VIRY.CZ

OTL Extras logfile created on: 1/17/2014 7:18:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\s fam\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2.74 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 56.19% Memory free
5.49 Gb Paging File | 3.78 Gb Available in Paging File | 68.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280.79 Gb Total Space | 114.49 Gb Free Space | 40.77% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.98 Gb Free Space | 99.52% Space Free | Partition Type: FAT32

Computer Name: SFAM-HP | User Name: s fam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1904487887-2426832105-4032358140-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [CEWE náhlad] -- "C:\Program Files (x86)\Fotolab\Moj CEWE FOTOSVET\CEWE náhlad.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Moj CEWE FOTOSVET] -- "C:\Program Files (x86)\Fotolab\Moj CEWE FOTOSVET\Moj CEWE FOTOSVET.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [CEWE náhlad] -- "C:\Program Files (x86)\Fotolab\Moj CEWE FOTOSVET\CEWE náhlad.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Moj CEWE FOTOSVET] -- "C:\Program Files (x86)\Fotolab\Moj CEWE FOTOSVET\Moj CEWE FOTOSVET.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13C17FED-2CAA-4007-9461-B7D9F7B55D44}" = lport=445 | protocol=6 | dir=in | app=system |
"{23292A72-060F-40FF-96F3-24F2BE88B066}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2EAC0ACB-2B74-43C1-93C6-0E9DD2B7C7C7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3CEFF276-239B-4499-85ED-9CA05FF11DF5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E53F472-78DC-4862-9DFC-C715E23AC4E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5024A351-7BA2-41B0-B00B-67790CBAAC3A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{51CF4F52-A4EE-45FE-986A-7FD8F5D79295}" = rport=137 | protocol=17 | dir=out | app=system |
"{640E8E28-053E-4CF0-8351-81B077CA9DB6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{646A9253-0883-4060-8632-A81C2388B07A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64C84D08-DC5A-489A-83E1-5BE00F5A55B2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{702563EE-FBC6-470A-8B26-43A20E20F1FD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73A5EB5D-22D5-43EF-AED9-2C9E7A893893}" = lport=139 | protocol=6 | dir=in | app=system |
"{742183B6-EC5C-4306-AC7F-3FA7E194758E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{90AEAAD2-3511-4115-A02A-55BAD22F9868}" = rport=10243 | protocol=6 | dir=out | app=system |
"{90F399C5-8573-4389-A911-6B755112D0F8}" = lport=138 | protocol=17 | dir=in | app=system |
"{9CF5086B-7A0C-4C37-9151-A47091784AB1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9F9B0FCB-142F-4A84-9F37-B969EF71E5A5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7972983-38B2-4CF9-8686-C3E70BB5898B}" = rport=138 | protocol=17 | dir=out | app=system |
"{D91A3506-822E-4C12-AB7B-CBC760B366FA}" = lport=137 | protocol=17 | dir=in | app=system |
"{E75636FC-F4C4-4B78-B5B9-7127EBE26212}" = rport=139 | protocol=6 | dir=out | app=system |
"{EAFC0B54-CC76-4241-85AD-66FBDC10D017}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F697EAFC-2CF5-4F81-9036-7DC7580E573D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FC297144-72F7-4BE3-B2B6-1DACA0E3E2DF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{FE03315F-02F7-431B-8ECA-B9C5323AC6C0}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08173750-BB8B-4014-9CD8-C921C9F1A5D1}" = protocol=6 | dir=out | app=system |
"{0F34D2B8-047A-4062-A44E-6EB16CE7B3E9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0F4F5D2E-D30A-4C26-9FF8-BA12B918D721}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{18FD1F5C-17F7-4EDA-9104-38FC0969D33F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{1CD7858E-5FDC-4D42-ABA8-CDE8C540555B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D428219-5476-4429-8AAF-0C7A153F72A5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{20D7767A-D798-45B4-9C7C-09AFCFF512E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{23AD2A95-B3A7-4635-813A-92E289738AFD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{27266C67-DDE9-49A0-8129-F06ACE792903}" = dir=in | app=c:\users\s fam\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{34EF59EC-C98F-442E-ACA8-FDBCB01CA684}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{39930CC5-CF5C-4F7F-8A49-2D3849777739}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{47C55FE7-0B23-4DD1-B3B6-2B298A6FED47}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{4AB6ACB2-58B7-44C5-BEAD-613E3B03779D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68C55BB4-F09B-4FFE-B402-6AC44D1AA46E}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{6C5F9912-44C6-46AA-A69F-8F17915A65CA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6E305462-C271-4ED6-B88A-BC411EEDE789}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{7250CE64-4305-4C89-9D84-7456D25BEACE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75A5DD2B-0E45-45C4-B3A8-3231F8D234C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E394740-FD98-4E53-A319-4244DBC82759}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7E88970C-220F-4C6D-B25E-46F83FD725D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{80E2DF0A-157E-431B-B968-C9F666D3CFEA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8123254E-96CB-48D0-AC96-D6AC5E70ECF6}" = dir=in | app=c:\users\s fam\appdata\local\microsoft\skydrive\skydrive.exe |
"{895C0171-EEDE-4D74-A376-F2457E54AF08}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F7FA36D-1F6E-45B7-BDE6-3A02E30257B4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9030D25E-CAAE-4A44-9BBA-5B1CA788D163}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{908BB20E-C708-4DC6-97B1-2AF0BDAEE185}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{9643CADA-3BB4-410A-882B-5C3635BEF683}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\managed virusscan\agent\myagtsvc.exe |
"{976D2156-D79F-49B9-AF5B-69C53E7176C1}" = dir=in | app=c:\users\s fam\appdata\roaming\allmyapps\allmyapps.exe |
"{9BAF055A-25CB-479B-99A1-E25C93067012}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{9EBEBEDC-BDDB-41D9-A43C-3C9C228E673B}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{A08520CB-484A-4B61-95A8-7C4ED57596DC}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{A1ABDD13-70D2-42C5-A297-6F46EB0A4BEE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6081B1B-5AFA-4337-8C08-840E1C95E621}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A680E301-389D-40A0-9B78-9D83904C03F6}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\managed virusscan\agent\myagtsvc.exe |
"{AD85A90E-F7F6-4A2A-9FE9-339D6C19E4E2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B142E9E9-8551-4806-A55A-77AB44B0E96F}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B7A15FFA-E045-4539-A745-6DFBA8D3E55A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{C30D4FC8-E961-48A3-BA7E-D7E7589C4C3B}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{DE75D982-FDBF-4372-A2BA-6594C9E8C4E5}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E0D9798F-59FF-4E3A-8F44-BB6BA480DA90}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EB754568-6712-4DD0-B075-98416C1F1650}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F71A3349-271B-450A-A253-BBB703C6E4AD}" = dir=in | app=c:\program files (x86)\htc\htc sync manager\htcsyncmanager.exe |
"{F8660A37-813D-4E5F-9E91-89E5C14B45FC}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{FE5B80A7-B968-4EFD-9691-CE1363DA7105}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{2C69D297-A524-1FB1-5C00-1C52363E044F}" = ccc-utility64
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{560932B5-8702-7FB8-01AE-265EA44FAEEB}" = ATI Catalyst Install Manager
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90140000-006D-041B-1000-0000000FF1CE}" = Microsoft Office Klikni a spusti 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C489E345-1D3D-493D-A776-E323E9A7D244}" = HP HotKey Support
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.00 beta 2 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004EA1A6-4A62-E574-B8A6-40C857A54EB0}_is1" = winzip version for Windows
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0C7A1F10-3965-190D-3409-B0DD7C45C0EE}" = CCC Help Italian
"{14B61ABC-D4A7-BCF5-92BE-95CEB8DF4374}" = CCC Help Czech
"{14BF164E-80A4-422E-BE43-39FB759666C2}_is1" = Avi to Mpeg 3.5
"{16CA9DAC-6A40-4204-A826-33C4D52A266C}" = Catalyst Control Center - Branding
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C598CE5-344B-997B-FF33-2976D689C0AC}" = CCC Help Greek
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24584BB7-0D2D-4A04-81B7-393C8CB87498}" = HP Software Framework
"{254F7574-53A7-43D1-BC4D-B1E894AEE175}" = Windows Live Writer
"{25F2658C-9F46-4DF6-8D5C-61B4CAC04E5F}" = Na scéně(TM)
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{39C5A498-FA1A-2473-34D1-6755E5A1BC99}" = CCC Help German
"{3DE96337-68D2-48E0-A863-6E4A5CD3BC25}" = PC Connectivity Solution
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4911AA-98AA-F2E0-1BF4-2E2737D1C95C}" = Catalyst Control Center InstallProxy
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{5002C5B1-B688-474A-AB3A-9B65DBD38FF9}" = HTC Sync Manager
"{50849B2C-097E-47A5-A076-6F11A939E093}" = Windows Live Mail
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{5478075D-1797-1C4C-B3F0-DC8ECCA7D5C3}" = Catalyst Control Center Localization All
"{558ED580-6168-AF04-C71F-E63B0E149E21}" = CCC Help Korean
"{56232E3D-7EA9-45E0-A371-26CD80510AF7}" = Windows Live UX Platform Language Pack
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6578F781-E353-4127-B068-F7F1719EB3ED}" = HP ESU for Microsoft Windows 7
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7211F448-F865-4D37-B905-24D84E6C3E5E}" = Windows Live Writer Resources
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{79CF6EF9-8C9A-F284-5042-B5B54645B5F8}" = CCC Help Norwegian
"{7F30B436-1196-1401-9A4F-CFF6C10D6EBA}" = CCC Help Polish
"{8146445E-B14D-4CBA-AB9A-728CF166DAC9}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EC6CDF-E378-0EBA-E4C2-BBD5489CD4EF}" = CCC Help Japanese
"{8502F597-4852-48BB-99E5-824AC4C057F0}" = Windows Live Family Safety
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140011-0066-041B-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Slovenčina
"{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}" = Fotogaléria
"{919D10CE-CADB-8D08-3429-7FB1DFA3B043}" = CCC Help Spanish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-007A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}" = HP Setup
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9978D298-9AA1-99EE-9975-18AAEF34DE0C}" = CCC Help Dutch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4D0B44-0A55-1905-5CF4-8A6EC311673F}" = CCC Help Russian
"{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}" = Movie Maker
"{A005479C-7D10-A4CB-0BAD-5D8765E141C6}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258h
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1DE827D-8A61-4A77-9CCF-31AD84CC1FB6}" = HP Documentation
"{C2036B7D-C21E-38E9-FB0B-3746E82B898B}" = CCC Help Hungarian
"

"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}" = Windows Live Essentials
"{C67BC332-A59A-4D40-977F-664F60AB21D8}" = Photo Common
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}" = WinZip 14.0
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D10B94E4-8545-CA0F-EDE9-41F62272A0DE}" = CCC Help Portuguese
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D35A9E39-05F9-0D80-C41C-71B2FDCBE5E9}" = CCC Help Chinese Standard
"{DB393B0B-4A5D-7B50-AD80-3772372C4243}" = CCC Help Thai
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4756B93-69FF-D723-D7F8-97FFE73A0D2C}" = CCC Help French
"{E4C82543-E98E-E66D-84A7-9C9235ADF9CE}" = CCC Help English
"{E8CA17C0-5A35-3CF1-C50F-1E9783FFB08B}" = CCC Help Swedish
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0261797-E2ED-8BEC-7B6F-A7C0A0E478FF}" = ccc-core-static
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F6CEF69E-35EA-6086-6D7D-21E89FD70B16}" = CCC Help Finnish
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8801800-9E88-3AB1-21DA-E50EFA0F771E}" = CCC Help Danish
"{FC6256BB-BDD4-AB91-451B-86896F236769}" = CCC Help Chinese Traditional
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Free Antivirus
"bwincomPoker" = bwin Poker
"CoreAAC Audio Decoder" = CoreAAC Audio Decoder (remove only)
"Cyklotrasy 2.22 + mapy ČR" = Cyklotrasy 2.22 + mapy ČR
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"HappyFoto-Designer_is1" = HF Designer 2.7
"MediaCoder" = MediaCoder 0.8.14
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"Moj CEWE FOTOSVET" = Moj CEWE FOTOSVET
"Mozilla Firefox 26.0 (x86 sk)" = Mozilla Firefox 26.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klikni a spusti 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OziExplorer 3.95_is1" = OziExplorer 3.95
"PDF Complete" = PDF Complete Special Edition
"Photo DVD Maker Professional" = Photo DVD Maker Professional 8.20
"Picasa 3" = Picasa 3
"Scooby-Doo(TM), Case File #2 The Scary Stone Dragon" = Scooby-Doo(TM), Case File #2 The Scary Stone Dragon
"Totalcmd" = Total Commander (Remove or Repair)
"TS Detský kútik 2 (plná inštalácia)" = TS Detský kútik 2 (plná inštalácia)
"TS Detský kútik 3 (plná inštalácia)" = TS Detský kútik 3 (plná inštalácia)
"UltraISO_is1" = UltraISO Premium V9.36
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite" = Windows Live Essentials
"Zahraniční oblasti pro Cyklotrasy" = Zahraniční oblasti pro Cyklotrasy

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1904487887-2426832105-4032358140-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4. 1. 2014 17:32:31 | Computer Name = sfam-HP | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 4. 1. 2014 17:32:32 | Computer Name = sfam-HP | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 6. 1. 2014 9:02:54 | Computer Name = sfam-HP | Source = System Restore | ID = 8193
Description =

Error - 8. 1. 2014 14:28:23 | Computer Name = sfam-HP | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 8. 1. 2014 14:28:23 | Computer Name = sfam-HP | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 8. 1. 2014 14:28:23 | Computer Name = sfam-HP | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 8. 1. 2014 14:38:16 | Computer Name = sfam-HP | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 8. 1. 2014 14:38:16 | Computer Name = sfam-HP | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 8. 1. 2014 14:38:16 | Computer Name = sfam-HP | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 14. 1. 2014 15:22:36 | Computer Name = sfam-HP | Source = Application Hang | ID = 1002
Description = The program AvastUI.exe version 6.0.999.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 10d0 Start
Time: 01cf107fc823d3de Termination Time: 60000 Application Path: C:\Program Files\AVAST
Software\Avast\AvastUI.exe Report Id: 0d0919a6-7d51-11e3-b8d3-70f395d5166d

Error - 17. 1. 2014 14:31:45 | Computer Name = sfam-HP | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: hpHotkeyMonitor.exe, verzia: 4.0.3.1, časová
značka: 0x4ca639d3 Názov chybového modulu: unknown, verzia: 0.0.0.0, časová značka:
0x00000000 Kód výnimky: 0xc0000005 Odstup chyby: 0x005f0053 Identifikácia chybného
procesu: 0xa9c Čas spustenia chybnej aplikácie: 0x01cf139ce8abaf40 Cesta chybnej
aplikácie: C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
Cesta
chybného modulu: unknown Identifikácia hlásenia: 9de1859e-7fa5-11e3-87f5-70f395d5166d

[ Hewlett-Packard Events ]
Error - 8. 7. 2012 14:06:43 | Computer Name = sfam-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 8. 7. 2012 14:06:55 | Computer Name = sfam-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 8. 7. 2012 14:07:03 | Computer Name = sfam-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 21. 10. 2012 12:55:03 | Computer Name = sfam-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 4. 11. 2012 13:51:22 | Computer Name = sfam-HP | Source = hpsa_service.exe | ID = 2000
Description =

Error - 4. 11. 2012 15:05:20 | Computer Name = sfam-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: sk-SK RAM: 2812 Ram Utilization: 50 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 4. 11. 2012 15:05:20 | Computer Name = sfam-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: sk-SK RAM: 2812 Ram Utilization: 50 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 4. 11. 2012 15:05:40 | Computer Name = sfam-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 4. 11. 2012 15:05:40 | Computer Name = sfam-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 20. 11. 2012 17:17:24 | Computer Name = sfam-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2147024894 at HP.SupportAssistant.Service.ACLM.AssetAgent.ExecuteAssetAgent(Boolean
isSubSet) at HP.SupportAssistant.Service.Battery.BatteryCheck.RunBatteryCheck()
Message:
Could not load file or assembly 'HP.ActiveCheckLocalMode.ServiceFacade, Version=1.1.0.0,
Culture=neutral, PublicKeyToken=87cc6405259abc0f' or one of its dependencies. Systém
nemôže nájsť zadaný súbor. StackTrace: at HP.SupportAssistant.Service.ACLM.AssetAgent.ExecuteAssetAgent(Boolean
isSubSet) at HP.SupportAssistant.Service.Battery.BatteryCheck.RunBatteryCheck()
Source:
HPSA_Service Name: hpsa_service.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\hpsa_service.exe Format: sk-SK RAM: 2812 Ram Utilization: 40 TargetSite:
Void ExecuteAssetAgent(Boolean)

[ HP Software Framework Events ]
Error - 8. 12. 2012 14:10:56 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2012. 12. 08 19:10:56.326|00000DF0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 8. 12. 2012 14:10:56 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2012. 12. 08 19:10:56.388|00000DF0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 9. 12. 2012 14:20:44 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2012. 12. 09 19:20:44.008|0000121C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 9. 12. 2012 14:21:03 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2012. 12. 09 19:21:03.893|00001C68|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10. 12. 2012 3:09:54 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2012. 12. 10 08:09:54.831|00000B70|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10. 12. 2012 3:09:56 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2012. 12. 10 08:09:56.062|00000B70|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10. 12. 2012 3:09:56 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2012. 12. 10 08:09:56.102|00000B70|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10. 12. 2012 3:09:56 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2012. 12. 10 08:09:56.192|00000B70|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10. 12. 2012 3:09:59 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2012. 12. 10 08:09:59.736|00000B70|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 11. 8. 2013 14:25:59 | Computer Name = sfam-HP | Source = CaslWmi | ID = 5
Description = 2013. 08. 11 20:25:59.342|000009B4|Error |[CaslWmi]A::A{bool()}|Error
connecting to Global Event server. Exception: Retrieving the COM class factory
for component with CLSID {69D77689-DA2B-4308-8404-2614CBF9896E} failed due to the
following error: 8007041d.

[ HP Wireless Assistant Events ]
Error - 15. 11. 2012 6:40:28 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 15. 11. 2012 6:40:31 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 15. 11. 2012 6:40:39 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 15. 11. 2012 6:40:43 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 15. 11. 2012 6:40:55 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 15. 11. 2012 6:40:57 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 15. 11. 2012 6:40:59 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 29. 11. 2012 11:55:39 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filter hlásení zrušil volanie.
(Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.ApplyDeviceManagerState(List`1
radios) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 29. 12. 2012 20:46:06 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filter hlásení zrušil volanie.
(Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.ApplyDeviceManagerState(List`1
radios) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 5. 1. 2013 14:56:53 | Computer Name = sfam-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filter hlásení zrušil volanie.
(Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

[ Media Center Events ]
Error - 4. 4. 2012 16:24:56 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 22:24:56 - Chyba pripájania na Internet. 22:24:56 - Nebolo možné
spojiť sa so serverom..

Error - 4. 4. 2012 16:25:06 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 22:25:01 - Chyba pripájania na Internet. 22:25:01 - Nebolo možné
spojiť sa so serverom..

Error - 5. 4. 2012 8:54:51 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 14:54:51 - Chyba pripájania na Internet. 14:54:51 - Nebolo možné
spojiť sa so serverom..

Error - 5. 4. 2012 8:55:02 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 14:54:56 - Chyba pripájania na Internet. 14:54:56 - Nebolo možné
spojiť sa so serverom..

Error - 5. 4. 2012 9:55:07 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 15:55:07 - Chyba pripájania na Internet. 15:55:07 - Nebolo možné
spojiť sa so serverom..

Error - 5. 4. 2012 9:55:13 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 15:55:12 - Chyba pripájania na Internet. 15:55:12 - Nebolo možné
spojiť sa so serverom..

Error - 5. 4. 2012 10:55:19 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 16:55:19 - Chyba pripájania na Internet. 16:55:19 - Nebolo možné
spojiť sa so serverom..

Error - 5. 4. 2012 10:55:25 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 16:55:24 - Chyba pripájania na Internet. 16:55:24 - Nebolo možné
spojiť sa so serverom..

Error - 7. 4. 2012 8:43:39 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 14:43:39 - Chyba pripájania na Internet. 14:43:39 - Nebolo možné
spojiť sa so serverom..

Error - 7. 4. 2012 8:43:50 | Computer Name = sfam-HP | Source = MCUpdate | ID = 0
Description = 14:43:44 - Chyba pripájania na Internet. 14:43:44 - Nebolo možné
spojiť sa so serverom..

[ System Events ]
Error - 12. 1. 2014 19:41:33 | Computer Name = sfam-HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Bluetooth Support Service zlyhalo kvôli nasledujúcej
chybe: %%1069

Error - 12. 1. 2014 19:41:33 | Computer Name = sfam-HP | Source = Service Control Manager | ID = 7038
Description = Službe PolicyAgent sa nepodarilo s aktuálne nakonfigurovaným heslom
prihlásiť ako NT Authority\NetworkService kvôli nasledujúcej chybe: %%1352 Ak chcete
zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft
Management Console).

Error - 12. 1. 2014 19:41:33 | Computer Name = sfam-HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby IPsec Policy Agent zlyhalo kvôli nasledujúcej chybe:
%%1069

Error - 12. 1. 2014 19:41:33 | Computer Name = sfam-HP | Source = Service Control Manager | ID = 7038
Description = Službe WerSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\SYSTEM kvôli nasledujúcej chybe: %%1352 Ak chcete zabezpečiť správne
nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management
Console).

Error - 12. 1. 2014 19:41:33 | Computer Name = sfam-HP | Source = Service Control Manager | ID = 7038
Description = Službe SSDPSRV sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\LocalService kvôli nasledujúcej chybe: %%50 Ak chcete zabezpečiť
správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management
Console).

Error - 12. 1. 2014 19:41:33 | Computer Name = sfam-HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby SSDP Discovery zlyhalo kvôli nasledujúcej chybe:
%%1069

Error - 12. 1. 2014 19:41:33 | Computer Name = sfam-HP | Source = Service Control Manager | ID = 7038
Description = Službe WerSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\SYSTEM kvôli nasledujúcej chybe: %%50 Ak chcete zabezpečiť správne
nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management
Console).

Error - 12. 1. 2014 19:41:34 | Computer Name = sfam-HP | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description = The BITS service failed to start. Error 2147943515.

Error - 12. 1. 2014 19:41:34 | Computer Name = sfam-HP | Source = Service Control Manager | ID = 7024
Description = Služba Background Intelligent Transfer Service bola ukončená s chybou
služby %%-2147023781.

Error - 17. 1. 2014 14:31:54 | Computer Name = sfam-HP | Source = Service Control Manager | ID = 7034
Description = Služba HP Hotkey Monitor sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1-krát.

< End of report >

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001UA.job
C:\windows\tasks\HPCeeScheduleFors fam.job

:otl
IE:64bit: - HKLM\..\SearchScopes\{55FC59AB-C94B-4BD4-8BCF-3E0165E50D1E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{55FC59AB-C94B-4BD4-8BCF-3E0165E50D1E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..\SearchScopes\{866F692F-ED0D-404E-AB82-4DAFFE60AB13}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =386496&p={searchTerms}
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
[15 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[28 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[7 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp files -> C:\windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\620697a3165452e75a3fea7775d1710d\*.tmp files -> C:\windows\SoftwareDistribution\Download\620697a3165452e75a3fea7775d1710d\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\93edcf9c560cc7da92b250a3fc13b771\*.tmp files -> C:\windows\SoftwareDistribution\Download\93edcf9c560cc7da92b250a3fc13b771\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp files -> C:\windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\cbcd333529a22e15d8360316385964f8\*.tmp files -> C:\windows\SoftwareDistribution\Download\cbcd333529a22e15d8360316385964f8\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 6104 bytes -> C:\windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] /64

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

kde je tam Opravit? vidim tam akurat CLEAN UP, Run SCAn..

Run Fix

nejako to OTL zamrzne a potom vyhodi text nizsie...

Files\Folders moved on Reboot...
File move failed. C:\Users\s fam\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File move failed. C:\Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TW3616UN\bg-registred-expiring-r-cs[1].png scheduled to be moved on reboot.
File move failed. C:\Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOAQQSDD\nag-btn-grey-small[1].png scheduled to be moved on reboot.
File move failed. C:\Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOAQQSDD\tooltip-arrow[1].png scheduled to be moved on reboot.
File move failed. C:\Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FJ1EKYB8\nag-btn-green-middle[1].png scheduled to be moved on reboot.
File move failed. C:\Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FJ1EKYB8\top-yellow-130-small[1].png scheduled to be moved on reboot.
File move failed. C:\Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File\Folder C:\windows\temp\_avast_\Webshlock.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Restartujte pc do nouzoveho rezimu a provedte to v nem.

skusal som,nejde to ani v nudzovom..

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001UA.job
C:\windows\tasks\HPCeeScheduleFors fam.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] /64

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

27.2. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

preventivka hp

Re: preventivka hp

Re: preventivka hp

Re: preventivka hp

Re: preventivka hp

Re: preventivka hp

Re: preventivka hp

Re: preventivka hp

Re: preventivka hp

Re: preventivka hp