OTL Extras logfile created on: 18.11.2014 21:40:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Venca\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,75 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 57,50% Memory free
7,50 Gb Paging File | 5,43 Gb Available in Paging File | 72,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,94 Gb Total Space | 228,93 Gb Free Space | 50,43% Space Free | Partition Type: NTFS
Drive F: | 1,11 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: STORMBRIGER-PC | User Name: Venca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021BF59D-BBA6-43B9-AA26-F7F0BC38753B}" = rport=445 | protocol=6 | dir=out | app=system |
"{0B206251-32CF-4344-AE86-8169F47ECFAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{11D1A258-BD93-43FA-996D-E61B89F64C36}" = rport=10243 | protocol=6 | dir=out | app=system |
"{14D391F9-CE0E-444E-803D-BE43336BEA39}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1693FC9B-BB9F-41B0-B9BF-95D9E85466FD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1F0DD595-160E-4C7F-B960-4E14BDCAB0F9}" = lport=445 | protocol=6 | dir=in | app=system |
"{5A460983-4D29-438D-8CDD-E73264BDD84C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63413759-DA2A-4C2B-8A55-0EE27DED8960}" = rport=139 | protocol=6 | dir=out | app=system |
"{6E8A6DA6-F2D2-4DBF-B2A0-5687C4B8E15C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{745AE0A3-DB94-427F-A0C1-531C1722E11F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8DC98BCA-CFB8-486F-9520-2856ACB341E8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91296B55-B87F-49F1-9A45-029CF9CAF377}" = lport=137 | protocol=17 | dir=in | app=system |
"{94FFB9A1-6990-45D2-ABAD-64DA757F4BF0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9794DD17-1673-45EE-8F5E-A95D368B86EC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A8F00345-2699-4B01-8882-3FA013E7CDB2}" = rport=138 | protocol=17 | dir=out | app=system |
"{B71041B4-6EFC-44E6-AF89-ED9BF463B58D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BDC8163B-8301-4476-9605-F36330045308}" = lport=5353 | protocol=17 | dir=in | app=c:\users\venca\appdata\local\google\chrome\application\chrome.exe |
"{BFE1FABB-1325-4DB5-B96A-9AE734D3246B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C5F24241-82D8-4891-A932-97BE250AFC78}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D08C078E-A455-45C3-A9C6-96B00A2C931D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D231854A-8FCF-4478-B56E-7662E8C912E2}" = lport=139 | protocol=6 | dir=in | app=system |
"{D9375728-8E61-44F5-8DC6-BD501A62AAF3}" = lport=138 | protocol=17 | dir=in | app=system |
"{DBB82455-F60A-43A9-83C5-11D8698F8AB5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EC6B1A20-EDD2-4476-9496-F92A4F71113C}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A4D4EB0-150D-4600-9AB5-586AEE5F1C46}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0C0D28D3-AA16-4D41-943C-00B7A9314CC6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\rise of nations\thrones.exe |
"{17FA7DCC-DCA9-4B07-BC73-D6A61A9F90B6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1EA78100-763C-40BD-A9BF-7F3F2B99FC0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{21B110AB-D4DB-4787-8AC8-A361C1A0C71D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{28F381EE-6182-448B-A276-3DE3F41EEB62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56DD7D09-28AE-4404-BC9C-08E76864CDF2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{59790A3B-0A85-4450-ADCA-5FFE70E81F3F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C96985C-BFA1-47B8-8234-E70B90A51F4A}" = protocol=6 | dir=out | app=system |
"{7A4D176E-ECEB-4F56-BE41-8ED08F9C4117}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{84167D92-A487-40AD-9559-3F132313F047}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{898CA4D0-25AE-4501-B16C-D2A34F5F305C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{90278A1B-CDD9-4C0E-8A13-DAEE600FDFE3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9505D0F2-F711-4A42-9491-E3F92E6CDE4E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{96CDE753-A2FD-4394-97A2-6B9BAF41CD55}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{973677AC-62B6-4254-AB98-CC4E7D5E3B58}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D0C0C11-3F1B-46B6-A29B-8C64921FAA24}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B5573056-1349-444A-819D-095FE15F3D10}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB839C2C-83E8-493B-BFE5-53964D674F6D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{BC6122CF-24CF-41B8-91E1-11DF47517A50}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DA5D7686-B18B-4115-A4F9-CFF4C21CF0FF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\rise of nations\thrones.exe |
"{E291A4B0-5667-4999-B513-5099C4EA9FE7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F5125601-6433-4290-BEAB-2C1A4BFFB953}" = dir=in | app=c:\program files (x86)\garena plus\ggdllhost.exe |
"TCP Query User{0034545B-1545-4D5A-9C1C-55D6D9007A59}C:\program files\dassault systemes\b20\win_b64\code\bin\orbixd.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b20\win_b64\code\bin\orbixd.exe |
"TCP Query User{07BE98D0-B346-41A0-8B4F-E6FEEC4B0383}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{0D771B12-4D83-4FB4-9D92-60FD6A58305F}C:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe |
"TCP Query User{13D03D85-E943-463A-9430-4B310B86EA3F}C:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe |
"TCP Query User{1A5D9B10-75E1-46EA-83EE-CE24C4B9A879}C:\program files (x86)\tremulous\tremulous.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tremulous\tremulous.exe |
"TCP Query User{371B2C11-C3A0-4491-8C82-0BB1D38A791F}C:\program files (x86)\tremulous\tremulous.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tremulous\tremulous.exe |
"TCP Query User{49B8C4B0-C5FA-42AC-83DC-DB6EB869C96D}C:\programme\itnc530\340494\sys\bin\geo.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\sys\bin\geo.exe |
"TCP Query User{7570D349-15BE-42E0-AACC-0893CB37A5D6}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{831C9266-F4F5-43D0-9059-E5CC62C5D5D4}C:\programme\itnc530\340494\sys\bin\plc.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\sys\bin\plc.exe |
"TCP Query User{8B8A9115-9DA7-4B5C-9A11-F0D8DA64F313}C:\programme\itnc530\340494\sys\bin\regel.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\sys\bin\regel.exe |
"TCP Query User{A4A0DD99-1855-4A3A-9F43-F6EDB0ABF065}C:\users\venca\desktop\warcraft 3 en\war3.exe" = protocol=6 | dir=in | app=c:\users\venca\desktop\warcraft 3 en\war3.exe |
"TCP Query User{C37E5152-8D2C-4067-B258-B8F378DD4B78}C:\programme\itnc530\340494\sys\bin\ext.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\sys\bin\ext.exe |
"TCP Query User{E1E0DD0E-FBBC-4F05-AD17-13A1AC0D257E}C:\programme\itnc530\340494\xwin\bin\xwin.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\xwin\bin\xwin.exe |
"UDP Query User{0E8176BD-B409-4540-93C2-F31DEE9E4DE5}C:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe |
"UDP Query User{21BE8733-6261-4198-B9AA-105EBA58C0D4}C:\programme\itnc530\340494\sys\bin\geo.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\sys\bin\geo.exe |
"UDP Query User{3C209622-55F1-4F25-A789-9D01E591BCCC}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{5B7CD21A-8141-4E51-B131-66E2AA7CC4D5}C:\program files\dassault systemes\b20\win_b64\code\bin\orbixd.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b20\win_b64\code\bin\orbixd.exe |
"UDP Query User{5BF5A621-3BE6-4C83-BE44-D1B3ED28DA82}C:\programme\itnc530\340494\sys\bin\ext.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\sys\bin\ext.exe |
"UDP Query User{73AA36F2-CDAD-4CE1-B082-BCCCE3585ECC}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{7881A61B-4C5D-4FAF-9D94-E3B0EAF363D1}C:\programme\itnc530\340494\sys\bin\plc.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\sys\bin\plc.exe |
"UDP Query User{8594EDAA-9D8A-4987-842D-76E8B27F6437}C:\program files (x86)\tremulous\tremulous.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tremulous\tremulous.exe |
"UDP Query User{8CBE993A-6E9B-46C2-92E3-BAD537B46C50}C:\users\venca\desktop\warcraft 3 en\war3.exe" = protocol=17 | dir=in | app=c:\users\venca\desktop\warcraft 3 en\war3.exe |
"UDP Query User{9DA2C6A9-0002-4FBA-8EA7-BDE826E203D6}C:\programme\itnc530\340494\xwin\bin\xwin.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\xwin\bin\xwin.exe |
"UDP Query User{CCCE7A48-A144-4754-9E3B-41075045E2D6}C:\programme\itnc530\340494\sys\bin\regel.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\sys\bin\regel.exe |
"UDP Query User{F016208B-D02D-4E07-9D8E-195AA8FEDFD7}C:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe |
"UDP Query User{FC4C7AD4-53D8-4775-A0EC-8C82019BC793}C:\program files (x86)\tremulous\tremulous.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tremulous\tremulous.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034B6AC8-DCF6-585B-2AFD-3FF0D4A559BB}" = AMD Accelerated Video Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{30921AC4-6875-F7DF-B48B-2BB68C000BB6}" = AMD Media Foundation Decoders
"{37FCE154-7F59-74F0-3A35-BF503CEB230B}" = AMD Catalyst Install Manager
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C676266-91E4-DC71-E661-13494AC29A3E}" = ccc-utility64
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{999DB5B3-EE44-8837-2B51-4AF44CD1FD22}" = AMD Drag and Drop Transcoding
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C874B99C-8480-4AFB-A646-4B1DCAB185B2}" = M-Audio FastTrack Driver 6.0.2 (x64)
"{CB1032F6-1108-30C7-01C9-C0C132D13BEE}" = AMD Fuel
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{CF1EB598-B424-436A-B15F-B763846BA970}" = Dassault Systemes Software Prerequisites x86-x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"Dassault Systemes B20_0" = Dassault Systemes Software B20
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00F14E5B-E07A-2A1E-6788-580773CE1486}" = CCC Help English
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0A036215-0A8D-6FBE-7EA3-7AED4F9E162A}" = CCC Help Turkish
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{15A05AAA-37E7-D516-5BE9-C960C2170403}" = CCC Help Czech
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{21E9850E-58C2-FA88-D5AD-B64D253B8F82}" = CCC Help Thai
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{25A7270E-1B63-DFD1-ACBC-88852A305398}" = CCC Help Chinese Traditional
"{28164BD8-81EA-639A-85E9-E659E3EE6DA7}" = Catalyst Control Center InstallProxy
"{2E69E784-F84A-9A18-7D8E-4EB8504EEE1E}" = CCC Help Danish
"{362614E4-9ABB-E7A7-CDDC-239AB168060A}" = CCC Help Japanese
"{371F27A1-9502-4762-AE97-1C1938B21055}" = Avid Pro Tools SE 8.0.3
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4745F6F8-09DA-CC39-EC19-0E8D764CF2B7}" = CCC Help Chinese Standard
"{4E31D9A6-245B-41A6-949D-C7B029A703D2}" = iTNC530 (340494)
"{4FA31DE2-B613-24BB-1738-B655C00B1C9D}" = CCC Help Hungarian
"{5783F2D7-5001-0405-0002-0060B0CE6BBA}" = AutoCAD 2007 - Český
"{58771CF6-F212-CC4D-61B1-45CC70B6375C}" = CCC Help Dutch
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5F8D931D-B230-47F3-A9C0-0C8CA459A332}" = Microsoft Expression Web 4
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6D5CE5F1-CBB0-9ED4-1A1E-91DDCD6225FD}" = CCC Help Italian
"{707210B0-29F1-C550-BA96-6ECDA245CF24}" = CCC Help Spanish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{812B956B-37AB-24B9-4527-78A6D3ECE7F8}" = CCC Help Korean
"{83293709-B863-0EF6-00DA-B026D486E8B5}" = CCC Help Polish
"{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{911904DE-EBB6-BC8E-D5BD-762B7DB42C46}" = CCC Help Greek
"{9903011B-5F1D-A2A1-8078-EE62B3324CCE}" = CCC Help Portuguese
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7F1628-2126-34A5-852D-2B93328BCF3F}" = CCC Help German
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications (R) Core - English
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.5 - Czech
"{AE6C422B-DADB-D547-411C-E9E56DF03D16}" = CCC Help Russian
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B09567CC-E43F-10F1-752D-549AC7FB0C43}" = CCC Help Finnish
"{B170B91D-E8E3-A6A3-D129-D8E36FEA8A0B}" = CCC Help Norwegian
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{BD96ABD3-D1D4-5513-6C60-11476D6DCFC5}" = Catalyst Control Center Localization All
"{C39C7876-4D21-8A38-0A42-B5C8858EC6C7}" = CCC Help French
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.74.216
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D4236B82-213F-679E-09A2-9AEB5EF4CADC}" = Catalyst Control Center Graphics Previews Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2222809-FDED-4C7E-8F25-2337A8F39F03}" = Hidden & Dangerous 2 Sabre Squadron
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{EBBD4FE6-91DA-C397-6D56-FE85DBF24FCF}" = AMD VISION Engine Control Center
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications (R) Core
"{FCEFDA6B-63CD-BB17-B845-478A42E24D39}" = CCC Help Swedish
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"Avast" = avast! Free Antivirus
"Baldurs Gate Enhanced Edition_is1" = Baldurs Gate Enhanced Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Freemake Audio Converter_is1" = Freemake Audio Converter verze 1.1.0
"Freemake Video Converter_is1" = Freemake Video Converter verze 4.1.4
"Freemake Video Downloader_is1" = Freemake Video Downloader
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2
"InstallShield_{E2222809-FDED-4C7E-8F25-2337A8F39F03}" = Hidden & Dangerous 2 Sabre Squadron
"IrfanView" = IrfanView (remove only)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.3.1025
"MarSurf PS1 Explorer" = MarSurf PS1 Explorer
"Mount&Blade Warband" = Mount&Blade Warband
"MozillaMaintenanceService" = Mozilla Maintenance Service
"RiseOfNationsExpansion 1.0" = Rise of Nations
"SpeedFan" = SpeedFan (remove only)
"Tremulous" = Tremulous 1.1.0
"VLC media player" = VLC media player 2.1.1
"Web_4.0.1460.0" = Microsoft Expression Web 4
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1101762115-1356681713-117081159-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.11.2014 14:12:12 | Computer Name = StormBriger-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.11.2014 14:25:51 | Computer Name = StormBriger-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 17.11.2014 5:01:42 | Computer Name = StormBriger-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.11.2014 6:04:01 | Computer Name = StormBriger-PC | Source = Application Hang | ID = 1002
Description = Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
11bc Čas spuštění: 01d0024d83793431 Čas ukončení: 0 Cesta k aplikaci: C:\Users\Venca\Downloads\RSITx64.exe
ID
hlášení:
Error - 17.11.2014 9:54:34 | Computer Name = StormBriger-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 17.11.2014 15:56:58 | Computer Name = StormBriger-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.11.2014 16:09:51 | Computer Name = StormBriger-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.11.2014 12:18:41 | Computer Name = StormBriger-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.11.2014 13:19:50 | Computer Name = StormBriger-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 18.11.2014 16:18:25 | Computer Name = StormBriger-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 11.10.2014 10:37:39 | Computer Name = StormBriger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 1.7.2014 8:50:44 | Computer Name = StormBriger-PC | Source = Microsoft Antimalware | ID = 2001
Description =
Error - 1.7.2014 9:15:52 | Computer Name = StormBriger-PC | Source = Microsoft Antimalware | ID = 2001
Description =
Error - 1.7.2014 9:44:58 | Computer Name = StormBriger-PC | Source = Microsoft Antimalware | ID = 2001
Description =
Error - 1.7.2014 13:29:53 | Computer Name = StormBriger-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Freemake Improver bylo dosaženo časového
limitu (30000 ms).
Error - 1.7.2014 13:29:53 | Computer Name = StormBriger-PC | Source = Service Control Manager | ID = 7000
Description = Služba Freemake Improver neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 1.7.2014 14:16:07 | Computer Name = StormBriger-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (20:15:13, ?1.?7.?2014) bylo neočekávané.
Error - 1.7.2014 14:16:09 | Computer Name = STORMBRIGER-PC | Source = BugCheck | ID = 1001
Description =
Error - 1.7.2014 14:17:03 | Computer Name = StormBriger-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Freemake Improver bylo dosaženo časového
limitu (30000 ms).
Error - 1.7.2014 14:17:03 | Computer Name = StormBriger-PC | Source = Service Control Manager | ID = 7000
Description = Služba Freemake Improver neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 1.7.2014 14:17:37 | Computer Name = StormBriger-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 20
Description = Došlo k závažné chybě hardwaru. Součást: AMD Northbridge Zdroj chyby:
3 Typ chyby: 7 ID procesoru: 0 Další informace jsou obsaženy v podrobném zobrazení
této položky.
< End of report >
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Antivirus hlásí virus v podobě kódu slabiny Windows
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Antivirus hlásí virus v podobě kódu slabiny Windows
Napiste mi velikost adresare plochy (C:\Users\Venca\Desktop)
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1101762115-1356681713-117081159-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1101762115-1356681713-117081159-1000UA.job
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files (x86)\Spybot - Search & Destroy
:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1101762115-1356681713-117081159-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[21 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 \Users\Venca\Downloads\*.tmp files -> \Users\Venca\Downloads\*.tmp -> ]
[12 \Users\Venca\AppData\Local\Temp\*.tmp files -> \Users\Venca\AppData\Local\Temp\*.tmp -> ]
@Alternate Data Stream - 964 bytes -> C:\ProgramData\Microsoft:FPgZSxL1YB6ha6StVGkgu
@Alternate Data Stream - 952 bytes -> C:\ProgramData\Microsoft:F79hlrMWjUul1tJCpEnZDj
@Alternate Data Stream - 951 bytes -> C:\ProgramData\Microsoft:mOANVuEHpdbYCsz9DkKS79aPB
@Alternate Data Stream - 1098 bytes -> C:\Users\Venca\AppData\Local\Temp:jAGgDBDpUD5Lmpzi20YJ
@Alternate Data Stream - 1083 bytes -> C:\Program Files (x86)\Common Files\System:SCZmhDw5QSPqinjr43Ge7A
@Alternate Data Stream - 1073 bytes -> C:\Users\Venca\AppData\Local\jlqF1yXgXz:LfJsCAbalfjWDOgv
@Alternate Data Stream - 1019 bytes -> C:\ProgramData\Microsoft:jbRQGr9rEPvKIU9hQFS6qzK
@Alternate Data Stream - 1018 bytes -> C:\ProgramData\Microsoft:TKAeAJCzzSEVqGScidNR
@Alternate Data Stream - 1002 bytes -> C:\ProgramData\Microsoft:eLwpGouQtX5nAIojBRICM
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"DAEMON Tools Lite"=-
"KiesPreload"=-
"KiesAirMessage"=-
""=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"KiesTrayAgent"=-
Po restartu se objevi novy log, ten sem dejte.
21.12. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?