-2863-584B-3AD3A0D70981}" = CCC Help Russian
"{52AD35F5-FDA6-6E74-27E4-5EC2BD8A8B29}" = CCC Help Korean
"{52B24A16-729C-BDB9-D921-01556B19283D}" = CCC Help Greek
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{565AEE5D-35E5-0A21-02E2-3DC8CEA652FB}" = Catalyst Control Center Graphics Light
"{57115A63-203E-8864-8951-4D5864D23956}" = CCC Help Norwegian
"{572964E9-BE64-1F57-B672-4D2B7595FAA1}" = Catalyst Control Center Graphics Full Existing
"{5932A5C4-BB44-4CFB-AD66-1B826F4D788B}" = CDBurnerXP
"{5AE47629-FA38-4747-4CEA-1DD2983FA8BF}" = CCC Help German
"{5E984B44-B441-5361-B00B-91441EE7B5B4}" = CCC Help English
"{602C75D1-0C09-D216-D83D-F3126AC24A27}" = CCC Help French
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B20C1C7-2766-DDB8-A02E-D6F9C7341864}" = CCC Help Finnish
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7EFEE754-EA7D-A79B-8DDA-65CADCAF1AB4}" = Catalyst Control Center InstallProxy
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7FFAA34E-0AA6-BF03-D37C-7AC5C380CF2F}" = CCC Help Chinese Traditional
"{805F8590-510E-74AD-FC88-ADE4224B8854}" = CCC Help Polish
"{812C7541-3C7C-4E24-99A5-3785EB2A5C40}" = HP ESU for Microsoft Windows 7
"{853403A9-70A9-2C60-9E74-67BDC650E820}" = Catalyst Control Center Core Implementation
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A75B387-6A34-7FBE-3512-89809AF89524}" = CCC Help Hungarian
"{8BF806C4-2D77-4F67-8435-D4BDCEB665A8}_is1" = Governor of Poker 2 Premium Edition v1.0 Multi
"{8F0EDF80-31C2-FA10-DEE8-BD435A5F7D61}" = ATI Catalyst Install Manager
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9E4FC4A7-E9E1-1EF1-104B-ECFB738A1824}" = CCC Help Italian
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{9EE30AB4-1D07-7C32-106D-7AE7CEEFD1EC}" = CCC Help Spanish
"{A45AF5E2-3648-EA45-2A62-C3EA975D57D9}" = Catalyst Control Center Graphics Full New
"{A657B744-4F40-6973-D177-5FD028712702}" = ccc-core-static
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AC76BA86-7AD7-2448-0000-A00000000003}" = Chinese Traditional Fonts Support For Adobe Reader X
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{BA728FCC-0B8C-6F7F-B29C-583829D1E8BB}" = CCC Help Dutch
"{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C28422FB-F2CD-427A-ADED-9F281745CDB2}" = Secure Download Manager
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{D796ABCD-73D4-F18D-CF80-9BA1BE403933}" = CCC Help Swedish
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E48D0275-B2E0-C879-4B86-506757A16DC7}" = CCC Help Turkish
"{E9B0164A-27EA-4C31-5526-867C6882B60D}" = CCC Help Czech
"{EA891D60-C20D-03C4-88CB-E4597A1753AA}" = CCC Help Portuguese
"{EDFB64A7-5BFD-4137-943D-5663149A15F5}" = Heroes of Might and Magic III Complete
"{F1100000-0008-0000-0001-074957833700}" = ABBYY FineReader 11
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F3818CCA-B7E4-2B53-F86E-2D4F195F66F3}" = CCC Help Danish
"{FA200000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 2.0
"{FFFE7261-2318-4227-B827-E9E05E16DFE5}" = CorelDRAW Graphics Suite X4 - Lang CZ
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AvaCam_is1" = AvaCam v1.1
"BSPlayerf" = BS.Player FREE
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
"DAEMON Tools Lite" = DAEMON Tools Lite
"EAGLE 6.1.0" = EAGLE 6.1.0
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Farm Frenzy 2" = Farm Frenzy 2
"Fences" = Fences
"Google Chrome" = Google Chrome
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"InstallShield_{BE1A2C04-6F14-4A16-B290-003769418AD9}" = ROUTE 66 Sync
"InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}" = Heroes of Might and Magic III Complete
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.4.0 (Basic)
"MatlabR2010b" = MATLAB R2010b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"Mozilla Thunderbird 12.0.1 (x86 cs)" = Mozilla Thunderbird 12.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1
"Network Play System (Patching)" = Network Play System (Patching)
"Nokia Suite" = Nokia Suite
"OpenSSL_is1" = OpenSSL 0.9.8e
"Pak Audio Converter1.0" = Pak Audio Converter
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PSPad editor_is1" = PSPad editor
"QIP Infium JadrisPack 5.3.1b" = QIP Infium JadrisPack 5.3.1b
"Rainlendar2" = Rainlendar2 (remove only)
"Registrace uživatele zařízení Canon MP560 series" = Registrace uživatele zařízení Canon MP560 series
"Shockwave" = Shockwave
"SpeedFan" = SpeedFan (remove only)
"Steam App 50130" = Mafia II
"Steam App 550" = Left 4 Dead 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Sims" = The Sims
"Tomb Raider - The Lost Artifact" = Tomb Raider - The Lost Artifact
"Tomb Raider III" = Tomb Raider III
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.1
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1094954035-2023778115-2423788019-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"Advanced Archive Password Recovery" = Advanced Archive Password Recovery
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2.6.2012 12:38:07 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 2.6.2012 12:38:10 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 2.6.2012 12:38:25 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 2.6.2012 12:51:56 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 2.6.2012 12:51:56 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 2.6.2012 12:51:56 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 2.6.2012 12:51:57 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 2.6.2012 12:51:57 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 2.6.2012 12:51:57 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 2.6.2012 12:51:57 | Computer Name = PólBulva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

[ OSession Events ]
Error - 2.1.2012 17:16:15 | Computer Name = PólBulva-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 17071 seconds with 900 seconds of active time. This session ended with a
crash.

Error - 3.4.2012 17:00:47 | Computer Name = PólBulva-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 500
seconds with 180 seconds of active time. This session ended with a crash.

Error - 24.4.2012 13:19:44 | Computer Name = PólBulva-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8544
seconds with 3360 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 27.5.2012 3:50:12 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 27.5.2012 3:58:09 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 27.5.2012 5:48:13 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 27.5.2012 5:49:10 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 27.5.2012 6:34:08 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 27.5.2012 9:27:21 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 27.5.2012 11:21:20 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 27.5.2012 11:41:55 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 27.5.2012 11:41:56 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 27.5.2012 11:41:56 | Computer Name = PólBulva-PC | Source = atikmdag | ID = 43029
Description = Display is not active


< End of report >

[PolBulva]

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 SP1 [6.1 Build 7601] (x86)
Date : 2012/06/03 18:24:06

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- WDC WD3200BEVT-60ZCT1 ATA Device
+ ATA Channel 1 (1) [ATA]
- Optiarc DVD RW AD-7561S ATA Device
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ A5AHO5GD IDE Controller [SCSI]
- XSLGXIT ZWPAB81YN SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-60ZCT1 : 320.0 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD3200BEVT-60ZCT1
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-60ZCT1
Firmware : 13.01A13
Serial Number : WD-WXE109RK2762
Disk Size : 320.0 GB (8.4/137.4/320.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 9140 hod.
Power On Count : 2749 krát
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 187 185 _21 000000000672 Čas na roztočení ploten
04 _98 _98 __0 000000000B86 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _88 _88 __0 0000000023B4 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000ABD Počet cyklů zapnutí zařízení
BB 100 _10 __0 0000000000B0 Ohlášeno neopravitelných chyb
BC 100 _66 __0 000F000F026F Časový limit příkazu
BE _64 _38 _40 000000000024 Teplota toku vzduchu
C0 200 200 __0 000000000148 Počet vypnutí disku
C1 169 169 __0 0000000171AA Počet cyklů načítání/vymazání
C2 111 _85 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 58 45 31
020: 30 39 52 4B 32 37 36 32 00 00 40 00 00 32 31 33
030: 2E 30 31 41 31 33 57 44 43 20 57 44 33 32 30 30
040: 42 45 56 54 2D 36 30 5A 43 54 31 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 0D 06 00 00 00 4C 00 40
0A0: 01 FE 00 00 70 6B 7C 09 61 23 70 69 BC 09 61 23
0B0: 01 3F 00 33 00 33 00 80 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 EA B0 25 42 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E2 57 E5 71 40
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 14
0F0: 40 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 9E 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 15 18 00 00 00 00 00 00 00 00 10 0E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B6 A5

[Márty84]

Jeste pockam na ten MBAM

[PolBulva]

Jeste pockam na ten MBAM

Jo, tak to si pockame ale ne, uz to vypada ze to finishuje

[Márty84]

Tak to tu pak mrsknete, zitra napisu postup. Dnes se uz k pc nedostanu

[PolBulva]

Tak to tu pak mrsknete, zitra napisu postup. Dnes se uz k pc nedostanu

Jo, dekuju moc zatim:-)

[PolBulva]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.03.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Pól Bulva :: PÓLBULVA-PC [administrátor]

Ochrana: Povolena

3.6.2012 18:27:25
mbam-log-2012-06-04 (03-05-15).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 599297
Uplynulý čas: 2 hodin, 35 minut, 22 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Program Files\QIP Infium JadrisPack\QIP Infium JadrisPack.exe (Trojan.Downloader) -> Žádná instrukce nebyla provedena.

(konec)

[Márty84]

Tento soubor C:\Program Files\QIP Infium JadrisPack\QIP Infium JadrisPack.exe otestujte na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledek oznamte, nebo zkopirujte odkaz.



Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem otl)

Kód: Vybrat vše

:otl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1094954035-2023778115-2423788019-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1094954035-2023778115-2423788019-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1094954035-2023778115-2423788019-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109989&babsrc=SP_ss&mntrId=3cbd89dd000000000000002100c261db
IE - HKU\S-1-5-21-1094954035-2023778115-2423788019-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/?source=c3348dd4&tbp=rbox&q={searchTerms}
[2010.08.28 16:04:38 | 000,001,624 | ---- | M] () -- C:\Users\Pól Bulva\AppData\Roaming\Mozilla\Firefox\Profiles\48xzbd0j.default\searchplugins\bing.xml
[2012.05.31 22:51:19 | 000,001,018 | ---- | M] () -- C:\Users\Pól Bulva\AppData\Roaming\Mozilla\Firefox\Profiles\48xzbd0j.default\searchplugins\facebook.xml
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2012.06.02 18:33:13 | 000,636,646 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.06.02 18:33:13 | 000,621,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.02 18:33:13 | 000,124,104 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.06.02 18:33:13 | 000,108,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.03.16 14:28:19 | 000,000,000 | ---D | M] -- C:\Users\Pól Bulva\AppData\Roaming\Babylon
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2012.06.02 04:14:28 | 000,002,896 | ---- | M] () -- \Windows\System32\Tasks\AutoKMS

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[Purity]
[EMPTYFLASH]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[PolBulva]

http://virusscan.jotti.org/cs/scanresul ... 9c75df2b08

[PolBulva]

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-1094954035-2023778115-2423788019-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1094954035-2023778115-2423788019-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1094954035-2023778115-2423788019-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1094954035-2023778115-2423788019-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
C:\Users\Pól Bulva\AppData\Roaming\Mozilla\Firefox\Profiles\48xzbd0j.default\searchplugins\bing.xml moved successfully.
C:\Users\Pól Bulva\AppData\Roaming\Mozilla\Firefox\Profiles\48xzbd0j.default\searchplugins\facebook.xml moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
File/Folder C:\Windows\System32\*.tmp not found.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
C:\Users\Pól Bulva\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2339.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP299F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3942.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5293.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6197.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP669E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB848.tmp\Microsoft.PowerShell.GraphicalHost.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB848.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF420.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF6B.tmp\MIGUIControls.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF6B.tmp folder deleted successfully.
C:\Windows\Installer\MSI3EF1.tmp deleted successfully.
C:\Windows\Installer\MSI555D.tmp deleted successfully.
C:\Windows\Installer\MSID048.tmp deleted successfully.
C:\Windows\Installer\MSIF393.tmp deleted successfully.
File move failed. \Windows\System32\Tasks\AutoKMS scheduled to be moved on reboot.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: matlab
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: Public

User: Pól Bulva
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 102830 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 294383255 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 3272 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10630 bytes
Session Manager Temp folder emptied: 16090706 bytes
Session Manager Tmp folder emptied: 3512976 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 300,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: matlab

User: Public

User: Pól Bulva
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.45.0 log created on 06042012_183726

Files\Folders moved on Reboot...
File move failed. \Windows\System32\Tasks\AutoKMS scheduled to be moved on reboot.
File\Folder c:\temp\etilqs_Le8w38lGUPO1yhTkvVev not found!
File\Folder c:\temp\etilqs_QHJyEbrtaboeFvaJs8qS not found!

Registry entries deleted on Reboot...

[Márty84]

No, zadny z tech lepsich AV nehlasi infekci Pouzivate to? Myslim ten C:\Program Files\QIP Infium JadrisPack\QIP Infium JadrisPack.exe
Jestli to nepouzivate, radeji bych to smazal.


Jinak OTL provedlo co melo. Co pocitac, nastala nejaka zmena?

[PolBulva]

Jo, pouzivam qip...No hreje to porad dost, ale to bude mozna vetrakem, cistil jsem ho, ale asi uz bude mit to nejlepsi za sebou...

[Márty84]

Jake teploty pise speedfan?

A CPU uz je v norme?

[PolBulva]

HD0:40C
Temp1:28C
Temp2:60C
Temp3:62C
Temp4:60C
Temp5:53C
Temp6:54C
Core0:66C
Core1:60C
CPU je tak na 30%

[Márty84]

Spustte spravce uloh, kliknete na zalozku Procesy, nechte si zobrazit Procesy vsech uzivatelu a podivejte se, ktery proces zatezuje CPU nejvice. A bud mi je tu vypiste, nebo sem dejte obrazek. Pokracovani zase az zitra. Pracovni povinnosti