Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Win32/FastSaveApp a Hack Tool/win32 Keygen

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#16 Příspěvek od pego »

\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[10].gif
[2012/11/06 09:17:14 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[11].gif
[2012/10/26 12:10:02 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[1].gif
[2012/10/26 12:11:43 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[2].gif
[2012/10/26 16:07:35 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[3].gif
[2012/10/26 16:08:29 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[4].gif
[2012/10/31 11:06:35 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[5].gif
[2012/11/01 11:19:55 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[6].gif
[2012/11/02 08:25:36 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[7].gif
[2012/11/02 08:53:19 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[8].gif
[2012/11/05 08:34:49 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bg[9].gif
[2012/11/05 11:41:37 | 000,004,781 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\loader-anim[1].png
[2012/11/05 11:41:36 | 000,000,081 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\loader-bg[1].png
[2013/02/12 17:24:44 | 000,004,781 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ARLMUDM0\loader-anim[1].png
[2013/01/02 15:56:45 | 000,008,787 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N04JWXNZ\ajax-loader[1].gif
[2013/01/02 10:21:29 | 000,000,196 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N04JWXNZ\jquery.loader[1].js
[2013/02/12 17:24:44 | 000,000,967 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N04JWXNZ\loader-small[1].gif
[2012/10/29 14:05:48 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OLOCYZ86\ajax-preloader-bg[1].gif
[2012/10/29 14:06:25 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OLOCYZ86\ajax-preloader-bg[2].gif
[2012/11/06 09:04:08 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OLOCYZ86\ajax-preloader-bg[3].gif
[2012/11/06 09:24:09 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OLOCYZ86\ajax-preloader-bg[4].gif
[2012/11/06 10:55:19 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OLOCYZ86\ajax-preloader-bg[5].gif
[2012/11/01 11:24:44 | 000,000,000 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OLOCYZ86\condflashloader[1].js
[2012/11/05 11:41:36 | 000,000,967 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OLOCYZ86\loader-small[1].gif
[2012/10/29 17:49:44 | 000,000,673 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OLOCYZ86\loader.white[1].gif
[2012/10/26 16:01:09 | 000,002,868 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OLOCYZ86\rmsloaderdelayed[1].js
[2013/02/12 17:24:44 | 000,000,081 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S282IWHF\loader-bg[1].png
[2013/03/13 08:41:12 | 000,008,043 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S282IWHF\loader-big2[1].gif
[2013/03/13 08:41:12 | 000,005,233 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S282IWHF\loader-logo[2].png
[2013/03/13 08:42:02 | 000,001,737 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S282IWHF\loader1[1].gif
[2013/02/12 17:24:44 | 000,009,461 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S282IWHF\loader[1].gif
[2012/10/26 12:11:51 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SGQJWUH0\ajax-preloader-bg[1].gif
[2012/10/30 18:13:21 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SGQJWUH0\ajax-preloader-bg[2].gif
[2012/11/01 11:05:17 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SGQJWUH0\ajax-preloader-bg[3].gif
[2012/11/02 08:26:08 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SGQJWUH0\ajax-preloader-bg[4].gif
[2012/11/05 08:32:35 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SGQJWUH0\ajax-preloader-bg[5].gif
[2012/11/06 08:58:56 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SGQJWUH0\ajax-preloader-bg[6].gif
[2012/11/06 09:09:46 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SGQJWUH0\ajax-preloader-bg[7].gif
[2012/11/06 09:10:51 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SGQJWUH0\ajax-preloader-bg[8].gif
[2012/10/28 15:11:56 | 000,002,756 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SGQJWUH0\RmsLoader[1].js
[2013/02/11 16:17:41 | 000,384,680 | ---- | M] () -- \Users\Petr\Downloads\SoftonicDownloader_for_quicktime.exe
[2013/03/03 15:41:40 | 000,021,364 | ---- | M] () -- \Windows.old\Users\All Users\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2013/03/03 15:41:42 | 000,003,916 | ---- | M] () -- \Windows.old\Users\All Users\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2013/03/03 15:41:33 | 000,004,554 | ---- | M] () -- \Windows.old\Users\All Users\MGS\cache\l\lobby_loader.6f978e858297c4628fa6d767f5f57512.inf
[2013/03/03 15:41:33 | 000,000,424 | ---- | M] () -- \Windows.old\Users\All Users\MGS\cache\l\lobby_loader.aa37a7aedcb3569a6ae8cb03167869da.inf
[2012/10/26 15:55:00 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013/02/28 16:44:35 | 000,087,430 | ---- | M] () -- \Windows\Prefetch\NCDOWNLOADER.EXE-F3DAF099.pf
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2013/03/18 08:42:28 | 000,003,528 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader
[2012/07/26 07:05:26 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2012/07/26 09:05:16 | 000,004,654 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_2fed7a8ace703ed6.manifest
[2012/07/26 09:05:16 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_2fed7a8ace703ed6_winload.efi.mui_35ee487d
[2012/07/26 09:05:16 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_2fed7a8ace703ed6_winload.exe.mui_3bc5b827
[2012/07/26 09:05:16 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_2fed7a8ace703ed6_winresume.efi.mui_f412814e
[2012/07/26 09:05:16 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_2fed7a8ace703ed6_winresume.exe.mui_ff8b5358
[2012/11/19 10:13:10 | 000,005,804 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_5806d74b3de5fd24.manifest
[2012/11/19 10:13:10 | 001,166,720 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_5806d74b3de5fd24_winload.efi_75834aa0
[2012/11/19 10:13:11 | 001,063,936 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_5806d74b3de5fd24_winload.exe_75835076
[2012/11/19 10:13:11 | 001,034,976 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_5806d74b3de5fd24_winresume.efi_85cd069f
[2012/11/19 10:13:11 | 000,939,424 | ---- | M] () -- \Windows\WinSxS\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_5806d74b3de5fd24_winresume.exe_85cd1215
[2012/07/26 07:52:25 | 000,000,592 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2012/07/26 09:03:05 | 000,004,654 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_2fed7a8ace703ed6.manifest
[2012/07/26 04:48:01 | 000,005,804 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16384_none_57d1c6133e0da509.manifest
[2012/09/20 07:31:48 | 000,005,804 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16420_none_580ea6593de0952e.manifest
[2012/10/11 07:19:31 | 000,005,804 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_5806d74b3de5fd24.manifest
[2012/09/20 07:44:52 | 000,005,804 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20521_none_5899436e56fd4e4f.manifest
[2012/10/11 07:41:47 | 000,005,804 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20534_none_589174605702b645.manifest
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_429f27d26109941b\dmloader.dll
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-stringloader-l1-1-0.dll

========== Files - Unicode (All) ==========
[2013/02/25 09:26:45 | 000,000,693 | ---- | M] ()(C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows Store\Cache Medium IL\0\0-DiscoveryForLicensing-https???go.microsoft.com?fwlink??LinkID=254853&clcid=0x409.dat) -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows Store\Cache Medium IL\0\0-DiscoveryForLicensing-https∺∯∯go.microsoft.com∯fwlink∯∿LinkID=254853&clcid=0x409.dat
[2012/11/16 12:33:02 | 001,122,243 | ---- | C] ()(C:\Users\Petr\Documents\Manu?l 10 krok?, jak si s platem zam?stnance zajistit finan?n? nez?vislost.pdf) -- C:\Users\Petr\Documents\Manu�l 10 krok�, jak si s platem zam�stnance zajistit finan�n� nez�vislost.pdf
[2012/11/16 12:32:22 | 001,122,243 | ---- | M] ()(C:\Users\Petr\Documents\Manu?l 10 krok?, jak si s platem zam?stnance zajistit finan?n? nez?vislost.pdf) -- C:\Users\Petr\Documents\Manu�l 10 krok�, jak si s platem zam�stnance zajistit finan�n� nez�vislost.pdf

< End of report >
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#17 Příspěvek od pego »

a ted ten druhOTL Extras logfile created on: 18. 3. 2013 17:18:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16519)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

2,94 Gb Total Physical Memory | 1,63 Gb Available Physical Memory | 55,55% Memory free
4,37 Gb Paging File | 2,01 Gb Available in Paging File | 46,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 178,50 Gb Total Space | 128,31 Gb Free Space | 71,88% Space Free | Partition Type: NTFS

Computer Name: PETR | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B0B375F-3525-42FD-9614-5B019A71BF4D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E4CBDA2-577C-478C-88C4-FB692D0DF0CA}" = rport=139 | protocol=6 | dir=out | app=system |
"{19C7C277-D2B0-4675-820C-D1CBEFD497CB}" = lport=445 | protocol=6 | dir=in | app=system |
"{1C8EBADE-8C5C-479A-9852-F228F89B1CAA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2784B9EA-842F-4DF9-B2AB-F4CF2A5BD47E}" = rport=445 | protocol=6 | dir=out | app=system |
"{3CFAE4F5-C55D-427F-BBCC-40C925FB89EA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3DF022AD-5987-4D48-91CC-4AFEFC5F705D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3FA246D3-3411-4AE8-A0C6-1684728E1AF7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{41E08F9C-C288-402F-A0C5-558B4320206C}" = rport=138 | protocol=17 | dir=out | app=system |
"{512D79DA-72E5-4283-BB3E-4771E618075A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{57A96718-2C23-4A93-BF8E-04BFA5E19457}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{83E87EF4-5D44-4A54-87B2-8B32C395E5AF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C1778F2-2D47-4BF6-A09A-C6258BD40162}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1231D30-D55E-4906-BCB9-79D88AD09BE6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A2570C3E-7422-4649-85B6-BBE6B39BA946}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AAE91FE1-41BF-4A56-A954-11CBEEEA21AF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B918FF08-E6B0-4FAB-BC58-B1F4FAAEC8B6}" = lport=139 | protocol=6 | dir=in | app=system |
"{BFA52297-6A87-495F-85FC-4B0A8CE10674}" = lport=138 | protocol=17 | dir=in | app=system |
"{D75B0406-9A14-459A-97CD-3736F60632F1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E59677AD-5C0C-4993-BACF-375439D14F6D}" = lport=137 | protocol=17 | dir=in | app=system |
"{E634C85F-7531-4001-BCFF-78A3E7CE74CA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6CB1934-5926-4B48-AE32-B1E505253937}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED180CC0-7367-47B0-8F26-F071013A15A2}" = rport=137 | protocol=17 | dir=out | app=system |
"{F1879C51-E9A0-432B-820C-2F742B656C48}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EBD123-6569-4058-B0E6-24FDBBCB0A5C}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{0535A8C5-9003-4A1C-B827-27BB1C94A502}" = dir=out | name=currency converter |
"{0599AF12-5272-45A8-9354-76454F02F804}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{06CCAA94-BE0F-4D46-AC44-CF435A04BBBF}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{12BEC320-EE96-4515-B5DC-FD5A060DF987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{16B390F4-71AC-4932-8ECF-579385B182C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18E7B543-6E5E-480A-8367-DE59183D4BD5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2BFE7DF8-1B24-42F2-9D42-6397BB7ADC30}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{30D586CD-4D21-4496-8528-C833F080BFA8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3147152F-8FDE-420B-AE47-4E7FD549BD1E}" = dir=in | name=currency converter |
"{31F886B4-010B-49ED-B95F-5926E5D20669}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{350BA9B9-A842-4C76-B4E1-A911D969A7C2}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{378807C1-ACF2-4B78-8D39-8F155C548E51}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{3819B6FB-44B6-443D-BA8A-E2DE096AA958}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3AE2224A-51BE-485C-A5B7-D3C36908327E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{3EF0697E-C6C8-4747-9BCA-160757D7AFEE}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{4AFF7990-2CCE-456A-A598-12D36429B951}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{4FBF8382-B848-4274-965A-FCD29E8F2FE5}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{639A4FD7-7FB7-421F-8209-8573AD83C08B}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{663B5DA1-7AD3-4688-9C40-7984567579CF}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{67A2B4DC-EA4B-417B-9AAA-44514EAE2102}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{6E12A6FF-6336-4932-90BB-78E9F1E0F95A}" = protocol=6 | dir=out | app=system |
"{752B15D1-FF5D-40C9-B2BA-E2CB44871CD3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{77C2D87D-0E8C-482E-A214-64BC5D93F597}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{7A030E7A-DBF9-454C-98BD-8136B4373911}" = dir=out | name=@{microsoft.bingweather_1.5.1.245_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{7BE2C78E-0196-4A04-83D7-B5B305352593}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{7BE374F0-DA9E-4710-99BA-7D2C27ACE11B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8069530D-4101-4BE3-A41A-4703244A5166}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{810C6473-324F-40C7-9F5C-52CFC5433C4D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{8DBAD275-E0BF-4F8E-AA4B-EBF160CEFAE5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92DDC15B-A964-4574-B28B-68FF09B67C65}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{96C85D98-9127-4530-8C62-C092AC056043}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{99886B19-683F-409F-84E5-95CB9039291B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{99C9B759-0C79-4F16-B9F6-024F3F7B15E6}" = dir=out | name=@{microsoft.bing_1.5.1.251_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{9C48A59D-47B4-416A-8CE8-3BC1909E9270}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{B3897672-D320-4741-9D60-338FB14F8FD4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{B46C195A-B29B-4EAD-A76C-EF2FD41A2FDF}" = dir=out | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{B4819A59-774E-4CC7-9CE0-6343B2E8F563}" = dir=out | name=@{microsoft.bingfinance_1.5.1.406_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{B61C98D4-0FCF-43F6-AEC1-CE2FD7FD054B}" = dir=in | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{B7FA6B26-DDB7-4970-800F-AE7A87B6E275}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{BA46AD6A-824A-463B-B5C4-3AB404B54D34}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BF3364EE-E4E5-4317-A99D-6A0C9A255FAA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C772469D-363F-46C5-A06F-24DF668C59B6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CA8145D3-144F-4A45-AD12-9ED256B4D522}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CBE36A52-1B57-4890-BFEA-81BEE7A568F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE232946-8793-42E3-B8AB-0CAA9F964FBC}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{D5FC7FCD-149D-47A5-B323-317F7F7488F4}" = dir=out | name=music maker jam |
"{D93188DE-935E-4202-97A9-A11F6374E3AC}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{DC3120DA-2DA8-4714-8313-F86828512DAB}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{DE971540-697A-4775-A283-F06C26207B3A}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{DECDE707-6D41-4A24-8428-3DE393784DCA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{E253C732-B30F-490B-9AB4-09A0DB5BD626}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E2BF7781-452E-4317-B9B5-40CD8D6DC769}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{E87C4EB6-6F4C-4E7F-8385-633B5F0CA2DD}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E9E0FEBF-9461-4DA8-9C94-82E56C3E9314}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{E9F9BD91-ADD9-4816-899C-519042934F4D}" = dir=in | name=music maker jam |
"{EDEDC0B4-C761-4E23-8115-2EEA5955C36E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EED8C9E5-29D1-4E3F-B892-83E21F9F07F2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F41AFA0C-7123-4D37-8899-367E0F9E045C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{F6CB90B2-D056-4669-925B-7E8B3C875EA0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FBD44E02-0E51-4131-93E9-259DD0260336}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{FC6A581E-29F7-46F5-8F3D-B96A2BFCCEA9}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{FEBA8976-6DE5-476B-B9BE-83BA674100C5}" = dir=out | name=skyscanner |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{1A1BD41E-9854-4957-8959-F9559A8862A7}" = Corel VideoStudio Pro X5
"_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6
"_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{0084B0C3-F376-42E3-804A-885D249282BD}" = CorelDRAW Graphics Suite X6 - IPM
"{02A388E1-5998-453A-ADF1-823BFB0EAAAE}" = bpd_scan
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1A1BD41E-9854-4957-8959-F9559A8862A7}" = ICA
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{227AFB09-38DE-4F3E-862E-906FC735FC71}" = BPDSoftware
"{25D69CEE-3EE2-47FD-9A0E-5013240EC953}" = CorelDRAW Graphics Suite X6 - Common
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2D7F5A88-C877-4713-8B3A-6ACBF06B62BE}" = BPDSoftware_Ini
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{318FF3D7-0C40-483B-AF92-AF36416B0AC6}" = CorelDRAW Graphics Suite X6 - Writing Tools
"{3A3C3F59-4BA4-4DE1-896F-FEB6C5014E7E}" = L7400
"{49BE00D7-9144-43ED-B18D-D75D1336ACF8}" = 7400_Help
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6 - Setup Files
"{579CA850-B2C3-43F3-A3F6-3A0AE42E8225}" = CorelDRAW Graphics Suite X6 - FontNav
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5BB655D4-07D7-45E3-B852-FF869EA628A1}" = VSPro
"{603C6570-2BA1-4FC6-8735-7EFA6D1F6F61}" = CorelDRAW Graphics Suite X6 - Custom Data
"{62BEC144-7029-4BF4-B3F2-FA231FB9F84B}" = CorelDRAW Graphics Suite X6 - Redist
"{66C70B5F-730F-4C5D-9FC5-8E56D0FE7D53}" = IPM_VS_Pro
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6A6F7B28-E178-47AC-8654-A654ADA6C777}" = VSHelp
"{6F53FB68-6620-423E-B7CD-B8205655B421}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74FA94F1-9566-4252-9372-E7EAFFEFE209}" = CorelDRAW Graphics Suite X6 - Capture
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A2FF332-E4F6-4D87-9EBD-EDFF1216490F}" = CorelDRAW Graphics Suite X6 - Filters
"{7C4B297D-0F5D-4D0F-8C5E-1E4BA5D7674B}" = I.CA SecureStore 2.17.1
"{7CCD75BD-5528-4FE1-90D2-392D661A2BF1}" = CorelDRAW Graphics Suite X6 - VSTA
"{7D68F010-98D8-4817-BE76-AE501A6684ED}" = HP OfficeJet L7400 Series 14.0 Rel. 6
"{7F9F6864-8CAB-440C-AF44-030D0135666D}" = CorelDRAW Graphics Suite X6
"{879E2460-18F9-48F2-B736-4E814A699504}" = CorelDRAW Graphics Suite X6 - VBA
"{8A4315D0-7814-4528-A805-058C5B442475}" = CorelDRAW Graphics Suite X6 - CZ
"{8AA4F966-EF4B-44D8-99AA-C4EA93B46863}" = VSClassic
"{8BD3AFAF-636E-4516-A7E8-D57CCDBE28B8}" = GemPcCCID
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EFFE308-1169-4194-9E10-5569D7ECF5E5}" = ProductContext
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A8887C7B-0BCC-4FBF-BCEB-9BB4D4B14999}" = Setup
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Czech
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{BAB89D31-4C55-472B-8909-6CBE2CC276B1}" = Microsoft Visual Basic for Applications 7.1 (x86) English
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE7785D6-045F-44FB-A1E4-3FA555874415}" = pdfforge Toolbar v7.0
"{C5262276-0075-498B-B80F-7D997482E4DB}" = CorelDRAW Graphics Suite X6 - Draw
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CA486743-5F44-40D5-A38B-77911FB27579}" = Contents
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D4A17D31-2F7B-4682-AD57-467021452909}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin
"{D4EFC6B7-3DA5-400D-9682-9BE287A5440E}" = CorelDRAW Graphics Suite X6 - Connect
"{DB27B1CA-A19D-4253-81C4-70968CBA1F0E}" = MPM
"{DCDC6934-7428-489E-8651-90B53191488B}" = ISCOM
"{DDFEB503-D662-4224-82C9-37A5698FDC25}" = CorelDRAW Graphics Suite X6 - VideoBrowser
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}" = LanguageLab
"{EEBEF66A-70FD-4DF6-B173-82D07E61853E}" = Share
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"MetaTrader 4 Admiral Markets AS" = MetaTrader 4 Admiral Markets AS
"Mozilla Firefox 16.0.2 (x86 cs)" = Mozilla Firefox 16.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Qlock" = Qlock Lite
"Shop for HP Supplies" = Shop for HP Supplies
"VLC media player" = VLC media player 2.0.5
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13. 3. 2013 14:50:58 | Computer Name = Petr | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vstudio.exe, verze: 15.0.0.0, časové razítko:
0x4f17287b Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16420, časové razítko:
0x505aaace Kód výjimky: 0xc0000005 Posun chyby: 0x00024f29 ID chybujícího procesu:
0xebc Čas spuštění chybující aplikace: 0x01ce201bad6b234c Cesta k chybující aplikaci:
C:\Program Files\Corel\Corel VideoStudio Pro X5\vstudio.exe Cesta k chybujícímu
modulu: C:\WINDOWS\SYSTEM32\ntdll.dll ID zprávy: f0e6be7e-8c0e-11e2-afc8-0018f3f5dab5
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 14. 3. 2013 3:52:50 | Computer Name = Petr | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vstudio.exe, verze: 15.0.0.0, časové razítko:
0x4f17287b Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16420, časové razítko:
0x505aaace Kód výjimky: 0xc0000005 Posun chyby: 0x00024f29 ID chybujícího procesu:
0x15f0 Čas spuštění chybující aplikace: 0x01ce2088e9959ebd Cesta k chybující aplikaci:
C:\Program Files\Corel\Corel VideoStudio Pro X5\vstudio.exe Cesta k chybujícímu
modulu: C:\WINDOWS\SYSTEM32\ntdll.dll ID zprávy: 2ad8fe63-8c7c-11e2-afc9-0018f3f5dab5
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 14. 3. 2013 4:31:56 | Computer Name = Petr | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vstudio.exe, verze: 15.0.0.0, časové razítko:
0x4f17287b Název chybujícího modulu: MSVCR90.dll, verze: 9.0.30729.6871, časové
razítko: 0x4fee6073 Kód výjimky: 0xc0000417 Posun chyby: 0x00042db4 ID chybujícího
procesu: 0x15f0 Čas spuštění chybující aplikace: 0x01ce2088e9959ebd Cesta k chybující
aplikaci: C:\Program Files\Corel\Corel VideoStudio Pro X5\vstudio.exe Cesta k chybujícímu
modulu: C:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\MSVCR90.dll
ID
zprávy: a0d3765d-8c81-11e2-afc9-0018f3f5dab5 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 14. 3. 2013 4:32:10 | Computer Name = Petr | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vstudio.exe, verze: 15.0.0.0, časové razítko:
0x4f17287b Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16420, časové razítko:
0x505aaace Kód výjimky: 0xc0000005 Posun chyby: 0x00024f29 ID chybujícího procesu:
0xe4 Čas spuštění chybující aplikace: 0x01ce208e6a3da87c Cesta k chybující aplikaci:
C:\Program Files\Corel\Corel VideoStudio Pro X5\vstudio.exe Cesta k chybujícímu
modulu: C:\WINDOWS\SYSTEM32\ntdll.dll ID zprávy: a9246990-8c81-11e2-afc9-0018f3f5dab5
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 14. 3. 2013 4:34:12 | Computer Name = Petr | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vstudio.exe, verze: 15.0.0.0, časové razítko:
0x4f17287b Název chybujícího modulu: MSVCR90.dll, verze: 9.0.30729.6871, časové
razítko: 0x4fee6073 Kód výjimky: 0xc0000417 Posun chyby: 0x00042db4 ID chybujícího
procesu: 0xe4 Čas spuštění chybující aplikace: 0x01ce208e6a3da87c Cesta k chybující
aplikaci: C:\Program Files\Corel\Corel VideoStudio Pro X5\vstudio.exe Cesta k chybujícímu
modulu: C:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\MSVCR90.dll
ID
zprávy: f25aad2e-8c81-11e2-afc9-0018f3f5dab5 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 14. 3. 2013 4:35:08 | Computer Name = Petr | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vstudio.exe, verze: 15.0.0.0, časové razítko:
0x4f17287b Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16420, časové razítko:
0x505aaace Kód výjimky: 0xc0000005 Posun chyby: 0x00024f29 ID chybujícího procesu:
0x9c4 Čas spuštění chybující aplikace: 0x01ce208ed48b6af6 Cesta k chybující aplikaci:
C:\Program Files\Corel\Corel VideoStudio Pro X5\vstudio.exe Cesta k chybujícímu
modulu: C:\WINDOWS\SYSTEM32\ntdll.dll ID zprávy: 1357fcda-8c82-11e2-afc9-0018f3f5dab5
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 14. 3. 2013 4:57:30 | Computer Name = Petr | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\HP\digital imaging\{7d68f010-98d8-4817-be76-ae501a6684ed}\setup\devinstanceeraser40.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 14. 3. 2013 10:08:39 | Computer Name = Petr | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vstudio.exe, verze: 15.0.0.0, časové razítko:
0x4f17287b Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16420, časové razítko:
0x505aaace Kód výjimky: 0xc0000005 Posun chyby: 0x00024f29 ID chybujícího procesu:
0x3e8 Čas spuštění chybující aplikace: 0x01ce20bd695c58b4 Cesta k chybující aplikaci:
c:\Program Files\Corel\Corel VideoStudio Pro X5\vstudio.exe Cesta k chybujícímu
modulu: C:\WINDOWS\SYSTEM32\ntdll.dll ID zprávy: ab2c0afc-8cb0-11e2-afc9-0018f3f5dab5
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 17. 3. 2013 12:00:46 | Computer Name = Petr | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\HP\digital imaging\{7d68f010-98d8-4817-be76-ae501a6684ed}\setup\devinstanceeraser40.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 17. 3. 2013 12:06:33 | Computer Name = Petr | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\HP\digital imaging\{7d68f010-98d8-4817-be76-ae501a6684ed}\setup\devinstanceeraser40.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ System Events ]
Error - 23. 2. 2013 11:46:08 | Computer Name = Petr | Source = DCOM | ID = 10010
Description =

Error - 6. 3. 2013 11:31:34 | Computer Name = Petr | Source = DCOM | ID = 10010
Description =

Error - 6. 3. 2013 11:31:34 | Computer Name = Petr | Source = DCOM | ID = 10010
Description =

Error - 6. 3. 2013 11:31:34 | Computer Name = Petr | Source = DCOM | ID = 10010
Description =

Error - 6. 3. 2013 11:31:34 | Computer Name = Petr | Source = DCOM | ID = 10010
Description =

Error - 10. 3. 2013 6:36:05 | Computer Name = Petr | Source = DCOM | ID = 10010
Description =

Error - 10. 3. 2013 6:36:05 | Computer Name = Petr | Source = DCOM | ID = 10010
Description =

Error - 14. 3. 2013 3:37:28 | Computer Name = Petr | Source = SCardSvr | ID = 610
Description =

Error - 14. 3. 2013 3:37:28 | Computer Name = Petr | Source = SCardSvr | ID = 610
Description =

Error - 14. 3. 2013 3:37:29 | Computer Name = Petr | Source = SCardSvr | ID = 610
Description =


< End of report >
ý :roll:
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#18 Příspěvek od vyosek »

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si= ... id=2938&q={searchTerms}
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA B6 1D CA 65 B3 CD 01 [binary data]
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\..\SearchScopes\{5CB0AEA3-8864-4567-8322-CA2086097877}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O4 - HKLM..\Run: [] File not found
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\Panther\*.tmp files -> C:\WINDOWS\Panther\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[4 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
[2012/11/19 13:57:20 | 000,004,334 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_39ff3685.exe
[2012/11/19 13:57:20 | 000,004,334 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_4b212431.exe
[2012/11/19 13:57:20 | 000,004,334 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_60b71bcc.exe
[2012/11/19 13:57:20 | 000,004,334 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_7406546d.exe

:files
c:\Users\Petr\AppData\Roaming\Microsoft\Windows\Recent\CorelDRAW-X5-CZ+Keygen+CZ-návod-jak-správně-instalovat!!!.lnk
c:\Windows\Prefetch\KEYGEN.EXE-61C8F9E8.pf
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#19 Příspěvek od pego »

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2934117812-3594515507-1608410286-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2934117812-3594515507-1608410286-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5CB0AEA3-8864-4567-8322-CA2086097877}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CB0AEA3-8864-4567-8322-CA2086097877}\ not found.
Registry key HKEY_USERS\S-1-5-21-2934117812-3594515507-1608410286-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\Panther\_s_5065.tmp deleted successfully.
C:\WINDOWS\Panther\_s_5C1A.tmp deleted successfully.
C:\WINDOWS\Panther\_s_6244.tmp deleted successfully.
C:\WINDOWS\System32\SET2056.tmp deleted successfully.
C:\WINDOWS\Temp\DMI1332.tmp deleted successfully.
C:\WINDOWS\Temp\TS_2B72.tmp deleted successfully.
C:\WINDOWS\Temp\TS_BB53.tmp deleted successfully.
C:\WINDOWS\Temp\TS_F3E7.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp114448954.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp160856101.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp246568958.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp254946713.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp deleted successfully.
C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_39ff3685.exe moved successfully.
C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_4b212431.exe moved successfully.
C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_60b71bcc.exe moved successfully.
C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_7406546d.exe moved successfully.
========== FILES ==========
c:\Users\Petr\AppData\Roaming\Microsoft\Windows\Recent\CorelDRAW-X5-CZ+Keygen+CZ-návod-jak-správně-instalovat!!!.lnk moved successfully.
c:\Windows\Prefetch\KEYGEN.EXE-61C8F9E8.pf moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Petr
->Temp folder emptied: 1337719549 bytes
->Temporary Internet Files folder emptied: 338227538 bytes
->Java cache emptied: 12405643 bytes
->FireFox cache emptied: 114585780 bytes
->Google Chrome cache emptied: 504548891 bytes
->Flash cache emptied: 2288 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32059831 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2 231,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Petr
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Petr
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03182013_205412

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#20 Příspěvek od vyosek »

Fajn, OTL nam udelalo co melo, jak se chova PC :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#21 Příspěvek od pego »

Pořád vyskakují reklamy...jinak asi dobrý..jsem amatér nejhrubšího zrna :D tak toho moc nepoznám.
Jinak moc moc děkuji
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#22 Příspěvek od pego »

Nějaký nápis zmodrá a vyskočí :happy: "vyhraj iPad" atd :x :D Jinak nevím jak to popsat :cry:
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#23 Příspěvek od vyosek »

Dejte mi sem prosim screen
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#24 Příspěvek od pego »

A jak a čeho :oops:
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#25 Příspěvek od pego »

Přihlásím se na nějakou stránku a nějaký nápis nebo obrázek zmodrá, najedu na něj myší a objeví se hláška, že vyhrávám třeba iPad ... :roll:
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#26 Příspěvek od vyosek »

Te hlasky, te reklamy - navod na screen http://forum.viry.cz/viewtopic.php?f=24&t=14114
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#27 Příspěvek od pego »

Zdravím,
tak se mi to konečně povedlo :happy:

http://imageshack.us/photo/my-images/80 ... zovky.jpg/

Ta červená šipka, nebo to modré "heslo". To zmodrání s odkazem se různě mění. Někdy po kliknutí na odkaz který se zdá správný se otevře okno např. nějaké kasíno a podobně.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#28 Příspěvek od vyosek »

:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
  • Provedte aktualizaci
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#29 Příspěvek od pego »

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.17.07

Windows 8 x86 NTFS
Internet Explorer 10.0.9200.16519
Petr :: PETR [administrátor]

19. 3. 2013 18:07:12
mbam-log-2013-03-19 (18-07-12).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 407448
Uplynulý čas: 1 hodin, 7 minut, 42 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#30 Příspěvek od vyosek »

Ten problem je na vsech prohlizecich??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“