ComboFix 12-12-27.03 - ondra 28.12.2012 11:23:04.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3326.2193 [GMT 1:00]
Spuštěný z: c:\users\ondra\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\ondra\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"C:\found.002"
"c:\users\ondra\AppData\Local\Temp\ALSysIO.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\0.0.0.0\GoogleEarth-Win-Plugin-6.2.2.6613.exe
c:\program files\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\23.0.1271.97\23.0.1271.97_23.0.1271.95_chrome_updater.exe
c:\program files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-6.2.2.6613.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\users\ondra\AppData\Local\Facebook\Update
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\ondra\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\ondra\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\users\ondra\AppData\Local\Google\Update
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_am.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_da.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_de.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_el.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_es.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_et.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_id.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_is.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_it.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_no.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_te.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_th.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\psmachine.dll
c:\users\ondra\AppData\Local\Google\Update\1.3.21.123\psuser.dll
c:\users\ondra\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\users\ondra\AppData\Local\Google\Update\Download\{D0AB2EBC-931B-4013-9FEB-C9C4C2225C8C}\3.11.7.10909\googletalkpluginaccel.msi
c:\users\ondra\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\zy_tmp
c:\windows\zy_tmp\P660RU-Tx.cat
c:\windows\zy_tmp\RNDIS_USB.inf
c:\windows\zy_tmp\RNDISMPK.sys
c:\windows\zy_tmp\rndismpm.sys
c:\windows\zy_tmp\rndismpw.sys
c:\windows\zy_tmp\usb8023k.sys
c:\windows\zy_tmp\usb8023m.sys
c:\windows\zy_tmp\usb8023w.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-28 do 2012-12-28 )))))))))))))))))))))))))))))))
.
.
2012-12-28 10:30 . 2012-12-28 10:32 -------- d-----w- c:\users\ondra\AppData\Local\temp
2012-12-28 10:30 . 2012-12-28 10:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-28 10:30 . 2012-12-28 10:30 -------- d-----w- c:\users\Ondrik\AppData\Local\temp
2012-12-28 10:30 . 2012-12-28 10:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-27 18:20 . 2012-12-27 18:20 -------- d-----w- c:\program files\Nová složka
2012-12-25 12:20 . 2012-12-25 12:20 -------- d-----w- c:\users\ondra\AppData\Roaming\JAM Software
2012-12-25 12:20 . 2012-12-25 12:20 -------- d-----w- c:\program files\JAM Software
2012-12-23 20:43 . 2012-11-19 00:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FFA66FAD-0E2B-4884-991A-B3C5116BAB82}\mpengine.dll
2012-12-23 20:22 . 2012-12-23 20:22 -------- d-----w- C:\found.002
2012-12-23 19:08 . 2012-12-23 20:35 -------- d-----w- c:\program files\Atheros
2012-12-23 19:07 . 2012-12-23 19:09 -------- d-----w- c:\programdata\Atheros
2012-12-23 19:01 . 2012-12-23 19:01 -------- d-----w- c:\program files\Sweex Wireless LAN
2012-12-22 15:27 . 2012-12-22 15:27 -------- d-----w- c:\users\ondra\AppData\Local\IsolatedStorage
2012-12-20 21:17 . 2012-12-20 21:17 -------- d-----w- c:\users\ondra\AppData\Local\4A Games
2012-12-19 19:16 . 2012-12-19 19:16 -------- d-----w- c:\program files\metro
2012-12-15 17:16 . 2012-12-15 17:16 -------- d-----w- c:\program files\Parabola Calculator
2012-12-15 17:14 . 2012-12-15 17:15 73216 ----a-w- c:\windows\ST6UNST.EXE
2012-12-15 17:14 . 2012-12-15 17:15 286720 ------w- c:\windows\Setup1.exe
2012-12-11 18:48 . 2004-08-17 10:23 5120 ----a-w- c:\windows\system32\tcusbdrv.dll
2012-12-11 18:48 . 2002-08-12 15:20 27264 ----a-w- c:\windows\system32\drivers\rndismpk.sys
2012-12-11 18:48 . 2002-08-12 15:20 11136 ----a-w- c:\windows\system32\drivers\usb8023k.sys
2012-12-09 17:28 . 2012-12-09 17:28 -------- d-----w- c:\users\ondra\AppData\Roaming\IrfanView
2012-12-09 17:28 . 2012-12-09 17:28 -------- d-----w- c:\program files\IrfanView
2012-12-08 19:26 . 2012-12-08 19:43 -------- d-----w- c:\users\ondra\Ekahau Site Survey
2012-12-08 19:24 . 2012-12-08 19:24 -------- d-----w- c:\program files\Ekahau
2012-12-07 13:10 . 2012-12-07 13:10 -------- d-----w- c:\users\ondra\AppData\Local\Macromedia
2012-12-05 19:11 . 2012-12-05 19:11 -------- d-----w- c:\programdata\Ralink
2012-12-05 19:10 . 2011-04-28 13:20 1228864 ----a-w- c:\windows\system32\drivers\netr28u.sys
2012-12-05 19:10 . 2011-04-28 13:17 238944 ----a-w- c:\windows\system32\RaCoInst.dll
2012-12-05 19:10 . 2012-12-05 19:10 -------- d-----w- c:\programdata\Ralink Driver
2012-12-05 19:10 . 2012-12-05 19:10 -------- d-----w- c:\program files\Cisco
2012-12-05 19:10 . 2012-12-05 19:10 -------- d-----w- c:\windows\system32\RaLanguages
2012-12-05 19:10 . 2011-05-04 12:56 1608768 ----a-w- c:\windows\system32\RaCertMgr.dll
2012-12-05 19:10 . 2011-05-04 12:54 802880 ----a-w- c:\windows\system32\RAIHV.dll
2012-12-05 19:10 . 2010-07-01 16:45 119648 ----a-w- c:\windows\system32\RAEXTUI.dll
2012-12-05 19:10 . 2010-06-29 09:34 480608 ----a-w- c:\windows\system32\DiagFunc.dll
2012-12-05 19:10 . 2012-12-05 19:10 -------- d-----w- c:\program files\Ralink
2012-12-05 17:55 . 2009-02-05 01:49 451072 ----a-w- c:\windows\system32\ISSRemoveSP.exe
2012-11-30 07:09 . 2012-11-30 07:09 -------- d-----w- c:\program files\Common Files\Skype
2012-11-30 07:09 . 2012-11-30 07:09 -------- d-----r- c:\program files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-04 12:09 . 2012-05-26 16:47 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-04 12:09 . 2012-05-26 16:47 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-15 16:23 . 2012-11-15 16:23 49152 ----a-r- c:\users\ondra\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
2012-11-11 10:06 . 2012-11-09 18:32 141072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-11-11 10:06 . 2012-11-09 18:33 281120 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-11-11 10:06 . 2012-11-09 18:31 281120 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-11-09 20:52 . 2012-11-09 18:31 281120 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-11-09 18:32 . 2012-11-09 18:32 138904 ----a-w- c:\users\ondra\AppData\Roaming\PnkBstrK.sys
2012-11-09 18:31 . 2012-11-09 18:31 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-10-30 22:51 . 2012-05-16 13:05 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-05-16 13:05 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-05-16 13:05 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-05-16 13:05 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-05-16 13:05 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-05-16 13:04 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-05-16 13:04 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-15 16:59 . 2012-05-16 13:05 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-14 07:35 . 2012-10-14 07:35 27248 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2012-10-11 17:49 . 2012-11-04 10:17 2468520 ----a-w- c:\windows\system32\BootMan.exe
2012-09-29 18:54 . 2012-10-06 18:12 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-29 06:58 . 2012-05-17 04:26 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2009-05-12 2181672]
"HotSwap! Applet"="c:\users\ondra\Documents\HotSwap! 5.0.0.0\32bit\HotSwap!.EXE" [2009-11-10 107520]
"Connectify"="c:\program files\Connectify\Connectify.exe" [2012-11-09 4013928]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2012-06-12 5708432]
"PAC207_Monitor"="c:\windows\PixArt\i-Look110\Monitor.exe" [2007-12-10 323584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2012-12-5 12909928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^ondra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
R2 AODService;AODService;c:\program files\AMD\OverDrive\AODAssist.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 DxkgFilter;Filtering Dxkg;c:\program files\iDisplay\idisplay.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [x]
R3 MarkFun_NT;MarkFun_NT;c:\program files\Gigabyte\ET5\markfun.w32 [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [x]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [x]
R3 PAC207;i-Look 110;c:\windows\system32\DRIVERS\PFC027.SYS [x]
R3 RaMediaServer;RaMediaServer;c:\program files\Ralink\Common\RaMediaServer.exe [x]
R3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [x]
R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
R3 w7Svc;webcam 7 Service;c:\program files\webcam 7\wService.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\AMD\OverDrive\i386\AODDriver2.sys [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files\BlueStacks\HD-Hypervisor-x86.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files\BlueStacks\HD-LogRotatorService.exe [x]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [x]
S2 EkaProt6;Ekahau User Protocol Driver for NDIS 6;c:\windows\system32\DRIVERS\ekaprot6.sys [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [x]
S3 ALSysIO;ALSysIO;c:\users\ondra\AppData\Local\Temp\ALSysIO.sys [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
LSP: c:\program files\VMware\VMware Player\vsocklib.dll
TCP: Interfaces\{0720E444-34BE-4B53-B4C4-A5A3EBCB7B03}\140546F6572627166737B697: DhcpNameServer = 77.48.95.1 192.168.2.1
FF - ProfilePath - c:\users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\gq702ok8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\w7Svc]
"ImagePath"="c:\program files\webcam 7\wService.exe /startedbyscm:5053B757-40E35B3B-webcam7SRV"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MarkFun_NT]
"ImagePath"="\??\c:\program files\Gigabyte\ET5\markfun.w32"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5772)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\taskhost.exe
c:\users\ondra\Documents\CoreTemp32\Core Temp.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Connectify\ConnectifyD.exe
c:\windows\system32\conhost.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\windows\system32\vmnat.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\VMware\VMware Player\vmware-authd.exe
c:\windows\system32\vmnetdhcp.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-12-28 11:35:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-28 10:35
ComboFix2.txt 2012-12-27 20:56
.
Před spuštěním: Volných bajtů: 102 980 157 440
Po spuštění: Volných bajtů: 102 766 284 800
.
- - End Of File - - B56A80FA1C2856B9855CF50E792D0CFD
Číňan a nemám přístup k vytváření na C: LOG +
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Číňan a nemám přístup k vytváření na C: LOG
Deaktivuj antivir a odinstaluj ComboFix. ComboFix se odinstaluje takto:
Vypni antivir a pokud máš i Antispyware ( nutné ) .
Start -> Spustit (nebo klávesy Win+R) a zadej do řádku: Combofix[mezera]/uninstall
**************************************************************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na Minimální výstup, zaškrtni Pro všechny uživatele.Pod Běžné registry změň na Vše, Specifické registry na Vše, Služby ma vše a Procesy na Vše. Zatrhni Kontrola na havěť LOP a Kontrola na havěť Purity. Stáří souborů změň na 14 dnů. Všechny ostatní nastavení ponech jak jsou. Klikni na Prohledat. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Vypni antivir a pokud máš i Antispyware ( nutné ) .
Start -> Spustit (nebo klávesy Win+R) a zadej do řádku: Combofix[mezera]/uninstall
**************************************************************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na Minimální výstup, zaškrtni Pro všechny uživatele.Pod Běžné registry změň na Vše, Specifické registry na Vše, Služby ma vše a Procesy na Vše. Zatrhni Kontrola na havěť LOP a Kontrola na havěť Purity. Stáří souborů změň na 14 dnů. Všechny ostatní nastavení ponech jak jsou. Klikni na Prohledat. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Číňan a nemám přístup k vytváření na C: LOG
extras
OTL Extras logfile created on: 31.12.2012 10:03:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ondra\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,64% Memory free
6,50 Gb Paging File | 5,25 Gb Available in Paging File | 80,81% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 99,72 Gb Free Space | 33,45% Space Free | Partition Type: NTFS
Drive D: | 117,19 Gb Total Space | 72,53 Gb Free Space | 61,89% Space Free | Partition Type: NTFS
Drive E: | 58,08 Gb Total Space | 57,96 Gb Free Space | 99,78% Space Free | Partition Type: NTFS
Computer Name: ONDRA-PC | User Name: ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00426367-F982-4B6E-B143-6972D336B597}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{03AD8531-F47D-416A-8122-5419441ADE7B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{03B6C477-169A-4FD8-98F2-93AA7971A05A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A587A2B-4FB7-4B26-9B91-EFB998012B02}" = lport=2869 | protocol=6 | dir=in | app=system |
"{18C45561-442E-463C-A420-4FA4EF8CE672}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{1F70E144-64FC-4EFB-9452-8083C1367A9F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{20A154C5-8BB4-43D2-B2ED-91E231881BB8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{22ADC36D-8FE5-474E-910A-A754DF4E37BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{24960802-2360-4181-9CDA-EB2352A34356}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A16A781-0D26-4C0A-B89F-79D4046561C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{3602D79A-EE9F-4CF7-9464-45FA50D311C9}" = lport=2987 | protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"{38831586-7BEF-4E31-8914-9A84F8C75C62}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4128A737-1DAF-4344-B14E-03148A42CC52}" = lport=3389 | protocol=6 | dir=in | app=system |
"{48565852-8791-47EF-8B97-944C87BD842B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4942117D-A4C0-4E22-BE5E-1401F42BE2B4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4EF002FD-7A53-455A-AFEE-83DE296ABFFA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AA0A335-D28A-4A61-8745-076FC2595574}" = lport=59127 | protocol=17 | dir=in | name=pando media booster |
"{6362F1F9-2688-4AE3-AE35-2FEF4D7A6BED}" = lport=1303 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{67CC5A55-5CDD-489D-BF87-7B3AE1443500}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{6E312179-525C-484F-A037-786711BF2EA1}" = rport=138 | protocol=17 | dir=out | app=system |
"{714C73CC-EFB9-486F-A1CF-38EF04B29B83}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{772ACA8F-8426-4621-A0B0-4FAC1CA2A4E9}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D53064F-C513-4A0D-AD50-A7116A75D141}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{807FD163-3C9E-4E1A-9A51-4EA3762C85C7}" = lport=59127 | protocol=6 | dir=in | name=pando media booster |
"{82D218FD-E63E-4D44-B07C-1B709BFF4CAC}" = lport=445 | protocol=6 | dir=in | app=system |
"{87A7F2A7-5DDE-49E7-AEB8-2995CFEB6ECF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{944F2C82-C43E-4539-84AB-EF68E9258019}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1D7B54B-E77E-4AAD-866F-3534728746B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B30ED893-D8C8-4A79-977F-41A739432985}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BEBF93F3-314E-4184-A984-F4196B7101B8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C164A466-6619-4AB6-8F41-C190249747AD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C52B8494-A58E-428F-9810-CD7188E5ED8A}" = rport=2869 | protocol=6 | dir=out | app=system |
"{C6D99620-5201-409A-A972-0BEFE00230AA}" = rport=139 | protocol=6 | dir=out | app=system |
"{C87EED3D-395B-42CD-9825-B05617567A05}" = rport=445 | protocol=6 | dir=out | app=system |
"{CC7B2D30-0BCE-4A82-95A7-E9DB19D7CF9A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D8969E3C-852D-4701-8BEA-BC579071540A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8D7576E-18AC-422C-A239-A09FD85015B0}" = lport=1317 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{D9098108-D46C-4D5C-9FAD-61596D7CD2D2}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{DF553385-03A3-4CA8-8B52-49E95F789E97}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{E3E3966C-21BB-4AF7-83DD-0DEF21E208B1}" = rport=137 | protocol=17 | dir=out | app=system |
"{E53D5F5E-DF6C-4383-84F4-A1BEF350DAD5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{ECE82C6B-EDEB-40E5-A863-A107CBADB25F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F1BEB7D9-2146-4CFA-8E08-2B1D08C66EA9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F1C42C8D-3C0A-45A0-AD03-3DC497D1F8A6}" = lport=137 | protocol=17 | dir=in | app=system |
"{F7CD9C0F-86D7-4042-B743-D0DE70BDC09F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F8A2FE49-1C1B-4B1A-A45C-5F104EFABB48}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC8F8FEA-39C0-40D7-8831-8BA9EC6F6B6E}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0002932B-CD50-4D16-BD94-D15103E2BD84}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{025ED5E3-20DE-407E-B15B-03C32126BB7F}" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"{0558F32F-61E7-4546-9D81-3EC3DBFF4213}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0BAE7B64-5AC2-4E84-82BE-4869738F9439}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0C1977C9-E63A-4645-AD86-44415105F9D3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\raceroom racing experience\rrrlauncher.exe |
"{0DBBA1CD-47D8-44A2-8D4B-74AD44DDD874}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"{0EB1A40A-01D0-42E1-A6DD-85D464DB520A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{112EEDFE-0DC0-4349-93E7-A376C20EC740}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11619DCB-8974-43A9-A078-79FEEC05C4A2}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{1234A7AE-E96E-4794-8E05-0DDA505E37B1}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{1575E074-8DD4-4F68-83E2-42FFA042401A}" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe |
"{192221A4-A4C4-4691-8E07-42E0D7D17BB1}" = protocol=6 | dir=in | app=c:\program files\halite\halite.exe |
"{1B52F57C-A4CA-4A19-AC81-B491D217B89E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{227F5EAC-4868-417C-B728-43E247C622A6}" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"{23334924-5E1E-48A3-A7EE-437DA2DAEFE1}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{241EC8FE-369C-4290-A1AF-55D3F2F05ADD}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{2610A655-F75F-40AF-BBD5-232D06892DFB}" = protocol=17 | dir=in | app=c:\program files\halite\halite.exe |
"{2665E908-334F-445E-AA1B-43FF11BB896A}" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"{28264708-447C-4B25-A1CE-A4482D4F101B}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wservice.exe |
"{291AFAC4-70A1-468B-BAE1-30484A5F221C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2C0466B4-48AB-443E-838F-4CAFEE13009E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2E231F53-E1A2-46AF-A0A6-17702982CCF1}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2EC0E4A1-4A1C-4347-B51F-16CE7398AB1C}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wservice.exe |
"{2F1C99AF-A1FB-429A-A9FE-8CB0C33D3667}" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{2FF920EE-67B6-4E1C-8720-1EF17F4D2C52}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{34B3AB33-063E-4B50-A322-3585DF465C46}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{351D1BAC-C45E-42AF-8424-7390A767BE1E}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{35DD62FA-FEED-4A49-BDD3-D4E8702B2CC5}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{3AC6C143-0DAB-4284-879B-D72416E29EA8}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{3CD210B1-43CF-4F36-99AF-5FBE2D236153}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DE4C71D-E274-4E2C-AE4D-6ED6BCE02BFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3FE44C03-ED2A-4B23-9470-B3A3DDABB31A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{413627AB-AE7D-4BBA-82BA-6C25BC13D802}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{41E02068-5FDB-448C-931E-711FF9E00D63}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{41EBB269-83DD-4142-9E46-A00F5F5AC64A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{4568C118-2D27-40AD-BE15-A2D40B4766BD}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{4697BA74-519B-4DB8-B4D5-98753E519F25}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wlite.exe |
"{4A1F62E5-954F-4629-97EA-DB29893BC3B9}" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{4C68F375-87E3-419B-AB48-6299E821EAD3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4DE3E3B9-461F-4E2E-BB4D-05B62828F37D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{4FCAEA5C-4B2D-48FD-B967-DC92AEAFFDAB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{51C83016-BDCA-439F-B030-A8424491B717}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{530A4009-51F2-4559-BAEA-7633A96A2EBB}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"{536D7752-1D1F-4440-AC04-B3EBEA0F1C9F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{59A1FD9D-0D88-484C-B603-2F3978493C59}" = protocol=6 | dir=in | app=c:\program files\cesarftp\server.exe |
"{5C12BB49-24B4-4C3C-BA0D-9F41F1B50B5E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{5D013595-7044-4277-8D18-6D8CE6E49D5E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5E5B2458-FADE-4FD0-8F62-A389AEF8CE38}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{5E6C1A89-055D-4F03-B45B-BB519E4203F2}" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"{5F61B4B2-BDFE-4FDD-B96E-691FE0BFBB27}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{5FEE1058-3A53-40F6-9F88-7EDC4DC5C0F0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\raceroom racing experience\rrrlauncher.exe |
"{633E8C25-C481-4EC7-AEEE-2BCF76F0B837}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{646E9941-55EE-4C48-9DA3-DF8F75BC81E3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6870ADBF-8DC8-4E6F-A050-903344B5D184}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{6B3A7769-7BC1-4738-8E7C-174A114FD98E}" = dir=in | app=%programfiles%\abc\richard burns rally\richardburnsrally.exe |
"{6BC37CBC-270B-421D-BAF8-3146097C1A56}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{6D2BD909-922D-4D2B-9E08-B9A698222F6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E8BAE24-E4DC-4C96-A5E2-044841E6279E}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{705B6AD5-0A34-4529-BF48-5E8D5E874ED5}" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"{719A8412-5899-447D-A8D9-5E8A5BB36D77}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"{766D2AE6-D49D-44A4-8584-6F2C981F46A2}" = dir=in | app=c:\users\ondra\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{7CC7B46A-4C6C-4893-ADD2-05AA35B6AEE5}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{821C856B-8B6B-4743-8FD3-D4C5DB063E49}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{8818B85F-1DD7-4B7A-A0F0-997B9CA0C875}" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"{8CA296D2-50E4-4663-BD3F-EDBA8EC4F0ED}" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"{8D7B8481-BAFE-4221-AEDE-AD7DC29F1457}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{8F645B09-6553-4E44-AF91-0995CC3A08B9}" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{8FD7C7D5-B2FB-4CCD-B8F1-C2F4B0D5C8B9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{903B119A-0976-48E0-8957-8DFC73CBB19B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{914167C1-857A-43E0-9C80-C1EC39B6258C}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{9547DD9F-9F91-4080-A7CC-3130D2F21185}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9890AB06-809C-4176-9936-B54434E60806}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"{99999B69-DAE2-42CC-B717-30B940B00CBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E99C217-7C1A-4D82-9259-B8C9B5E0C252}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wlite.exe |
"{A4F48A92-201C-4669-A42B-781DE1BFFBFD}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"{A7B00E23-E1B1-4FCC-875F-E72C82032E5B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A802D021-077E-4FF0-8624-4D41CC90C245}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{AA11D774-3891-443B-B872-3D34A698213F}" = dir=in | app=c:\program files\microsoft games\microsoft flight\flight.exe |
"{AE27FB15-82EE-4D2F-ABA8-77AAB6D8DB69}" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"{AF29E803-4E5F-4722-A99B-75CA967FC816}" = protocol=6 | dir=out | app=system |
"{B328AF5D-B298-4424-8B45-0621B8597F28}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B4C29E40-93B0-4DE9-8C4C-F6C5E4717CC5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B6DE4C1D-377F-4007-8FBC-8F5EF552E1D3}" = dir=out | app=c:\windows\system32\svchost.exe |
"{B81F90A7-26F3-4A6A-A30E-1F543024FE22}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{B8720F3F-C66F-48C1-B4EA-E1658ED63A6B}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BB935EFF-75C5-4BD6-BC13-9472664B10D3}" = protocol=17 | dir=in | app=c:\program files\cesarftp\server.exe |
"{C19D068D-7E57-401E-A9DF-F9855C551202}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C2A4F49E-5A83-413D-806B-2D6424B26FD5}" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"{C3D25B8C-F311-4008-A226-847001618434}" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{D75ACB9A-98F9-49AB-9CEB-A1C506A8EB84}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D8FA0174-501D-4664-9B43-9B44FF2FEF64}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EE670B68-2627-4D9F-9635-3D4763F13CE8}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{F045AF90-0FF9-4C4D-BB8D-09F4BED949F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F57342B6-FD20-4738-90C2-8E8E4B31FA60}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{F92AF6AD-A88B-4B38-BA50-5256FACCE09D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{FBF8717B-010C-4E78-8796-6493246F47EA}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{10F7E54F-F8F5-43B4-83B8-4B53FF5493A5}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"TCP Query User{147DFA8C-2F7E-40DB-92E7-A3C4E8CB4B9C}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"TCP Query User{14D11BD3-1445-468E-9BB8-D149C18B608E}C:\program files\idisplay\idisplay.exe" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"TCP Query User{3DA16CC0-5702-4D7C-BC2C-D763D5134015}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"TCP Query User{3EBE20B5-2101-4040-A869-3B5C78DF6E66}C:\games\world_of_warplanes\worldofwarplanes.exe" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"TCP Query User{45BFFD15-2F52-4BF7-9233-132443AD65D4}C:\program files\cesarftp\server.exe" = protocol=6 | dir=in | app=c:\program files\cesarftp\server.exe |
"TCP Query User{52A84E12-078A-407C-B17E-BF50B77ABBAE}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{60B3ED7A-96A7-4489-91C6-FBC8A806F0CF}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{84EE5344-35F7-483D-9620-09706229E584}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{85530641-B117-48E2-8861-5D19D265BACF}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"TCP Query User{94933464-14E6-4B1B-9E4E-A6F96D6A4206}C:\games\world_of_warplanes\wowplauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"TCP Query User{C043541D-7003-4D13-9F6A-49D08E5F3E90}C:\program files\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"TCP Query User{D6488C5E-5211-4549-9093-F03EDF4C4C2B}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{DD14D643-68B9-40D8-A4DE-98911981F9AB}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{F01D6161-FCA6-449B-92ED-9DE5ADAC2AE5}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{FAFF3520-E106-49E8-8643-DC4B98BE21B3}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{10CA6154-9214-4911-ADBD-85E848257231}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{13A2604A-541B-4E76-BF7A-F657D9CE6C71}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{18EB2AE5-D80A-47D8-8701-2E3B4704CBE2}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{295CCD9E-33F7-4CE9-B703-E34A32486690}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"UDP Query User{3B14647C-2255-4FB0-9366-251ECFDBF77F}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{539A9C65-3D19-4150-8C24-EEF38EA8B3B9}C:\games\world_of_warplanes\worldofwarplanes.exe" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"UDP Query User{64210B34-DA2C-4265-8684-02FDC1CE40DE}C:\program files\idisplay\idisplay.exe" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"UDP Query User{670DE337-3F26-41EA-8FA3-8B48019B4E42}C:\program files\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe |
"UDP Query User{70E06152-BCD7-4D94-B274-40F0BBCC4CCA}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"UDP Query User{7506839F-38B4-47B1-867A-4FF8FF0AD1CC}C:\games\world_of_warplanes\wowplauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"UDP Query User{9A19C1C1-A7C6-4038-8C42-73E1EDE0793C}C:\program files\cesarftp\server.exe" = protocol=17 | dir=in | app=c:\program files\cesarftp\server.exe |
"UDP Query User{B7A88EA6-3263-42D0-B6CB-75F3D114EA9B}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"UDP Query User{D6955660-7236-4422-A960-DE5E1FBE0A4B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D6FAF12E-4F75-4DAA-A19D-C923C33443D8}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{D968B295-D017-46CF-BD35-B2B4F0126999}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{F6D912F9-84D5-4552-B241-2F76EFDA047F}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"${PRODUCT_ID}-1.1.3.38636" = Ekahau HeatMapper
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{10B43A43-FF73-47FD-83E8-A503E84F9ED6}" = OpenOffice.org 3.3
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1" = World of Warplanes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2B0FC5A8-C3B6-33B7-9069-0D3BC69D2E50}" = Google Talk Plugin
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}" = TP-LINK Wireless Client Utility
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40B6D0B4-301A-4020-869F-2E3936E02299}" = WebMate
"{42A4EC40-09BC-427C-B657-67978B784058}" = Rally Trophy
"{45642795-567E-4B46-85E7-5CDBC8B2F697}" = inSSIDer
"{47F6627C-61DD-4191-91C3-2E4077EE7B1F}" = MAGIX Music Maker 17 Premium Download Version
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5BE3BF62-D432-4D47-A712-CD4DF91CABFB}" = ZyXEL USB ADSL Modem/Router
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}" = Ace of Spades
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{672CF0DF-730F-45C4-9BC7-081F7722C1EB}" = Halite
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}" = Microsoft Small Basic v1.0
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{91D18A92-69C2-9A7B-6662-159D8E6CBEF1}" = Project ROME
"{92C7D009-A464-4948-A980-7A3E28CB2F49}_is1" = ABC Edice PC her - Richard Burns Rally
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93293322-B694-4270-B7FE-DDE1A681ACCA}" = linguatec Voice Reader
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99F351B0-E2CD-43E2-935F-256F1CF1348B}" = i-Look 110
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C1FAB12-F426-432E-8579-75CAB60C69CF}" = AMD OverDrive
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B119B96C-F724-4A9D-87FF-A505BD4C3772}" = BlueStacks
"{B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1" = Hydrogen 0.9.6 preview release for windows
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}" = Turbo Key
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9B28AD2-32A5-4D74-8857-8C96AA45BBAD}" = RP 2009 Shakedown
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CDED9EF0-D072-11DF-2EA6-0104A00B0BB3}" = CommView for WiFi
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DFDD2913-557D-4EB5-8745-47749E521760}" = MAGIX Screenshare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F85B1840-3DD5-4870-9204-A7BF3DDFC3D0}" = Oracle VM VirtualBox 4.1.14
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDD41BE8-3FEE-4839-B1D8-8970D24D314D}" = MAGIX Speed burnR (MSI)
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Afterburner" = MSI Afterburner 2.2.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.50
"Amnesia" = Amnesia
"ArmA 2" = ArmA 2 Free Uninstall
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"avast" = avast! Free Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BattlEye A2 Free" = BattlEye (A2Free) Uninstall
"CCleaner" = CCleaner
"CesarFTP 0.99g_is1" = CesarFTP 0.99g
"com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Project ROME
"Connectify" = Connectify Hotspot
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.19
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EaseUS Partition Master Home Edition_is1" = EaseUS Partition Master 9.1.1 Home Edition
"EXPERTool_is1" = EXPERTool 7.5
"FormatFactory" = FormatFactory 2.95
"Fraps" = Fraps (remove only)
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"GIMP-2_is1" = GIMP 2.8.0
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HeavyLoad_is1" = HeavyLoad V3.2
"iDisplay_is1" = iDisplay 2.0.0
"IL Download Manager" = IL Download Manager
"InfraRecorder" = InfraRecorder
"IrfanView" = IrfanView (remove only)
"LAME_is1" = LAME v3.99.3 (for Windows)
"LinuxLive USB Creator" = LinuxLive USB Creator
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"MAGIX music maker 11 demo US" = MAGIX music maker 11 demo (US)
"MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA Screen Saver_is1" = NVIDIA Screen Saver 1.2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"ProfiCAD_is1" = ProfiCAD 7.2
"PunkBusterSvc" = PunkBuster Services
"Rally Trophy" = Rally Trophy
"RBRBergheim" = RBR Bergheim (remove only)
"RBRHradek" = RBR Hradek (remove only)
"RBRMlynky" = RBR Mlynky (remove only)
"RBRPribram1" = RBR Pribram (remove only)
"RBRPribram2" = RBR Pribram 2 (remove only)
"RBRProspectRidge2A" = RBR Prospect Ridge 2A (remove only)
"RBRReversedTracks" = RBR Reversed Tracks (remove only)
"RBRSemetin" = BARUM RALLY - Semetín 2009, Semetín 2010 (remove only)
"RBRSchool2" = RBR School stage 2 (remove only)
"RBRSieversdorf" = RBR Sieversdorf (remove only)
"RBRSosnova" = RBR Sosnova (remove only)
"RBRSosnova2010" = RBR Sosnova2010 (remove only)
"RBRTM" = RBR Tournament plugin (remove only)
"RP 2009 Shakedown" = RBR Stage RP 2009 Shakedown
"SeriousSam2" = Serious Sam 2
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Speccy" = Speccy
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Parabola Calculator
"Steam App 200210" = Realm of the Mad God
"Steam App 211500" = RaceRoom Racing Experience
"Steam App 43110" = Metro 2033
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Vistumbler" = Vistumbler
"VLC media player" = VLC media player 2.0.1
"vLite_is1" = vLite
"VMware_Player" = VMware Player
"webcam 7" = webcam 7
"Winamp" = Winamp
"Windows Movie Maker" = Windows Movie Maker
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"WinToFlash Suggestor" = WinToFlash Suggestor
"Wireshark" = Wireshark 1.8.2 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"d8be6c3f847d7d92" = Ghost Recon Online
"MyPaint" = MyPaint 1.0.0
"PhotoFiltre" = PhotoFiltre
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.12.2012 4:11:21 | Computer Name = ondra-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu LogMeIn Hamachi Tunneling Engine nelze ukončit.
Error - 30.12.2012 4:11:25 | Computer Name = ondra-PC | Source = MsiInstaller | ID = 11714
Description =
Error - 30.12.2012 4:12:11 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 30.12.2012 5:09:59 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 5:10:23 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 5:10:48 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\VMware\vmware player\vssSnapVista64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 14:00:02 | Computer Name = ondra-PC | Source = Windows Backup | ID = 4103
Description =
Error - 30.12.2012 16:43:56 | Computer Name = ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Kód výjimky: 0xc0000005 Posun chyby: 0x000dd5a3 ID chybujícího procesu:
0x1280 Čas spuštění chybující aplikace: 0x01cde6ce4feeafe0 Cesta k chybující aplikaci:
C:\Program Files\GTA San Andreas\gta_sa.exe Cesta k chybujícímu modulu: C:\Program
Files\GTA San Andreas\gta_sa.exe ID zprávy: a0a7a911-52c1-11e2-bd23-005056c00008
Error - 31.12.2012 3:33:55 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 31.12.2012 4:37:23 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 31.12.2012 4:55:43 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
[ System Events ]
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = PNRPSvc | ID = 102
Description =
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 28.10.2012 2:27:31 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).
Error - 28.10.2012 2:27:31 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = PNRPSvc | ID = 102
Description =
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
< End of report >
OTL Extras logfile created on: 31.12.2012 10:03:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ondra\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,64% Memory free
6,50 Gb Paging File | 5,25 Gb Available in Paging File | 80,81% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 99,72 Gb Free Space | 33,45% Space Free | Partition Type: NTFS
Drive D: | 117,19 Gb Total Space | 72,53 Gb Free Space | 61,89% Space Free | Partition Type: NTFS
Drive E: | 58,08 Gb Total Space | 57,96 Gb Free Space | 99,78% Space Free | Partition Type: NTFS
Computer Name: ONDRA-PC | User Name: ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00426367-F982-4B6E-B143-6972D336B597}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{03AD8531-F47D-416A-8122-5419441ADE7B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{03B6C477-169A-4FD8-98F2-93AA7971A05A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A587A2B-4FB7-4B26-9B91-EFB998012B02}" = lport=2869 | protocol=6 | dir=in | app=system |
"{18C45561-442E-463C-A420-4FA4EF8CE672}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{1F70E144-64FC-4EFB-9452-8083C1367A9F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{20A154C5-8BB4-43D2-B2ED-91E231881BB8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{22ADC36D-8FE5-474E-910A-A754DF4E37BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{24960802-2360-4181-9CDA-EB2352A34356}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A16A781-0D26-4C0A-B89F-79D4046561C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{3602D79A-EE9F-4CF7-9464-45FA50D311C9}" = lport=2987 | protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"{38831586-7BEF-4E31-8914-9A84F8C75C62}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4128A737-1DAF-4344-B14E-03148A42CC52}" = lport=3389 | protocol=6 | dir=in | app=system |
"{48565852-8791-47EF-8B97-944C87BD842B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4942117D-A4C0-4E22-BE5E-1401F42BE2B4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4EF002FD-7A53-455A-AFEE-83DE296ABFFA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AA0A335-D28A-4A61-8745-076FC2595574}" = lport=59127 | protocol=17 | dir=in | name=pando media booster |
"{6362F1F9-2688-4AE3-AE35-2FEF4D7A6BED}" = lport=1303 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{67CC5A55-5CDD-489D-BF87-7B3AE1443500}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{6E312179-525C-484F-A037-786711BF2EA1}" = rport=138 | protocol=17 | dir=out | app=system |
"{714C73CC-EFB9-486F-A1CF-38EF04B29B83}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{772ACA8F-8426-4621-A0B0-4FAC1CA2A4E9}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D53064F-C513-4A0D-AD50-A7116A75D141}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{807FD163-3C9E-4E1A-9A51-4EA3762C85C7}" = lport=59127 | protocol=6 | dir=in | name=pando media booster |
"{82D218FD-E63E-4D44-B07C-1B709BFF4CAC}" = lport=445 | protocol=6 | dir=in | app=system |
"{87A7F2A7-5DDE-49E7-AEB8-2995CFEB6ECF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{944F2C82-C43E-4539-84AB-EF68E9258019}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1D7B54B-E77E-4AAD-866F-3534728746B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B30ED893-D8C8-4A79-977F-41A739432985}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BEBF93F3-314E-4184-A984-F4196B7101B8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C164A466-6619-4AB6-8F41-C190249747AD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C52B8494-A58E-428F-9810-CD7188E5ED8A}" = rport=2869 | protocol=6 | dir=out | app=system |
"{C6D99620-5201-409A-A972-0BEFE00230AA}" = rport=139 | protocol=6 | dir=out | app=system |
"{C87EED3D-395B-42CD-9825-B05617567A05}" = rport=445 | protocol=6 | dir=out | app=system |
"{CC7B2D30-0BCE-4A82-95A7-E9DB19D7CF9A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D8969E3C-852D-4701-8BEA-BC579071540A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8D7576E-18AC-422C-A239-A09FD85015B0}" = lport=1317 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{D9098108-D46C-4D5C-9FAD-61596D7CD2D2}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{DF553385-03A3-4CA8-8B52-49E95F789E97}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{E3E3966C-21BB-4AF7-83DD-0DEF21E208B1}" = rport=137 | protocol=17 | dir=out | app=system |
"{E53D5F5E-DF6C-4383-84F4-A1BEF350DAD5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{ECE82C6B-EDEB-40E5-A863-A107CBADB25F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F1BEB7D9-2146-4CFA-8E08-2B1D08C66EA9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F1C42C8D-3C0A-45A0-AD03-3DC497D1F8A6}" = lport=137 | protocol=17 | dir=in | app=system |
"{F7CD9C0F-86D7-4042-B743-D0DE70BDC09F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F8A2FE49-1C1B-4B1A-A45C-5F104EFABB48}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC8F8FEA-39C0-40D7-8831-8BA9EC6F6B6E}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0002932B-CD50-4D16-BD94-D15103E2BD84}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{025ED5E3-20DE-407E-B15B-03C32126BB7F}" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"{0558F32F-61E7-4546-9D81-3EC3DBFF4213}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0BAE7B64-5AC2-4E84-82BE-4869738F9439}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0C1977C9-E63A-4645-AD86-44415105F9D3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\raceroom racing experience\rrrlauncher.exe |
"{0DBBA1CD-47D8-44A2-8D4B-74AD44DDD874}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"{0EB1A40A-01D0-42E1-A6DD-85D464DB520A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{112EEDFE-0DC0-4349-93E7-A376C20EC740}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11619DCB-8974-43A9-A078-79FEEC05C4A2}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{1234A7AE-E96E-4794-8E05-0DDA505E37B1}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{1575E074-8DD4-4F68-83E2-42FFA042401A}" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe |
"{192221A4-A4C4-4691-8E07-42E0D7D17BB1}" = protocol=6 | dir=in | app=c:\program files\halite\halite.exe |
"{1B52F57C-A4CA-4A19-AC81-B491D217B89E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{227F5EAC-4868-417C-B728-43E247C622A6}" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"{23334924-5E1E-48A3-A7EE-437DA2DAEFE1}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{241EC8FE-369C-4290-A1AF-55D3F2F05ADD}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{2610A655-F75F-40AF-BBD5-232D06892DFB}" = protocol=17 | dir=in | app=c:\program files\halite\halite.exe |
"{2665E908-334F-445E-AA1B-43FF11BB896A}" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"{28264708-447C-4B25-A1CE-A4482D4F101B}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wservice.exe |
"{291AFAC4-70A1-468B-BAE1-30484A5F221C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2C0466B4-48AB-443E-838F-4CAFEE13009E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2E231F53-E1A2-46AF-A0A6-17702982CCF1}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2EC0E4A1-4A1C-4347-B51F-16CE7398AB1C}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wservice.exe |
"{2F1C99AF-A1FB-429A-A9FE-8CB0C33D3667}" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{2FF920EE-67B6-4E1C-8720-1EF17F4D2C52}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{34B3AB33-063E-4B50-A322-3585DF465C46}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{351D1BAC-C45E-42AF-8424-7390A767BE1E}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{35DD62FA-FEED-4A49-BDD3-D4E8702B2CC5}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{3AC6C143-0DAB-4284-879B-D72416E29EA8}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{3CD210B1-43CF-4F36-99AF-5FBE2D236153}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DE4C71D-E274-4E2C-AE4D-6ED6BCE02BFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3FE44C03-ED2A-4B23-9470-B3A3DDABB31A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{413627AB-AE7D-4BBA-82BA-6C25BC13D802}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{41E02068-5FDB-448C-931E-711FF9E00D63}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{41EBB269-83DD-4142-9E46-A00F5F5AC64A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{4568C118-2D27-40AD-BE15-A2D40B4766BD}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{4697BA74-519B-4DB8-B4D5-98753E519F25}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wlite.exe |
"{4A1F62E5-954F-4629-97EA-DB29893BC3B9}" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{4C68F375-87E3-419B-AB48-6299E821EAD3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4DE3E3B9-461F-4E2E-BB4D-05B62828F37D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{4FCAEA5C-4B2D-48FD-B967-DC92AEAFFDAB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{51C83016-BDCA-439F-B030-A8424491B717}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{530A4009-51F2-4559-BAEA-7633A96A2EBB}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"{536D7752-1D1F-4440-AC04-B3EBEA0F1C9F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{59A1FD9D-0D88-484C-B603-2F3978493C59}" = protocol=6 | dir=in | app=c:\program files\cesarftp\server.exe |
"{5C12BB49-24B4-4C3C-BA0D-9F41F1B50B5E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{5D013595-7044-4277-8D18-6D8CE6E49D5E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5E5B2458-FADE-4FD0-8F62-A389AEF8CE38}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{5E6C1A89-055D-4F03-B45B-BB519E4203F2}" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"{5F61B4B2-BDFE-4FDD-B96E-691FE0BFBB27}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{5FEE1058-3A53-40F6-9F88-7EDC4DC5C0F0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\raceroom racing experience\rrrlauncher.exe |
"{633E8C25-C481-4EC7-AEEE-2BCF76F0B837}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{646E9941-55EE-4C48-9DA3-DF8F75BC81E3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6870ADBF-8DC8-4E6F-A050-903344B5D184}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{6B3A7769-7BC1-4738-8E7C-174A114FD98E}" = dir=in | app=%programfiles%\abc\richard burns rally\richardburnsrally.exe |
"{6BC37CBC-270B-421D-BAF8-3146097C1A56}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{6D2BD909-922D-4D2B-9E08-B9A698222F6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E8BAE24-E4DC-4C96-A5E2-044841E6279E}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{705B6AD5-0A34-4529-BF48-5E8D5E874ED5}" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"{719A8412-5899-447D-A8D9-5E8A5BB36D77}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"{766D2AE6-D49D-44A4-8584-6F2C981F46A2}" = dir=in | app=c:\users\ondra\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{7CC7B46A-4C6C-4893-ADD2-05AA35B6AEE5}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{821C856B-8B6B-4743-8FD3-D4C5DB063E49}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{8818B85F-1DD7-4B7A-A0F0-997B9CA0C875}" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"{8CA296D2-50E4-4663-BD3F-EDBA8EC4F0ED}" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"{8D7B8481-BAFE-4221-AEDE-AD7DC29F1457}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{8F645B09-6553-4E44-AF91-0995CC3A08B9}" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{8FD7C7D5-B2FB-4CCD-B8F1-C2F4B0D5C8B9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{903B119A-0976-48E0-8957-8DFC73CBB19B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{914167C1-857A-43E0-9C80-C1EC39B6258C}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{9547DD9F-9F91-4080-A7CC-3130D2F21185}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9890AB06-809C-4176-9936-B54434E60806}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"{99999B69-DAE2-42CC-B717-30B940B00CBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E99C217-7C1A-4D82-9259-B8C9B5E0C252}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wlite.exe |
"{A4F48A92-201C-4669-A42B-781DE1BFFBFD}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"{A7B00E23-E1B1-4FCC-875F-E72C82032E5B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A802D021-077E-4FF0-8624-4D41CC90C245}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{AA11D774-3891-443B-B872-3D34A698213F}" = dir=in | app=c:\program files\microsoft games\microsoft flight\flight.exe |
"{AE27FB15-82EE-4D2F-ABA8-77AAB6D8DB69}" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"{AF29E803-4E5F-4722-A99B-75CA967FC816}" = protocol=6 | dir=out | app=system |
"{B328AF5D-B298-4424-8B45-0621B8597F28}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B4C29E40-93B0-4DE9-8C4C-F6C5E4717CC5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B6DE4C1D-377F-4007-8FBC-8F5EF552E1D3}" = dir=out | app=c:\windows\system32\svchost.exe |
"{B81F90A7-26F3-4A6A-A30E-1F543024FE22}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{B8720F3F-C66F-48C1-B4EA-E1658ED63A6B}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BB935EFF-75C5-4BD6-BC13-9472664B10D3}" = protocol=17 | dir=in | app=c:\program files\cesarftp\server.exe |
"{C19D068D-7E57-401E-A9DF-F9855C551202}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C2A4F49E-5A83-413D-806B-2D6424B26FD5}" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"{C3D25B8C-F311-4008-A226-847001618434}" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{D75ACB9A-98F9-49AB-9CEB-A1C506A8EB84}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D8FA0174-501D-4664-9B43-9B44FF2FEF64}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EE670B68-2627-4D9F-9635-3D4763F13CE8}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{F045AF90-0FF9-4C4D-BB8D-09F4BED949F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F57342B6-FD20-4738-90C2-8E8E4B31FA60}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{F92AF6AD-A88B-4B38-BA50-5256FACCE09D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{FBF8717B-010C-4E78-8796-6493246F47EA}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{10F7E54F-F8F5-43B4-83B8-4B53FF5493A5}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"TCP Query User{147DFA8C-2F7E-40DB-92E7-A3C4E8CB4B9C}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"TCP Query User{14D11BD3-1445-468E-9BB8-D149C18B608E}C:\program files\idisplay\idisplay.exe" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"TCP Query User{3DA16CC0-5702-4D7C-BC2C-D763D5134015}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"TCP Query User{3EBE20B5-2101-4040-A869-3B5C78DF6E66}C:\games\world_of_warplanes\worldofwarplanes.exe" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"TCP Query User{45BFFD15-2F52-4BF7-9233-132443AD65D4}C:\program files\cesarftp\server.exe" = protocol=6 | dir=in | app=c:\program files\cesarftp\server.exe |
"TCP Query User{52A84E12-078A-407C-B17E-BF50B77ABBAE}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{60B3ED7A-96A7-4489-91C6-FBC8A806F0CF}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{84EE5344-35F7-483D-9620-09706229E584}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{85530641-B117-48E2-8861-5D19D265BACF}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"TCP Query User{94933464-14E6-4B1B-9E4E-A6F96D6A4206}C:\games\world_of_warplanes\wowplauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"TCP Query User{C043541D-7003-4D13-9F6A-49D08E5F3E90}C:\program files\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"TCP Query User{D6488C5E-5211-4549-9093-F03EDF4C4C2B}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{DD14D643-68B9-40D8-A4DE-98911981F9AB}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{F01D6161-FCA6-449B-92ED-9DE5ADAC2AE5}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{FAFF3520-E106-49E8-8643-DC4B98BE21B3}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{10CA6154-9214-4911-ADBD-85E848257231}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{13A2604A-541B-4E76-BF7A-F657D9CE6C71}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{18EB2AE5-D80A-47D8-8701-2E3B4704CBE2}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{295CCD9E-33F7-4CE9-B703-E34A32486690}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"UDP Query User{3B14647C-2255-4FB0-9366-251ECFDBF77F}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{539A9C65-3D19-4150-8C24-EEF38EA8B3B9}C:\games\world_of_warplanes\worldofwarplanes.exe" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"UDP Query User{64210B34-DA2C-4265-8684-02FDC1CE40DE}C:\program files\idisplay\idisplay.exe" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"UDP Query User{670DE337-3F26-41EA-8FA3-8B48019B4E42}C:\program files\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe |
"UDP Query User{70E06152-BCD7-4D94-B274-40F0BBCC4CCA}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"UDP Query User{7506839F-38B4-47B1-867A-4FF8FF0AD1CC}C:\games\world_of_warplanes\wowplauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"UDP Query User{9A19C1C1-A7C6-4038-8C42-73E1EDE0793C}C:\program files\cesarftp\server.exe" = protocol=17 | dir=in | app=c:\program files\cesarftp\server.exe |
"UDP Query User{B7A88EA6-3263-42D0-B6CB-75F3D114EA9B}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"UDP Query User{D6955660-7236-4422-A960-DE5E1FBE0A4B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D6FAF12E-4F75-4DAA-A19D-C923C33443D8}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{D968B295-D017-46CF-BD35-B2B4F0126999}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{F6D912F9-84D5-4552-B241-2F76EFDA047F}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"${PRODUCT_ID}-1.1.3.38636" = Ekahau HeatMapper
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{10B43A43-FF73-47FD-83E8-A503E84F9ED6}" = OpenOffice.org 3.3
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1" = World of Warplanes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2B0FC5A8-C3B6-33B7-9069-0D3BC69D2E50}" = Google Talk Plugin
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}" = TP-LINK Wireless Client Utility
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40B6D0B4-301A-4020-869F-2E3936E02299}" = WebMate
"{42A4EC40-09BC-427C-B657-67978B784058}" = Rally Trophy
"{45642795-567E-4B46-85E7-5CDBC8B2F697}" = inSSIDer
"{47F6627C-61DD-4191-91C3-2E4077EE7B1F}" = MAGIX Music Maker 17 Premium Download Version
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5BE3BF62-D432-4D47-A712-CD4DF91CABFB}" = ZyXEL USB ADSL Modem/Router
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}" = Ace of Spades
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{672CF0DF-730F-45C4-9BC7-081F7722C1EB}" = Halite
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}" = Microsoft Small Basic v1.0
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{91D18A92-69C2-9A7B-6662-159D8E6CBEF1}" = Project ROME
"{92C7D009-A464-4948-A980-7A3E28CB2F49}_is1" = ABC Edice PC her - Richard Burns Rally
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93293322-B694-4270-B7FE-DDE1A681ACCA}" = linguatec Voice Reader
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99F351B0-E2CD-43E2-935F-256F1CF1348B}" = i-Look 110
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C1FAB12-F426-432E-8579-75CAB60C69CF}" = AMD OverDrive
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B119B96C-F724-4A9D-87FF-A505BD4C3772}" = BlueStacks
"{B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1" = Hydrogen 0.9.6 preview release for windows
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}" = Turbo Key
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9B28AD2-32A5-4D74-8857-8C96AA45BBAD}" = RP 2009 Shakedown
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CDED9EF0-D072-11DF-2EA6-0104A00B0BB3}" = CommView for WiFi
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DFDD2913-557D-4EB5-8745-47749E521760}" = MAGIX Screenshare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F85B1840-3DD5-4870-9204-A7BF3DDFC3D0}" = Oracle VM VirtualBox 4.1.14
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDD41BE8-3FEE-4839-B1D8-8970D24D314D}" = MAGIX Speed burnR (MSI)
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Afterburner" = MSI Afterburner 2.2.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.50
"Amnesia" = Amnesia
"ArmA 2" = ArmA 2 Free Uninstall
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"avast" = avast! Free Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BattlEye A2 Free" = BattlEye (A2Free) Uninstall
"CCleaner" = CCleaner
"CesarFTP 0.99g_is1" = CesarFTP 0.99g
"com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Project ROME
"Connectify" = Connectify Hotspot
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.19
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EaseUS Partition Master Home Edition_is1" = EaseUS Partition Master 9.1.1 Home Edition
"EXPERTool_is1" = EXPERTool 7.5
"FormatFactory" = FormatFactory 2.95
"Fraps" = Fraps (remove only)
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"GIMP-2_is1" = GIMP 2.8.0
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HeavyLoad_is1" = HeavyLoad V3.2
"iDisplay_is1" = iDisplay 2.0.0
"IL Download Manager" = IL Download Manager
"InfraRecorder" = InfraRecorder
"IrfanView" = IrfanView (remove only)
"LAME_is1" = LAME v3.99.3 (for Windows)
"LinuxLive USB Creator" = LinuxLive USB Creator
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"MAGIX music maker 11 demo US" = MAGIX music maker 11 demo (US)
"MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA Screen Saver_is1" = NVIDIA Screen Saver 1.2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"ProfiCAD_is1" = ProfiCAD 7.2
"PunkBusterSvc" = PunkBuster Services
"Rally Trophy" = Rally Trophy
"RBRBergheim" = RBR Bergheim (remove only)
"RBRHradek" = RBR Hradek (remove only)
"RBRMlynky" = RBR Mlynky (remove only)
"RBRPribram1" = RBR Pribram (remove only)
"RBRPribram2" = RBR Pribram 2 (remove only)
"RBRProspectRidge2A" = RBR Prospect Ridge 2A (remove only)
"RBRReversedTracks" = RBR Reversed Tracks (remove only)
"RBRSemetin" = BARUM RALLY - Semetín 2009, Semetín 2010 (remove only)
"RBRSchool2" = RBR School stage 2 (remove only)
"RBRSieversdorf" = RBR Sieversdorf (remove only)
"RBRSosnova" = RBR Sosnova (remove only)
"RBRSosnova2010" = RBR Sosnova2010 (remove only)
"RBRTM" = RBR Tournament plugin (remove only)
"RP 2009 Shakedown" = RBR Stage RP 2009 Shakedown
"SeriousSam2" = Serious Sam 2
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Speccy" = Speccy
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Parabola Calculator
"Steam App 200210" = Realm of the Mad God
"Steam App 211500" = RaceRoom Racing Experience
"Steam App 43110" = Metro 2033
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Vistumbler" = Vistumbler
"VLC media player" = VLC media player 2.0.1
"vLite_is1" = vLite
"VMware_Player" = VMware Player
"webcam 7" = webcam 7
"Winamp" = Winamp
"Windows Movie Maker" = Windows Movie Maker
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"WinToFlash Suggestor" = WinToFlash Suggestor
"Wireshark" = Wireshark 1.8.2 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"d8be6c3f847d7d92" = Ghost Recon Online
"MyPaint" = MyPaint 1.0.0
"PhotoFiltre" = PhotoFiltre
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.12.2012 4:11:21 | Computer Name = ondra-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu LogMeIn Hamachi Tunneling Engine nelze ukončit.
Error - 30.12.2012 4:11:25 | Computer Name = ondra-PC | Source = MsiInstaller | ID = 11714
Description =
Error - 30.12.2012 4:12:11 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 30.12.2012 5:09:59 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 5:10:23 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 5:10:48 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\VMware\vmware player\vssSnapVista64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 14:00:02 | Computer Name = ondra-PC | Source = Windows Backup | ID = 4103
Description =
Error - 30.12.2012 16:43:56 | Computer Name = ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Kód výjimky: 0xc0000005 Posun chyby: 0x000dd5a3 ID chybujícího procesu:
0x1280 Čas spuštění chybující aplikace: 0x01cde6ce4feeafe0 Cesta k chybující aplikaci:
C:\Program Files\GTA San Andreas\gta_sa.exe Cesta k chybujícímu modulu: C:\Program
Files\GTA San Andreas\gta_sa.exe ID zprávy: a0a7a911-52c1-11e2-bd23-005056c00008
Error - 31.12.2012 3:33:55 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 31.12.2012 4:37:23 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 31.12.2012 4:55:43 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
[ System Events ]
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = PNRPSvc | ID = 102
Description =
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 28.10.2012 2:27:31 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).
Error - 28.10.2012 2:27:31 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = PNRPSvc | ID = 102
Description =
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
< End of report >
Re: Číňan a nemám přístup k vytváření na C: LOG
extras
OTL Extras logfile created on: 31.12.2012 10:03:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ondra\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,64% Memory free
6,50 Gb Paging File | 5,25 Gb Available in Paging File | 80,81% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 99,72 Gb Free Space | 33,45% Space Free | Partition Type: NTFS
Drive D: | 117,19 Gb Total Space | 72,53 Gb Free Space | 61,89% Space Free | Partition Type: NTFS
Drive E: | 58,08 Gb Total Space | 57,96 Gb Free Space | 99,78% Space Free | Partition Type: NTFS
Computer Name: ONDRA-PC | User Name: ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00426367-F982-4B6E-B143-6972D336B597}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{03AD8531-F47D-416A-8122-5419441ADE7B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{03B6C477-169A-4FD8-98F2-93AA7971A05A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A587A2B-4FB7-4B26-9B91-EFB998012B02}" = lport=2869 | protocol=6 | dir=in | app=system |
"{18C45561-442E-463C-A420-4FA4EF8CE672}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{1F70E144-64FC-4EFB-9452-8083C1367A9F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{20A154C5-8BB4-43D2-B2ED-91E231881BB8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{22ADC36D-8FE5-474E-910A-A754DF4E37BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{24960802-2360-4181-9CDA-EB2352A34356}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A16A781-0D26-4C0A-B89F-79D4046561C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{3602D79A-EE9F-4CF7-9464-45FA50D311C9}" = lport=2987 | protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"{38831586-7BEF-4E31-8914-9A84F8C75C62}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4128A737-1DAF-4344-B14E-03148A42CC52}" = lport=3389 | protocol=6 | dir=in | app=system |
"{48565852-8791-47EF-8B97-944C87BD842B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4942117D-A4C0-4E22-BE5E-1401F42BE2B4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4EF002FD-7A53-455A-AFEE-83DE296ABFFA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AA0A335-D28A-4A61-8745-076FC2595574}" = lport=59127 | protocol=17 | dir=in | name=pando media booster |
"{6362F1F9-2688-4AE3-AE35-2FEF4D7A6BED}" = lport=1303 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{67CC5A55-5CDD-489D-BF87-7B3AE1443500}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{6E312179-525C-484F-A037-786711BF2EA1}" = rport=138 | protocol=17 | dir=out | app=system |
"{714C73CC-EFB9-486F-A1CF-38EF04B29B83}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{772ACA8F-8426-4621-A0B0-4FAC1CA2A4E9}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D53064F-C513-4A0D-AD50-A7116A75D141}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{807FD163-3C9E-4E1A-9A51-4EA3762C85C7}" = lport=59127 | protocol=6 | dir=in | name=pando media booster |
"{82D218FD-E63E-4D44-B07C-1B709BFF4CAC}" = lport=445 | protocol=6 | dir=in | app=system |
"{87A7F2A7-5DDE-49E7-AEB8-2995CFEB6ECF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{944F2C82-C43E-4539-84AB-EF68E9258019}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1D7B54B-E77E-4AAD-866F-3534728746B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B30ED893-D8C8-4A79-977F-41A739432985}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BEBF93F3-314E-4184-A984-F4196B7101B8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C164A466-6619-4AB6-8F41-C190249747AD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C52B8494-A58E-428F-9810-CD7188E5ED8A}" = rport=2869 | protocol=6 | dir=out | app=system |
"{C6D99620-5201-409A-A972-0BEFE00230AA}" = rport=139 | protocol=6 | dir=out | app=system |
"{C87EED3D-395B-42CD-9825-B05617567A05}" = rport=445 | protocol=6 | dir=out | app=system |
"{CC7B2D30-0BCE-4A82-95A7-E9DB19D7CF9A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D8969E3C-852D-4701-8BEA-BC579071540A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8D7576E-18AC-422C-A239-A09FD85015B0}" = lport=1317 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{D9098108-D46C-4D5C-9FAD-61596D7CD2D2}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{DF553385-03A3-4CA8-8B52-49E95F789E97}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{E3E3966C-21BB-4AF7-83DD-0DEF21E208B1}" = rport=137 | protocol=17 | dir=out | app=system |
"{E53D5F5E-DF6C-4383-84F4-A1BEF350DAD5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{ECE82C6B-EDEB-40E5-A863-A107CBADB25F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F1BEB7D9-2146-4CFA-8E08-2B1D08C66EA9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F1C42C8D-3C0A-45A0-AD03-3DC497D1F8A6}" = lport=137 | protocol=17 | dir=in | app=system |
"{F7CD9C0F-86D7-4042-B743-D0DE70BDC09F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F8A2FE49-1C1B-4B1A-A45C-5F104EFABB48}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC8F8FEA-39C0-40D7-8831-8BA9EC6F6B6E}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0002932B-CD50-4D16-BD94-D15103E2BD84}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{025ED5E3-20DE-407E-B15B-03C32126BB7F}" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"{0558F32F-61E7-4546-9D81-3EC3DBFF4213}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0BAE7B64-5AC2-4E84-82BE-4869738F9439}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0C1977C9-E63A-4645-AD86-44415105F9D3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\raceroom racing experience\rrrlauncher.exe |
"{0DBBA1CD-47D8-44A2-8D4B-74AD44DDD874}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"{0EB1A40A-01D0-42E1-A6DD-85D464DB520A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{112EEDFE-0DC0-4349-93E7-A376C20EC740}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11619DCB-8974-43A9-A078-79FEEC05C4A2}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{1234A7AE-E96E-4794-8E05-0DDA505E37B1}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{1575E074-8DD4-4F68-83E2-42FFA042401A}" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe |
"{192221A4-A4C4-4691-8E07-42E0D7D17BB1}" = protocol=6 | dir=in | app=c:\program files\halite\halite.exe |
"{1B52F57C-A4CA-4A19-AC81-B491D217B89E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{227F5EAC-4868-417C-B728-43E247C622A6}" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"{23334924-5E1E-48A3-A7EE-437DA2DAEFE1}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{241EC8FE-369C-4290-A1AF-55D3F2F05ADD}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{2610A655-F75F-40AF-BBD5-232D06892DFB}" = protocol=17 | dir=in | app=c:\program files\halite\halite.exe |
"{2665E908-334F-445E-AA1B-43FF11BB896A}" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"{28264708-447C-4B25-A1CE-A4482D4F101B}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wservice.exe |
"{291AFAC4-70A1-468B-BAE1-30484A5F221C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2C0466B4-48AB-443E-838F-4CAFEE13009E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2E231F53-E1A2-46AF-A0A6-17702982CCF1}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2EC0E4A1-4A1C-4347-B51F-16CE7398AB1C}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wservice.exe |
"{2F1C99AF-A1FB-429A-A9FE-8CB0C33D3667}" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{2FF920EE-67B6-4E1C-8720-1EF17F4D2C52}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{34B3AB33-063E-4B50-A322-3585DF465C46}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{351D1BAC-C45E-42AF-8424-7390A767BE1E}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{35DD62FA-FEED-4A49-BDD3-D4E8702B2CC5}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{3AC6C143-0DAB-4284-879B-D72416E29EA8}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{3CD210B1-43CF-4F36-99AF-5FBE2D236153}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DE4C71D-E274-4E2C-AE4D-6ED6BCE02BFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3FE44C03-ED2A-4B23-9470-B3A3DDABB31A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{413627AB-AE7D-4BBA-82BA-6C25BC13D802}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{41E02068-5FDB-448C-931E-711FF9E00D63}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{41EBB269-83DD-4142-9E46-A00F5F5AC64A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{4568C118-2D27-40AD-BE15-A2D40B4766BD}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{4697BA74-519B-4DB8-B4D5-98753E519F25}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wlite.exe |
"{4A1F62E5-954F-4629-97EA-DB29893BC3B9}" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{4C68F375-87E3-419B-AB48-6299E821EAD3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4DE3E3B9-461F-4E2E-BB4D-05B62828F37D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{4FCAEA5C-4B2D-48FD-B967-DC92AEAFFDAB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{51C83016-BDCA-439F-B030-A8424491B717}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{530A4009-51F2-4559-BAEA-7633A96A2EBB}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"{536D7752-1D1F-4440-AC04-B3EBEA0F1C9F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{59A1FD9D-0D88-484C-B603-2F3978493C59}" = protocol=6 | dir=in | app=c:\program files\cesarftp\server.exe |
"{5C12BB49-24B4-4C3C-BA0D-9F41F1B50B5E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{5D013595-7044-4277-8D18-6D8CE6E49D5E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5E5B2458-FADE-4FD0-8F62-A389AEF8CE38}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{5E6C1A89-055D-4F03-B45B-BB519E4203F2}" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"{5F61B4B2-BDFE-4FDD-B96E-691FE0BFBB27}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{5FEE1058-3A53-40F6-9F88-7EDC4DC5C0F0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\raceroom racing experience\rrrlauncher.exe |
"{633E8C25-C481-4EC7-AEEE-2BCF76F0B837}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{646E9941-55EE-4C48-9DA3-DF8F75BC81E3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6870ADBF-8DC8-4E6F-A050-903344B5D184}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{6B3A7769-7BC1-4738-8E7C-174A114FD98E}" = dir=in | app=%programfiles%\abc\richard burns rally\richardburnsrally.exe |
"{6BC37CBC-270B-421D-BAF8-3146097C1A56}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{6D2BD909-922D-4D2B-9E08-B9A698222F6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E8BAE24-E4DC-4C96-A5E2-044841E6279E}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{705B6AD5-0A34-4529-BF48-5E8D5E874ED5}" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"{719A8412-5899-447D-A8D9-5E8A5BB36D77}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"{766D2AE6-D49D-44A4-8584-6F2C981F46A2}" = dir=in | app=c:\users\ondra\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{7CC7B46A-4C6C-4893-ADD2-05AA35B6AEE5}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{821C856B-8B6B-4743-8FD3-D4C5DB063E49}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{8818B85F-1DD7-4B7A-A0F0-997B9CA0C875}" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"{8CA296D2-50E4-4663-BD3F-EDBA8EC4F0ED}" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"{8D7B8481-BAFE-4221-AEDE-AD7DC29F1457}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{8F645B09-6553-4E44-AF91-0995CC3A08B9}" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{8FD7C7D5-B2FB-4CCD-B8F1-C2F4B0D5C8B9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{903B119A-0976-48E0-8957-8DFC73CBB19B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{914167C1-857A-43E0-9C80-C1EC39B6258C}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{9547DD9F-9F91-4080-A7CC-3130D2F21185}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9890AB06-809C-4176-9936-B54434E60806}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"{99999B69-DAE2-42CC-B717-30B940B00CBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E99C217-7C1A-4D82-9259-B8C9B5E0C252}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wlite.exe |
"{A4F48A92-201C-4669-A42B-781DE1BFFBFD}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"{A7B00E23-E1B1-4FCC-875F-E72C82032E5B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A802D021-077E-4FF0-8624-4D41CC90C245}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{AA11D774-3891-443B-B872-3D34A698213F}" = dir=in | app=c:\program files\microsoft games\microsoft flight\flight.exe |
"{AE27FB15-82EE-4D2F-ABA8-77AAB6D8DB69}" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"{AF29E803-4E5F-4722-A99B-75CA967FC816}" = protocol=6 | dir=out | app=system |
"{B328AF5D-B298-4424-8B45-0621B8597F28}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B4C29E40-93B0-4DE9-8C4C-F6C5E4717CC5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B6DE4C1D-377F-4007-8FBC-8F5EF552E1D3}" = dir=out | app=c:\windows\system32\svchost.exe |
"{B81F90A7-26F3-4A6A-A30E-1F543024FE22}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{B8720F3F-C66F-48C1-B4EA-E1658ED63A6B}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BB935EFF-75C5-4BD6-BC13-9472664B10D3}" = protocol=17 | dir=in | app=c:\program files\cesarftp\server.exe |
"{C19D068D-7E57-401E-A9DF-F9855C551202}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C2A4F49E-5A83-413D-806B-2D6424B26FD5}" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"{C3D25B8C-F311-4008-A226-847001618434}" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{D75ACB9A-98F9-49AB-9CEB-A1C506A8EB84}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D8FA0174-501D-4664-9B43-9B44FF2FEF64}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EE670B68-2627-4D9F-9635-3D4763F13CE8}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{F045AF90-0FF9-4C4D-BB8D-09F4BED949F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F57342B6-FD20-4738-90C2-8E8E4B31FA60}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{F92AF6AD-A88B-4B38-BA50-5256FACCE09D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{FBF8717B-010C-4E78-8796-6493246F47EA}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{10F7E54F-F8F5-43B4-83B8-4B53FF5493A5}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"TCP Query User{147DFA8C-2F7E-40DB-92E7-A3C4E8CB4B9C}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"TCP Query User{14D11BD3-1445-468E-9BB8-D149C18B608E}C:\program files\idisplay\idisplay.exe" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"TCP Query User{3DA16CC0-5702-4D7C-BC2C-D763D5134015}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"TCP Query User{3EBE20B5-2101-4040-A869-3B5C78DF6E66}C:\games\world_of_warplanes\worldofwarplanes.exe" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"TCP Query User{45BFFD15-2F52-4BF7-9233-132443AD65D4}C:\program files\cesarftp\server.exe" = protocol=6 | dir=in | app=c:\program files\cesarftp\server.exe |
"TCP Query User{52A84E12-078A-407C-B17E-BF50B77ABBAE}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{60B3ED7A-96A7-4489-91C6-FBC8A806F0CF}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{84EE5344-35F7-483D-9620-09706229E584}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{85530641-B117-48E2-8861-5D19D265BACF}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"TCP Query User{94933464-14E6-4B1B-9E4E-A6F96D6A4206}C:\games\world_of_warplanes\wowplauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"TCP Query User{C043541D-7003-4D13-9F6A-49D08E5F3E90}C:\program files\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"TCP Query User{D6488C5E-5211-4549-9093-F03EDF4C4C2B}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{DD14D643-68B9-40D8-A4DE-98911981F9AB}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{F01D6161-FCA6-449B-92ED-9DE5ADAC2AE5}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{FAFF3520-E106-49E8-8643-DC4B98BE21B3}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{10CA6154-9214-4911-ADBD-85E848257231}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{13A2604A-541B-4E76-BF7A-F657D9CE6C71}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{18EB2AE5-D80A-47D8-8701-2E3B4704CBE2}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{295CCD9E-33F7-4CE9-B703-E34A32486690}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"UDP Query User{3B14647C-2255-4FB0-9366-251ECFDBF77F}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{539A9C65-3D19-4150-8C24-EEF38EA8B3B9}C:\games\world_of_warplanes\worldofwarplanes.exe" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"UDP Query User{64210B34-DA2C-4265-8684-02FDC1CE40DE}C:\program files\idisplay\idisplay.exe" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"UDP Query User{670DE337-3F26-41EA-8FA3-8B48019B4E42}C:\program files\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe |
"UDP Query User{70E06152-BCD7-4D94-B274-40F0BBCC4CCA}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"UDP Query User{7506839F-38B4-47B1-867A-4FF8FF0AD1CC}C:\games\world_of_warplanes\wowplauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"UDP Query User{9A19C1C1-A7C6-4038-8C42-73E1EDE0793C}C:\program files\cesarftp\server.exe" = protocol=17 | dir=in | app=c:\program files\cesarftp\server.exe |
"UDP Query User{B7A88EA6-3263-42D0-B6CB-75F3D114EA9B}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"UDP Query User{D6955660-7236-4422-A960-DE5E1FBE0A4B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D6FAF12E-4F75-4DAA-A19D-C923C33443D8}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{D968B295-D017-46CF-BD35-B2B4F0126999}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{F6D912F9-84D5-4552-B241-2F76EFDA047F}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"${PRODUCT_ID}-1.1.3.38636" = Ekahau HeatMapper
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{10B43A43-FF73-47FD-83E8-A503E84F9ED6}" = OpenOffice.org 3.3
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1" = World of Warplanes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2B0FC5A8-C3B6-33B7-9069-0D3BC69D2E50}" = Google Talk Plugin
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}" = TP-LINK Wireless Client Utility
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40B6D0B4-301A-4020-869F-2E3936E02299}" = WebMate
"{42A4EC40-09BC-427C-B657-67978B784058}" = Rally Trophy
"{45642795-567E-4B46-85E7-5CDBC8B2F697}" = inSSIDer
"{47F6627C-61DD-4191-91C3-2E4077EE7B1F}" = MAGIX Music Maker 17 Premium Download Version
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5BE3BF62-D432-4D47-A712-CD4DF91CABFB}" = ZyXEL USB ADSL Modem/Router
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}" = Ace of Spades
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{672CF0DF-730F-45C4-9BC7-081F7722C1EB}" = Halite
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}" = Microsoft Small Basic v1.0
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{91D18A92-69C2-9A7B-6662-159D8E6CBEF1}" = Project ROME
"{92C7D009-A464-4948-A980-7A3E28CB2F49}_is1" = ABC Edice PC her - Richard Burns Rally
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93293322-B694-4270-B7FE-DDE1A681ACCA}" = linguatec Voice Reader
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99F351B0-E2CD-43E2-935F-256F1CF1348B}" = i-Look 110
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C1FAB12-F426-432E-8579-75CAB60C69CF}" = AMD OverDrive
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B119B96C-F724-4A9D-87FF-A505BD4C3772}" = BlueStacks
"{B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1" = Hydrogen 0.9.6 preview release for windows
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}" = Turbo Key
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9B28AD2-32A5-4D74-8857-8C96AA45BBAD}" = RP 2009 Shakedown
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CDED9EF0-D072-11DF-2EA6-0104A00B0BB3}" = CommView for WiFi
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DFDD2913-557D-4EB5-8745-47749E521760}" = MAGIX Screenshare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F85B1840-3DD5-4870-9204-A7BF3DDFC3D0}" = Oracle VM VirtualBox 4.1.14
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDD41BE8-3FEE-4839-B1D8-8970D24D314D}" = MAGIX Speed burnR (MSI)
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Afterburner" = MSI Afterburner 2.2.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.50
"Amnesia" = Amnesia
"ArmA 2" = ArmA 2 Free Uninstall
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"avast" = avast! Free Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BattlEye A2 Free" = BattlEye (A2Free) Uninstall
"CCleaner" = CCleaner
"CesarFTP 0.99g_is1" = CesarFTP 0.99g
"com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Project ROME
"Connectify" = Connectify Hotspot
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.19
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EaseUS Partition Master Home Edition_is1" = EaseUS Partition Master 9.1.1 Home Edition
"EXPERTool_is1" = EXPERTool 7.5
"FormatFactory" = FormatFactory 2.95
"Fraps" = Fraps (remove only)
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"GIMP-2_is1" = GIMP 2.8.0
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HeavyLoad_is1" = HeavyLoad V3.2
"iDisplay_is1" = iDisplay 2.0.0
"IL Download Manager" = IL Download Manager
"InfraRecorder" = InfraRecorder
"IrfanView" = IrfanView (remove only)
"LAME_is1" = LAME v3.99.3 (for Windows)
"LinuxLive USB Creator" = LinuxLive USB Creator
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"MAGIX music maker 11 demo US" = MAGIX music maker 11 demo (US)
"MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA Screen Saver_is1" = NVIDIA Screen Saver 1.2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"ProfiCAD_is1" = ProfiCAD 7.2
"PunkBusterSvc" = PunkBuster Services
"Rally Trophy" = Rally Trophy
"RBRBergheim" = RBR Bergheim (remove only)
"RBRHradek" = RBR Hradek (remove only)
"RBRMlynky" = RBR Mlynky (remove only)
"RBRPribram1" = RBR Pribram (remove only)
"RBRPribram2" = RBR Pribram 2 (remove only)
"RBRProspectRidge2A" = RBR Prospect Ridge 2A (remove only)
"RBRReversedTracks" = RBR Reversed Tracks (remove only)
"RBRSemetin" = BARUM RALLY - Semetín 2009, Semetín 2010 (remove only)
"RBRSchool2" = RBR School stage 2 (remove only)
"RBRSieversdorf" = RBR Sieversdorf (remove only)
"RBRSosnova" = RBR Sosnova (remove only)
"RBRSosnova2010" = RBR Sosnova2010 (remove only)
"RBRTM" = RBR Tournament plugin (remove only)
"RP 2009 Shakedown" = RBR Stage RP 2009 Shakedown
"SeriousSam2" = Serious Sam 2
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Speccy" = Speccy
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Parabola Calculator
"Steam App 200210" = Realm of the Mad God
"Steam App 211500" = RaceRoom Racing Experience
"Steam App 43110" = Metro 2033
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Vistumbler" = Vistumbler
"VLC media player" = VLC media player 2.0.1
"vLite_is1" = vLite
"VMware_Player" = VMware Player
"webcam 7" = webcam 7
"Winamp" = Winamp
"Windows Movie Maker" = Windows Movie Maker
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"WinToFlash Suggestor" = WinToFlash Suggestor
"Wireshark" = Wireshark 1.8.2 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"d8be6c3f847d7d92" = Ghost Recon Online
"MyPaint" = MyPaint 1.0.0
"PhotoFiltre" = PhotoFiltre
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.12.2012 4:11:21 | Computer Name = ondra-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu LogMeIn Hamachi Tunneling Engine nelze ukončit.
Error - 30.12.2012 4:11:25 | Computer Name = ondra-PC | Source = MsiInstaller | ID = 11714
Description =
Error - 30.12.2012 4:12:11 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 30.12.2012 5:09:59 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 5:10:23 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 5:10:48 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\VMware\vmware player\vssSnapVista64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 14:00:02 | Computer Name = ondra-PC | Source = Windows Backup | ID = 4103
Description =
Error - 30.12.2012 16:43:56 | Computer Name = ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Kód výjimky: 0xc0000005 Posun chyby: 0x000dd5a3 ID chybujícího procesu:
0x1280 Čas spuštění chybující aplikace: 0x01cde6ce4feeafe0 Cesta k chybující aplikaci:
C:\Program Files\GTA San Andreas\gta_sa.exe Cesta k chybujícímu modulu: C:\Program
Files\GTA San Andreas\gta_sa.exe ID zprávy: a0a7a911-52c1-11e2-bd23-005056c00008
Error - 31.12.2012 3:33:55 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 31.12.2012 4:37:23 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 31.12.2012 4:55:43 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
[ System Events ]
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = PNRPSvc | ID = 102
Description =
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 28.10.2012 2:27:31 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).
Error - 28.10.2012 2:27:31 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = PNRPSvc | ID = 102
Description =
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
< End of report >
OTL Extras logfile created on: 31.12.2012 10:03:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ondra\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,64% Memory free
6,50 Gb Paging File | 5,25 Gb Available in Paging File | 80,81% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 99,72 Gb Free Space | 33,45% Space Free | Partition Type: NTFS
Drive D: | 117,19 Gb Total Space | 72,53 Gb Free Space | 61,89% Space Free | Partition Type: NTFS
Drive E: | 58,08 Gb Total Space | 57,96 Gb Free Space | 99,78% Space Free | Partition Type: NTFS
Computer Name: ONDRA-PC | User Name: ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00426367-F982-4B6E-B143-6972D336B597}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{03AD8531-F47D-416A-8122-5419441ADE7B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{03B6C477-169A-4FD8-98F2-93AA7971A05A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A587A2B-4FB7-4B26-9B91-EFB998012B02}" = lport=2869 | protocol=6 | dir=in | app=system |
"{18C45561-442E-463C-A420-4FA4EF8CE672}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{1F70E144-64FC-4EFB-9452-8083C1367A9F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{20A154C5-8BB4-43D2-B2ED-91E231881BB8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{22ADC36D-8FE5-474E-910A-A754DF4E37BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{24960802-2360-4181-9CDA-EB2352A34356}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A16A781-0D26-4C0A-B89F-79D4046561C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{3602D79A-EE9F-4CF7-9464-45FA50D311C9}" = lport=2987 | protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"{38831586-7BEF-4E31-8914-9A84F8C75C62}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4128A737-1DAF-4344-B14E-03148A42CC52}" = lport=3389 | protocol=6 | dir=in | app=system |
"{48565852-8791-47EF-8B97-944C87BD842B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4942117D-A4C0-4E22-BE5E-1401F42BE2B4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4EF002FD-7A53-455A-AFEE-83DE296ABFFA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AA0A335-D28A-4A61-8745-076FC2595574}" = lport=59127 | protocol=17 | dir=in | name=pando media booster |
"{6362F1F9-2688-4AE3-AE35-2FEF4D7A6BED}" = lport=1303 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{67CC5A55-5CDD-489D-BF87-7B3AE1443500}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{6E312179-525C-484F-A037-786711BF2EA1}" = rport=138 | protocol=17 | dir=out | app=system |
"{714C73CC-EFB9-486F-A1CF-38EF04B29B83}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{772ACA8F-8426-4621-A0B0-4FAC1CA2A4E9}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D53064F-C513-4A0D-AD50-A7116A75D141}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{807FD163-3C9E-4E1A-9A51-4EA3762C85C7}" = lport=59127 | protocol=6 | dir=in | name=pando media booster |
"{82D218FD-E63E-4D44-B07C-1B709BFF4CAC}" = lport=445 | protocol=6 | dir=in | app=system |
"{87A7F2A7-5DDE-49E7-AEB8-2995CFEB6ECF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{944F2C82-C43E-4539-84AB-EF68E9258019}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1D7B54B-E77E-4AAD-866F-3534728746B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B30ED893-D8C8-4A79-977F-41A739432985}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BEBF93F3-314E-4184-A984-F4196B7101B8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C164A466-6619-4AB6-8F41-C190249747AD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C52B8494-A58E-428F-9810-CD7188E5ED8A}" = rport=2869 | protocol=6 | dir=out | app=system |
"{C6D99620-5201-409A-A972-0BEFE00230AA}" = rport=139 | protocol=6 | dir=out | app=system |
"{C87EED3D-395B-42CD-9825-B05617567A05}" = rport=445 | protocol=6 | dir=out | app=system |
"{CC7B2D30-0BCE-4A82-95A7-E9DB19D7CF9A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D8969E3C-852D-4701-8BEA-BC579071540A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8D7576E-18AC-422C-A239-A09FD85015B0}" = lport=1317 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{D9098108-D46C-4D5C-9FAD-61596D7CD2D2}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{DF553385-03A3-4CA8-8B52-49E95F789E97}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{E3E3966C-21BB-4AF7-83DD-0DEF21E208B1}" = rport=137 | protocol=17 | dir=out | app=system |
"{E53D5F5E-DF6C-4383-84F4-A1BEF350DAD5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{ECE82C6B-EDEB-40E5-A863-A107CBADB25F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F1BEB7D9-2146-4CFA-8E08-2B1D08C66EA9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F1C42C8D-3C0A-45A0-AD03-3DC497D1F8A6}" = lport=137 | protocol=17 | dir=in | app=system |
"{F7CD9C0F-86D7-4042-B743-D0DE70BDC09F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F8A2FE49-1C1B-4B1A-A45C-5F104EFABB48}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC8F8FEA-39C0-40D7-8831-8BA9EC6F6B6E}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0002932B-CD50-4D16-BD94-D15103E2BD84}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{025ED5E3-20DE-407E-B15B-03C32126BB7F}" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"{0558F32F-61E7-4546-9D81-3EC3DBFF4213}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0BAE7B64-5AC2-4E84-82BE-4869738F9439}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0C1977C9-E63A-4645-AD86-44415105F9D3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\raceroom racing experience\rrrlauncher.exe |
"{0DBBA1CD-47D8-44A2-8D4B-74AD44DDD874}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"{0EB1A40A-01D0-42E1-A6DD-85D464DB520A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{112EEDFE-0DC0-4349-93E7-A376C20EC740}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11619DCB-8974-43A9-A078-79FEEC05C4A2}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{1234A7AE-E96E-4794-8E05-0DDA505E37B1}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{1575E074-8DD4-4F68-83E2-42FFA042401A}" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe |
"{192221A4-A4C4-4691-8E07-42E0D7D17BB1}" = protocol=6 | dir=in | app=c:\program files\halite\halite.exe |
"{1B52F57C-A4CA-4A19-AC81-B491D217B89E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{227F5EAC-4868-417C-B728-43E247C622A6}" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"{23334924-5E1E-48A3-A7EE-437DA2DAEFE1}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{241EC8FE-369C-4290-A1AF-55D3F2F05ADD}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{2610A655-F75F-40AF-BBD5-232D06892DFB}" = protocol=17 | dir=in | app=c:\program files\halite\halite.exe |
"{2665E908-334F-445E-AA1B-43FF11BB896A}" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"{28264708-447C-4B25-A1CE-A4482D4F101B}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wservice.exe |
"{291AFAC4-70A1-468B-BAE1-30484A5F221C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2C0466B4-48AB-443E-838F-4CAFEE13009E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2E231F53-E1A2-46AF-A0A6-17702982CCF1}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2EC0E4A1-4A1C-4347-B51F-16CE7398AB1C}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wservice.exe |
"{2F1C99AF-A1FB-429A-A9FE-8CB0C33D3667}" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{2FF920EE-67B6-4E1C-8720-1EF17F4D2C52}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{34B3AB33-063E-4B50-A322-3585DF465C46}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{351D1BAC-C45E-42AF-8424-7390A767BE1E}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{35DD62FA-FEED-4A49-BDD3-D4E8702B2CC5}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{3AC6C143-0DAB-4284-879B-D72416E29EA8}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{3CD210B1-43CF-4F36-99AF-5FBE2D236153}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DE4C71D-E274-4E2C-AE4D-6ED6BCE02BFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3FE44C03-ED2A-4B23-9470-B3A3DDABB31A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{413627AB-AE7D-4BBA-82BA-6C25BC13D802}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{41E02068-5FDB-448C-931E-711FF9E00D63}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{41EBB269-83DD-4142-9E46-A00F5F5AC64A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{4568C118-2D27-40AD-BE15-A2D40B4766BD}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{4697BA74-519B-4DB8-B4D5-98753E519F25}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wlite.exe |
"{4A1F62E5-954F-4629-97EA-DB29893BC3B9}" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{4C68F375-87E3-419B-AB48-6299E821EAD3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4DE3E3B9-461F-4E2E-BB4D-05B62828F37D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{4FCAEA5C-4B2D-48FD-B967-DC92AEAFFDAB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{51C83016-BDCA-439F-B030-A8424491B717}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{530A4009-51F2-4559-BAEA-7633A96A2EBB}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"{536D7752-1D1F-4440-AC04-B3EBEA0F1C9F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{59A1FD9D-0D88-484C-B603-2F3978493C59}" = protocol=6 | dir=in | app=c:\program files\cesarftp\server.exe |
"{5C12BB49-24B4-4C3C-BA0D-9F41F1B50B5E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{5D013595-7044-4277-8D18-6D8CE6E49D5E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5E5B2458-FADE-4FD0-8F62-A389AEF8CE38}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{5E6C1A89-055D-4F03-B45B-BB519E4203F2}" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"{5F61B4B2-BDFE-4FDD-B96E-691FE0BFBB27}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{5FEE1058-3A53-40F6-9F88-7EDC4DC5C0F0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\raceroom racing experience\rrrlauncher.exe |
"{633E8C25-C481-4EC7-AEEE-2BCF76F0B837}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{646E9941-55EE-4C48-9DA3-DF8F75BC81E3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6870ADBF-8DC8-4E6F-A050-903344B5D184}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{6B3A7769-7BC1-4738-8E7C-174A114FD98E}" = dir=in | app=%programfiles%\abc\richard burns rally\richardburnsrally.exe |
"{6BC37CBC-270B-421D-BAF8-3146097C1A56}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{6D2BD909-922D-4D2B-9E08-B9A698222F6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E8BAE24-E4DC-4C96-A5E2-044841E6279E}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{705B6AD5-0A34-4529-BF48-5E8D5E874ED5}" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"{719A8412-5899-447D-A8D9-5E8A5BB36D77}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"{766D2AE6-D49D-44A4-8584-6F2C981F46A2}" = dir=in | app=c:\users\ondra\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{7CC7B46A-4C6C-4893-ADD2-05AA35B6AEE5}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{821C856B-8B6B-4743-8FD3-D4C5DB063E49}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{8818B85F-1DD7-4B7A-A0F0-997B9CA0C875}" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"{8CA296D2-50E4-4663-BD3F-EDBA8EC4F0ED}" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"{8D7B8481-BAFE-4221-AEDE-AD7DC29F1457}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{8F645B09-6553-4E44-AF91-0995CC3A08B9}" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{8FD7C7D5-B2FB-4CCD-B8F1-C2F4B0D5C8B9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{903B119A-0976-48E0-8957-8DFC73CBB19B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{914167C1-857A-43E0-9C80-C1EC39B6258C}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{9547DD9F-9F91-4080-A7CC-3130D2F21185}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9890AB06-809C-4176-9936-B54434E60806}" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"{99999B69-DAE2-42CC-B717-30B940B00CBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E99C217-7C1A-4D82-9259-B8C9B5E0C252}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wlite.exe |
"{A4F48A92-201C-4669-A42B-781DE1BFFBFD}" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"{A7B00E23-E1B1-4FCC-875F-E72C82032E5B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A802D021-077E-4FF0-8624-4D41CC90C245}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{AA11D774-3891-443B-B872-3D34A698213F}" = dir=in | app=c:\program files\microsoft games\microsoft flight\flight.exe |
"{AE27FB15-82EE-4D2F-ABA8-77AAB6D8DB69}" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"{AF29E803-4E5F-4722-A99B-75CA967FC816}" = protocol=6 | dir=out | app=system |
"{B328AF5D-B298-4424-8B45-0621B8597F28}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B4C29E40-93B0-4DE9-8C4C-F6C5E4717CC5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B6DE4C1D-377F-4007-8FBC-8F5EF552E1D3}" = dir=out | app=c:\windows\system32\svchost.exe |
"{B81F90A7-26F3-4A6A-A30E-1F543024FE22}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{B8720F3F-C66F-48C1-B4EA-E1658ED63A6B}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BB935EFF-75C5-4BD6-BC13-9472664B10D3}" = protocol=17 | dir=in | app=c:\program files\cesarftp\server.exe |
"{C19D068D-7E57-401E-A9DF-F9855C551202}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C2A4F49E-5A83-413D-806B-2D6424B26FD5}" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"{C3D25B8C-F311-4008-A226-847001618434}" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{D75ACB9A-98F9-49AB-9CEB-A1C506A8EB84}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D8FA0174-501D-4664-9B43-9B44FF2FEF64}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EE670B68-2627-4D9F-9635-3D4763F13CE8}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{F045AF90-0FF9-4C4D-BB8D-09F4BED949F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F57342B6-FD20-4738-90C2-8E8E4B31FA60}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |
"{F92AF6AD-A88B-4B38-BA50-5256FACCE09D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{FBF8717B-010C-4E78-8796-6493246F47EA}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{10F7E54F-F8F5-43B4-83B8-4B53FF5493A5}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"TCP Query User{147DFA8C-2F7E-40DB-92E7-A3C4E8CB4B9C}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"TCP Query User{14D11BD3-1445-468E-9BB8-D149C18B608E}C:\program files\idisplay\idisplay.exe" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"TCP Query User{3DA16CC0-5702-4D7C-BC2C-D763D5134015}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"TCP Query User{3EBE20B5-2101-4040-A869-3B5C78DF6E66}C:\games\world_of_warplanes\worldofwarplanes.exe" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"TCP Query User{45BFFD15-2F52-4BF7-9233-132443AD65D4}C:\program files\cesarftp\server.exe" = protocol=6 | dir=in | app=c:\program files\cesarftp\server.exe |
"TCP Query User{52A84E12-078A-407C-B17E-BF50B77ABBAE}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{60B3ED7A-96A7-4489-91C6-FBC8A806F0CF}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{84EE5344-35F7-483D-9620-09706229E584}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{85530641-B117-48E2-8861-5D19D265BACF}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"TCP Query User{94933464-14E6-4B1B-9E4E-A6F96D6A4206}C:\games\world_of_warplanes\wowplauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"TCP Query User{C043541D-7003-4D13-9F6A-49D08E5F3E90}C:\program files\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"TCP Query User{D6488C5E-5211-4549-9093-F03EDF4C4C2B}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{DD14D643-68B9-40D8-A4DE-98911981F9AB}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{F01D6161-FCA6-449B-92ED-9DE5ADAC2AE5}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{FAFF3520-E106-49E8-8643-DC4B98BE21B3}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{10CA6154-9214-4911-ADBD-85E848257231}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{13A2604A-541B-4E76-BF7A-F657D9CE6C71}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{18EB2AE5-D80A-47D8-8701-2E3B4704CBE2}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{295CCD9E-33F7-4CE9-B703-E34A32486690}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"UDP Query User{3B14647C-2255-4FB0-9366-251ECFDBF77F}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{539A9C65-3D19-4150-8C24-EEF38EA8B3B9}C:\games\world_of_warplanes\worldofwarplanes.exe" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\worldofwarplanes.exe |
"UDP Query User{64210B34-DA2C-4265-8684-02FDC1CE40DE}C:\program files\idisplay\idisplay.exe" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"UDP Query User{670DE337-3F26-41EA-8FA3-8B48019B4E42}C:\program files\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe |
"UDP Query User{70E06152-BCD7-4D94-B274-40F0BBCC4CCA}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"UDP Query User{7506839F-38B4-47B1-867A-4FF8FF0AD1CC}C:\games\world_of_warplanes\wowplauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_warplanes\wowplauncher.exe |
"UDP Query User{9A19C1C1-A7C6-4038-8C42-73E1EDE0793C}C:\program files\cesarftp\server.exe" = protocol=17 | dir=in | app=c:\program files\cesarftp\server.exe |
"UDP Query User{B7A88EA6-3263-42D0-B6CB-75F3D114EA9B}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe |
"UDP Query User{D6955660-7236-4422-A960-DE5E1FBE0A4B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D6FAF12E-4F75-4DAA-A19D-C923C33443D8}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{D968B295-D017-46CF-BD35-B2B4F0126999}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{F6D912F9-84D5-4552-B241-2F76EFDA047F}C:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\local\apps\2.0\38k11v2d.m2b\ql341ypg.7pl\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"${PRODUCT_ID}-1.1.3.38636" = Ekahau HeatMapper
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{10B43A43-FF73-47FD-83E8-A503E84F9ED6}" = OpenOffice.org 3.3
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1" = World of Warplanes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2B0FC5A8-C3B6-33B7-9069-0D3BC69D2E50}" = Google Talk Plugin
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}" = TP-LINK Wireless Client Utility
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40B6D0B4-301A-4020-869F-2E3936E02299}" = WebMate
"{42A4EC40-09BC-427C-B657-67978B784058}" = Rally Trophy
"{45642795-567E-4B46-85E7-5CDBC8B2F697}" = inSSIDer
"{47F6627C-61DD-4191-91C3-2E4077EE7B1F}" = MAGIX Music Maker 17 Premium Download Version
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5BE3BF62-D432-4D47-A712-CD4DF91CABFB}" = ZyXEL USB ADSL Modem/Router
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}" = Ace of Spades
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{672CF0DF-730F-45C4-9BC7-081F7722C1EB}" = Halite
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}" = Microsoft Small Basic v1.0
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{91D18A92-69C2-9A7B-6662-159D8E6CBEF1}" = Project ROME
"{92C7D009-A464-4948-A980-7A3E28CB2F49}_is1" = ABC Edice PC her - Richard Burns Rally
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93293322-B694-4270-B7FE-DDE1A681ACCA}" = linguatec Voice Reader
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99F351B0-E2CD-43E2-935F-256F1CF1348B}" = i-Look 110
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C1FAB12-F426-432E-8579-75CAB60C69CF}" = AMD OverDrive
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B119B96C-F724-4A9D-87FF-A505BD4C3772}" = BlueStacks
"{B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1" = Hydrogen 0.9.6 preview release for windows
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}" = Turbo Key
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9B28AD2-32A5-4D74-8857-8C96AA45BBAD}" = RP 2009 Shakedown
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CDED9EF0-D072-11DF-2EA6-0104A00B0BB3}" = CommView for WiFi
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DFDD2913-557D-4EB5-8745-47749E521760}" = MAGIX Screenshare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F85B1840-3DD5-4870-9204-A7BF3DDFC3D0}" = Oracle VM VirtualBox 4.1.14
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDD41BE8-3FEE-4839-B1D8-8970D24D314D}" = MAGIX Speed burnR (MSI)
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Afterburner" = MSI Afterburner 2.2.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.50
"Amnesia" = Amnesia
"ArmA 2" = ArmA 2 Free Uninstall
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"avast" = avast! Free Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BattlEye A2 Free" = BattlEye (A2Free) Uninstall
"CCleaner" = CCleaner
"CesarFTP 0.99g_is1" = CesarFTP 0.99g
"com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Project ROME
"Connectify" = Connectify Hotspot
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.19
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EaseUS Partition Master Home Edition_is1" = EaseUS Partition Master 9.1.1 Home Edition
"EXPERTool_is1" = EXPERTool 7.5
"FormatFactory" = FormatFactory 2.95
"Fraps" = Fraps (remove only)
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"GIMP-2_is1" = GIMP 2.8.0
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HeavyLoad_is1" = HeavyLoad V3.2
"iDisplay_is1" = iDisplay 2.0.0
"IL Download Manager" = IL Download Manager
"InfraRecorder" = InfraRecorder
"IrfanView" = IrfanView (remove only)
"LAME_is1" = LAME v3.99.3 (for Windows)
"LinuxLive USB Creator" = LinuxLive USB Creator
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"MAGIX music maker 11 demo US" = MAGIX music maker 11 demo (US)
"MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA Screen Saver_is1" = NVIDIA Screen Saver 1.2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"ProfiCAD_is1" = ProfiCAD 7.2
"PunkBusterSvc" = PunkBuster Services
"Rally Trophy" = Rally Trophy
"RBRBergheim" = RBR Bergheim (remove only)
"RBRHradek" = RBR Hradek (remove only)
"RBRMlynky" = RBR Mlynky (remove only)
"RBRPribram1" = RBR Pribram (remove only)
"RBRPribram2" = RBR Pribram 2 (remove only)
"RBRProspectRidge2A" = RBR Prospect Ridge 2A (remove only)
"RBRReversedTracks" = RBR Reversed Tracks (remove only)
"RBRSemetin" = BARUM RALLY - Semetín 2009, Semetín 2010 (remove only)
"RBRSchool2" = RBR School stage 2 (remove only)
"RBRSieversdorf" = RBR Sieversdorf (remove only)
"RBRSosnova" = RBR Sosnova (remove only)
"RBRSosnova2010" = RBR Sosnova2010 (remove only)
"RBRTM" = RBR Tournament plugin (remove only)
"RP 2009 Shakedown" = RBR Stage RP 2009 Shakedown
"SeriousSam2" = Serious Sam 2
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Speccy" = Speccy
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Parabola Calculator
"Steam App 200210" = Realm of the Mad God
"Steam App 211500" = RaceRoom Racing Experience
"Steam App 43110" = Metro 2033
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Vistumbler" = Vistumbler
"VLC media player" = VLC media player 2.0.1
"vLite_is1" = vLite
"VMware_Player" = VMware Player
"webcam 7" = webcam 7
"Winamp" = Winamp
"Windows Movie Maker" = Windows Movie Maker
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"WinToFlash Suggestor" = WinToFlash Suggestor
"Wireshark" = Wireshark 1.8.2 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"d8be6c3f847d7d92" = Ghost Recon Online
"MyPaint" = MyPaint 1.0.0
"PhotoFiltre" = PhotoFiltre
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.12.2012 4:11:21 | Computer Name = ondra-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu LogMeIn Hamachi Tunneling Engine nelze ukončit.
Error - 30.12.2012 4:11:25 | Computer Name = ondra-PC | Source = MsiInstaller | ID = 11714
Description =
Error - 30.12.2012 4:12:11 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 30.12.2012 5:09:59 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 5:10:23 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 5:10:48 | Computer Name = ondra-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\VMware\vmware player\vssSnapVista64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.12.2012 14:00:02 | Computer Name = ondra-PC | Source = Windows Backup | ID = 4103
Description =
Error - 30.12.2012 16:43:56 | Computer Name = ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Kód výjimky: 0xc0000005 Posun chyby: 0x000dd5a3 ID chybujícího procesu:
0x1280 Čas spuštění chybující aplikace: 0x01cde6ce4feeafe0 Cesta k chybující aplikaci:
C:\Program Files\GTA San Andreas\gta_sa.exe Cesta k chybujícímu modulu: C:\Program
Files\GTA San Andreas\gta_sa.exe ID zprávy: a0a7a911-52c1-11e2-bd23-005056c00008
Error - 31.12.2012 3:33:55 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 31.12.2012 4:37:23 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
Error - 31.12.2012 4:55:43 | Computer Name = ondra-PC | Source = vmauthd | ID = 100
Description = Could not choose a '__vmware_user__' password long enough (min length
0). Aborting.
[ System Events ]
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = PNRPSvc | ID = 102
Description =
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 2:26:22 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 28.10.2012 2:27:31 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).
Error - 28.10.2012 2:27:31 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = PNRPSvc | ID = 102
Description =
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 28.10.2012 17:01:12 | Computer Name = ondra-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
< End of report >
Re: Číňan a nemám přístup k vytváření na C: LOG
otl 1 čast
OTL logfile created on: 31.12.2012 10:03:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ondra\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,64% Memory free
6,50 Gb Paging File | 5,25 Gb Available in Paging File | 80,81% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 99,72 Gb Free Space | 33,45% Space Free | Partition Type: NTFS
Drive D: | 117,19 Gb Total Space | 72,53 Gb Free Space | 61,89% Space Free | Partition Type: NTFS
Drive E: | 58,08 Gb Total Space | 57,96 Gb Free Space | 99,78% Space Free | Partition Type: NTFS
Computer Name: ONDRA-PC | User Name: ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
========== Processes (All) ==========
PRC - C:\Users\ondra\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Connectify\Connectify.exe (Connectify)
PRC - C:\Program Files\Connectify\Connectifyd.exe (Connectify)
PRC - C:\Program Files\Connectify\ConnectifyService.exe ()
PRC - C:\Windows\System32\PnkBstrA.exe ()
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
PRC - C:\Users\ondra\Documents\CoreTemp32\Core Temp.exe ()
PRC - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
PRC - C:\Program Files\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\System32\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\winlogon.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wininit.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskeng.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\smss.exe (Microsoft Corporation)
PRC - C:\Windows\System32\services.exe (Microsoft Corporation)
PRC - C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lsm.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lsass.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dwm.exe (Microsoft Corporation)
PRC - C:\Windows\System32\csrss.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\EXPERTool\TBPANEL.exe (Gainward Co.)
PRC - C:\Windows\PixArt\i-Look110\Monitor.exe (PixArt Imaging Incorporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Connectify\Vendors.dll ()
MOD - C:\Program Files\Connectify\NativeLibrary.dll ()
MOD - C:\Program Files\Connectify\Scannify.dll ()
MOD - C:\Program Files\Connectify\DriverLib.dll ()
MOD - C:\Program Files\Connectify\BuildProps.dll ()
MOD - C:\Users\ondra\Documents\CoreTemp32\Core Temp.exe ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Ralink\Common\RaWLAPI.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_cs_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.Runtime.Serialization.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bf248d315e6a94b62f23a44fb47399a5\System.WorkflowServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\b685ea7755ea35759d886f06720a9d3a\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e033d390dc7e9567b6960b0f530cf30\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e791f7aea04b8d379f6dbaadb5fdeb96\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e1adf6b481f5120153829fa54ee8a041\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\81282964925798589021d3e0e6de779f\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\1762137638019a091020b3baf52f6de3\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\5588d54cbc98d72ed01194c6d4146073\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll ()
MOD - C:\Program Files\EXPERTool\TBMANAGE.DLL ()
========== Services (All) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Connectify) -- C:\Program Files\Connectify\ConnectifyService.exe ()
SRV - (PnkBstrA) -- C:\Windows\System32\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (wuauserv) -- C:\Windows\System32\wuaueng.dll (Microsoft Corporation)
SRV - (AODService) -- C:\Program Files\AMD\OverDrive\AODAssist.exe ()
SRV - (w7Svc) -- C:\Program Files\webcam 7\wService.exe (Moonware Studios)
SRV - (AdvancedSystemCareService5) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (RalinkRegistryWriter) -- C:\Program Files\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
SRV - (wlidsvc) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (RaMediaServer) -- C:\Program Files\Ralink\Common\RaMediaServer.exe ()
SRV - (ufad-ws60) -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware, Inc.)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (AsSysCtrlService) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (wudfsvc) -- C:\Windows\System32\WUDFSvc.dll (Microsoft Corporation)
SRV - (WinRM) -- C:\Windows\System32\WsmSvc.dll (Microsoft Corporation)
SRV - (WPDBusEnum) -- C:\Windows\System32\wpdbusenum.dll (Microsoft Corporation)
SRV - (wscsvc) -- C:\Windows\System32\wscsvc.dll (Microsoft Corporation)
SRV - (WPCSvc) -- C:\Windows\System32\wpcsvc.dll (Microsoft Corporation)
SRV - (Wlansvc) -- C:\Windows\System32\wlansvc.dll (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- C:\Windows\System32\winhttp.dll (Microsoft Corporation)
SRV - (Winmgmt) -- C:\Windows\System32\wbem\WMIsvc.dll (Microsoft Corporation)
SRV - (LanmanWorkstation) -- C:\Windows\System32\wkssvc.dll (Microsoft Corporation)
SRV - (eventlog) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (StiSvc) -- C:\Windows\System32\wiaservc.dll (Microsoft Corporation)
SRV - (wcncsvc) -- C:\Windows\System32\wcncsvc.dll (Microsoft Corporation)
SRV - (WebClient) -- C:\Windows\System32\WebClnt.dll (Microsoft Corporation)
SRV - (Wecsvc) -- C:\Windows\System32\wecsvc.dll (Microsoft Corporation)
SRV - (WdiSystemHost) -- C:\Windows\System32\wdi.dll (Microsoft Corporation)
SRV - (WdiServiceHost) -- C:\Windows\System32\wdi.dll (Microsoft Corporation)
SRV - (WerSvc) -- C:\Windows\System32\wersvc.dll (Microsoft Corporation)
SRV - (wercplsupport) -- C:\Windows\System32\wercplsupport.dll (Microsoft Corporation)
SRV - (WcsPlugInService) -- C:\Windows\System32\WcsPlugInService.dll (Microsoft Corporation)
SRV - (PlugPlay) -- C:\Windows\System32\umpnpmgr.dll (Microsoft Corporation)
SRV - (W32Time) -- C:\Windows\System32\w32time.dll (Microsoft Corporation)
SRV - (upnphost) -- C:\Windows\System32\upnphost.dll (Microsoft Corporation)
SRV - (UmRdpService) -- C:\Windows\System32\umrdp.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (UxSms) -- C:\Windows\System32\uxsms.dll (Microsoft Corporation)
SRV - (TrkWks) -- C:\Windows\System32\trkwks.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (SysMain) -- C:\Windows\System32\sysmain.dll (Microsoft Corporation)
SRV - (TermService) -- C:\Windows\System32\termsrv.dll (Microsoft Corporation)
SRV - (swprv) -- C:\Windows\System32\swprv.dll (Microsoft Corporation)
SRV - (TapiSrv) -- C:\Windows\System32\tapisrv.dll (Microsoft Corporation)
SRV - (LanmanServer) -- C:\Windows\System32\srvsvc.dll (Microsoft Corporation)
SRV - (SSDPSRV) -- C:\Windows\System32\ssdpsrv.dll (Microsoft Corporation)
SRV - (SstpSvc) -- C:\Windows\System32\sstpsvc.dll (Microsoft Corporation)
SRV - (TabletInputService) -- C:\Windows\System32\TabSvc.dll (Microsoft Corporation)
SRV - (TBS) -- C:\Windows\System32\tbssvc.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (ShellHWDetection) -- C:\Windows\System32\shsvcs.dll (Microsoft Corporation)
SRV - (Schedule) -- C:\Windows\System32\schedsvc.dll (Microsoft Corporation)
SRV - (RpcSs) -- C:\Windows\System32\rpcss.dll (Microsoft Corporation)
SRV - (DcomLaunch) -- C:\Windows\System32\rpcss.dll (Microsoft Corporation)
SRV - (SCardSvr) -- C:\Windows\System32\SCardSvr.dll (Microsoft Corporation)
SRV - (SDRSVC) -- C:\Windows\System32\sdrsvc.dll (Microsoft Corporation)
SRV - (RemoteRegistry) -- C:\Windows\System32\regsvc.dll (Microsoft Corporation)
SRV - (SessionEnv) -- C:\Windows\System32\SessEnv.dll (Microsoft Corporation)
SRV - (SENS) -- C:\Windows\System32\Sens.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (seclogon) -- C:\Windows\System32\seclogon.dll (Microsoft Corporation)
SRV - (pla) -- C:\Windows\System32\pla.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (BITS) -- C:\Windows\System32\qmgr.dll (Microsoft Corporation)
SRV - (napagent) -- C:\Windows\System32\QAGENTRT.DLL (Microsoft Corporation)
SRV - (p2psvc) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
SRV - (RasMan) -- C:\Windows\System32\rasmans.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (QWAVE) -- C:\Windows\System32\qwave.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (ProfSvc) -- C:\Windows\System32\profsvc.dll (Microsoft Corporation)
SRV - (PcaSvc) -- C:\Windows\System32\pcasvc.dll (Microsoft Corporation)
SRV - (RasAuto) -- C:\Windows\System32\rasauto.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (nsi) -- C:\Windows\System32\nsisvc.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\System32\netprofm.dll (Microsoft Corporation)
SRV - (Netman) -- C:\Windows\System32\netman.dll (Microsoft Corporation)
SRV - (NlaSvc) -- C:\Windows\System32\nlasvc.dll (Microsoft Corporation)
SRV - (KtmRm) -- C:\Windows\System32\msdtckrm.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MpsSvc) -- C:\Windows\System32\MPSSVC.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\Windows\System32\mprdim.dll (Microsoft Corporation)
SRV - (THREADORDER) -- C:\Windows\System32\mmcss.dll (Microsoft Corporation)
SRV - (MMCSS) -- C:\Windows\System32\mmcss.dll (Microsoft Corporation)
SRV - (Mcx2Svc) -- C:\Windows\System32\Mcx2Svc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (lltdsvc) -- C:\Windows\System32\lltdsvc.dll (Microsoft Corporation)
SRV - (lmhosts) -- C:\Windows\System32\lmhsvc.dll (Microsoft Corporation)
SRV - (hkmsvc) -- C:\Windows\System32\KMSVC.DLL (Microsoft Corporation)
SRV - (MSiSCSI) -- C:\Windows\System32\iscsiexe.dll (Microsoft Corporation)
SRV - (iphlpsvc) -- C:\Windows\System32\iphlpsvc.dll (Microsoft Corporation)
SRV - (PolicyAgent) -- C:\Windows\System32\IPSECSVC.DLL (Microsoft Corporation)
SRV - (SharedAccess) -- C:\Windows\System32\ipnathlp.dll (Microsoft Corporation)
SRV - (IPBusEnum) -- C:\Windows\System32\IPBusEnum.dll (Microsoft Corporation)
SRV - (IKEEXT) -- C:\Windows\System32\IKEEXT.DLL (Microsoft Corporation)
SRV - (gpsvc) -- C:\Windows\System32\gpsvc.dll (Microsoft Corporation)
SRV - (hidserv) -- C:\Windows\System32\hidserv.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (FDResPub) -- C:\Windows\System32\FDResPub.dll (Microsoft Corporation)
SRV - (fdPHost) -- C:\Windows\System32\fdPHost.dll (Microsoft Corporation)
SRV - (EventSystem) -- C:\Windows\System32\es.dll (Microsoft Corporation)
SRV - (EapHost) -- C:\Windows\System32\eapsvc.dll (Microsoft Corporation)
SRV - (dot3svc) -- C:\Windows\System32\dot3svc.dll (Microsoft Corporation)
SRV - (DPS) -- C:\Windows\System32\dps.dll (Microsoft Corporation)
SRV - (Dnscache) -- C:\Windows\System32\dnsrslvr.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (CscService) -- C:\Windows\System32\cscsvc.dll (Microsoft Corporation)
SRV - (CryptSvc) -- C:\Windows\System32\cryptsvc.dll (Microsoft Corporation)
SRV - (SCPolicySvc) -- C:\Windows\System32\certprop.dll (Microsoft Corporation)
SRV - (CertPropSvc) -- C:\Windows\System32\certprop.dll (Microsoft Corporation)
SRV - (Browser) -- C:\Windows\System32\browser.dll (Microsoft Corporation)
SRV - (bthserv) -- C:\Windows\System32\bthserv.dll (Microsoft Corporation)
SRV - (BFE) -- C:\Windows\System32\BFE.DLL (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (Audiosrv) -- C:\Windows\System32\audiosrv.dll (Microsoft Corporation)
SRV - (AudioEndpointBuilder) -- C:\Windows\System32\audiosrv.dll (Microsoft Corporation)
SRV - (AppMgmt) -- C:\Windows\System32\appmgmts.dll (Microsoft Corporation)
SRV - (AeLookupSvc) -- C:\Windows\System32\aelupsvc.dll (Microsoft Corporation)
SRV - (Appinfo) -- C:\Windows\System32\appinfo.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (wmiApSrv) -- C:\Windows\System32\wbem\WmiApSrv.exe (Microsoft Corporation)
SRV - (wbengine) -- C:\Windows\System32\wbengine.exe (Microsoft Corporation)
SRV - (VSS) -- C:\Windows\System32\VSSVC.exe (Microsoft Corporation)
SRV - (vds) -- C:\Windows\System32\vds.exe (Microsoft Corporation)
SRV - (UI0Detect) -- C:\Windows\System32\UI0Detect.exe (Microsoft Corporation)
SRV - (TrustedInstaller) -- C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
SRV - (Spooler) -- C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
SRV - (SNMPTRAP) -- C:\Windows\System32\snmptrap.exe (Microsoft Corporation)
SRV - (WSearch) -- C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (MSDTC) -- C:\Windows\System32\msdtc.exe (Microsoft Corporation)
SRV - (msiserver) -- C:\Windows\System32\msiexec.exe (Microsoft Corporation)
SRV - (VaultSvc) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (SamSs) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (ProtectedStorage) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (Netlogon) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (EFS) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (RpcLocator) -- C:\Windows\System32\Locator.exe (Microsoft Corporation)
SRV - (Fax) -- C:\Windows\System32\FXSSVC.exe (Microsoft Corporation)
SRV - (ehRecvr) -- C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (ehSched) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (COMSysApp) -- C:\Windows\System32\dllhost.exe (Microsoft Corporation)
SRV - (ALG) -- C:\Windows\System32\alg.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (MarkFun_NT) -- C:\Program Files\Gigabyte\ET5\markfun.w32 File not found
DRV - (catchme) -- C:\Users\ondra\AppData\Local\Temp\catchme.sys File not found
DRV - (ALSysIO) -- C:\Users\ondra\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (cnnctfy2) -- C:\Windows\System32\drivers\cnnctfy2.sys (Connectify)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (BstHdDrv) -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (TsLwWfF) -- C:\Windows\System32\drivers\TsLwWfF.sys (TamoSoft)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (AODDriver4.2.0) -- C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys (Advanced Micro Devices)
DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (VBoxDrv) -- C:\Windows\System32\drivers\VBoxDrv.sys (Oracle Corporation)
DRV - (VBoxNetFlt) -- C:\Windows\System32\drivers\VBoxNetFlt.sys (Oracle Corporation)
DRV - (VBoxUSBMon) -- C:\Windows\System32\drivers\VBoxUSBMon.sys (Oracle Corporation)
DRV - (VBoxUSB) -- C:\Windows\System32\drivers\VBoxUSB.sys (Oracle Corporation)
DRV - (mcaudrv_simple) -- C:\Windows\System32\drivers\mcaudrv.sys (ManyCam LLC)
DRV - (ManyCam) -- C:\Windows\System32\drivers\mcvidrv.sys (ManyCam LLC)
DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID)
DRV - (RTCore32) -- C:\Program Files\MSI Afterburner\RTCore32.sys ()
DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys ()
DRV - (DxkgFilter) -- C:\Program Files\iDisplay\idisplay.sys ()
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (vmx86) -- C:\Windows\System32\drivers\vmx86.sys (VMware, Inc.)
DRV - (vmci) -- C:\Windows\System32\drivers\vmci.sys (VMware, Inc.)
DRV - (VMparport) -- C:\Windows\System32\drivers\vmparport.sys (VMware, Inc.)
DRV - (vmkbd) -- C:\Windows\System32\drivers\VMkbd.sys (VMware, Inc.)
DRV - (VMnetuserif) -- C:\Windows\System32\drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (hcmon) -- C:\Windows\System32\drivers\hcmon.sys (VMware, Inc.)
DRV - (VMnetBridge) -- C:\Windows\System32\drivers\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetAdapter) -- C:\Windows\System32\drivers\vmnetadapter.sys (VMware, Inc.)
DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software)
DRV - (EkaProt6) -- C:\Windows\System32\drivers\ekaprot6.sys (Ekahau Inc.)
DRV - (vstor2-ws60) -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys (VMware, Inc.)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (athur) -- C:\Windows\System32\drivers\athur.sys (Atheros Communications, Inc.)
DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (RTL85n86) -- C:\Windows\System32\drivers\RTL85n86.sys (Realtek)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (TBPanel) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (USB_RNDIS) -- C:\Windows\System32\drivers\usb8023k.sys (Microsoft Corporation)
DRV - (giveio) -- C:\Windows\System32\giveio.sys ()
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:17.0.0
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:14.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\ondra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ondra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ondra\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ondra\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ondra\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ondra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012.07.30 09:08:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.07 21:01:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.29 07:58:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.16 09:04:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.29 07:58:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.16 09:04:35 | 000,000,000 | ---D | M]
[2012.05.17 05:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Extensions
[2012.12.28 19:14:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\gq702ok8.default\extensions
[2012.05.25 16:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\gq702ok8.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2012.12.28 19:14:06 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\gq702ok8.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2012.10.24 18:48:08 | 000,199,400 | ---- | M] () (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\gq702ok8.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.07.16 13:38:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.08.29 07:58:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.11.07 21:01:19 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.08.29 07:58:11 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.02 15:00:42 | 000,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnu.dll
[2012.04.02 15:00:42 | 000,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll
[2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.08.29 07:58:07 | 000,003,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012.04.21 04:17:43 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.04.21 04:17:43 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.21 04:17:44 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.04.21 04:17:44 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.04.21 04:17:44 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\ondra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\ondra\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\ondra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\ondra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
O1 HOSTS File: ([2012.12.28 11:32:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\i-Look110\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001..\Run: [Connectify] C:\Program Files\Connectify\Connectify.exe (Connectify)
O4 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co.)
O4 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001..\Run: [HotSwap! Applet] C:\Users\ondra\Documents\HotSwap! 5.0.0.0\32bit\HotSwap!.EXE (Kazuyuki Nakayama)
O4 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
OTL logfile created on: 31.12.2012 10:03:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ondra\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,64% Memory free
6,50 Gb Paging File | 5,25 Gb Available in Paging File | 80,81% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 99,72 Gb Free Space | 33,45% Space Free | Partition Type: NTFS
Drive D: | 117,19 Gb Total Space | 72,53 Gb Free Space | 61,89% Space Free | Partition Type: NTFS
Drive E: | 58,08 Gb Total Space | 57,96 Gb Free Space | 99,78% Space Free | Partition Type: NTFS
Computer Name: ONDRA-PC | User Name: ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
========== Processes (All) ==========
PRC - C:\Users\ondra\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Connectify\Connectify.exe (Connectify)
PRC - C:\Program Files\Connectify\Connectifyd.exe (Connectify)
PRC - C:\Program Files\Connectify\ConnectifyService.exe ()
PRC - C:\Windows\System32\PnkBstrA.exe ()
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
PRC - C:\Users\ondra\Documents\CoreTemp32\Core Temp.exe ()
PRC - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
PRC - C:\Program Files\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\System32\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\winlogon.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wininit.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskeng.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\smss.exe (Microsoft Corporation)
PRC - C:\Windows\System32\services.exe (Microsoft Corporation)
PRC - C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lsm.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lsass.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dwm.exe (Microsoft Corporation)
PRC - C:\Windows\System32\csrss.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\EXPERTool\TBPANEL.exe (Gainward Co.)
PRC - C:\Windows\PixArt\i-Look110\Monitor.exe (PixArt Imaging Incorporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Connectify\Vendors.dll ()
MOD - C:\Program Files\Connectify\NativeLibrary.dll ()
MOD - C:\Program Files\Connectify\Scannify.dll ()
MOD - C:\Program Files\Connectify\DriverLib.dll ()
MOD - C:\Program Files\Connectify\BuildProps.dll ()
MOD - C:\Users\ondra\Documents\CoreTemp32\Core Temp.exe ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Ralink\Common\RaWLAPI.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_cs_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.Runtime.Serialization.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bf248d315e6a94b62f23a44fb47399a5\System.WorkflowServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\b685ea7755ea35759d886f06720a9d3a\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e033d390dc7e9567b6960b0f530cf30\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e791f7aea04b8d379f6dbaadb5fdeb96\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e1adf6b481f5120153829fa54ee8a041\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\81282964925798589021d3e0e6de779f\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\1762137638019a091020b3baf52f6de3\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\5588d54cbc98d72ed01194c6d4146073\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll ()
MOD - C:\Program Files\EXPERTool\TBMANAGE.DLL ()
========== Services (All) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Connectify) -- C:\Program Files\Connectify\ConnectifyService.exe ()
SRV - (PnkBstrA) -- C:\Windows\System32\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (wuauserv) -- C:\Windows\System32\wuaueng.dll (Microsoft Corporation)
SRV - (AODService) -- C:\Program Files\AMD\OverDrive\AODAssist.exe ()
SRV - (w7Svc) -- C:\Program Files\webcam 7\wService.exe (Moonware Studios)
SRV - (AdvancedSystemCareService5) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (RalinkRegistryWriter) -- C:\Program Files\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
SRV - (wlidsvc) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (RaMediaServer) -- C:\Program Files\Ralink\Common\RaMediaServer.exe ()
SRV - (ufad-ws60) -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware, Inc.)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (AsSysCtrlService) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (wudfsvc) -- C:\Windows\System32\WUDFSvc.dll (Microsoft Corporation)
SRV - (WinRM) -- C:\Windows\System32\WsmSvc.dll (Microsoft Corporation)
SRV - (WPDBusEnum) -- C:\Windows\System32\wpdbusenum.dll (Microsoft Corporation)
SRV - (wscsvc) -- C:\Windows\System32\wscsvc.dll (Microsoft Corporation)
SRV - (WPCSvc) -- C:\Windows\System32\wpcsvc.dll (Microsoft Corporation)
SRV - (Wlansvc) -- C:\Windows\System32\wlansvc.dll (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- C:\Windows\System32\winhttp.dll (Microsoft Corporation)
SRV - (Winmgmt) -- C:\Windows\System32\wbem\WMIsvc.dll (Microsoft Corporation)
SRV - (LanmanWorkstation) -- C:\Windows\System32\wkssvc.dll (Microsoft Corporation)
SRV - (eventlog) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (StiSvc) -- C:\Windows\System32\wiaservc.dll (Microsoft Corporation)
SRV - (wcncsvc) -- C:\Windows\System32\wcncsvc.dll (Microsoft Corporation)
SRV - (WebClient) -- C:\Windows\System32\WebClnt.dll (Microsoft Corporation)
SRV - (Wecsvc) -- C:\Windows\System32\wecsvc.dll (Microsoft Corporation)
SRV - (WdiSystemHost) -- C:\Windows\System32\wdi.dll (Microsoft Corporation)
SRV - (WdiServiceHost) -- C:\Windows\System32\wdi.dll (Microsoft Corporation)
SRV - (WerSvc) -- C:\Windows\System32\wersvc.dll (Microsoft Corporation)
SRV - (wercplsupport) -- C:\Windows\System32\wercplsupport.dll (Microsoft Corporation)
SRV - (WcsPlugInService) -- C:\Windows\System32\WcsPlugInService.dll (Microsoft Corporation)
SRV - (PlugPlay) -- C:\Windows\System32\umpnpmgr.dll (Microsoft Corporation)
SRV - (W32Time) -- C:\Windows\System32\w32time.dll (Microsoft Corporation)
SRV - (upnphost) -- C:\Windows\System32\upnphost.dll (Microsoft Corporation)
SRV - (UmRdpService) -- C:\Windows\System32\umrdp.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (UxSms) -- C:\Windows\System32\uxsms.dll (Microsoft Corporation)
SRV - (TrkWks) -- C:\Windows\System32\trkwks.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (SysMain) -- C:\Windows\System32\sysmain.dll (Microsoft Corporation)
SRV - (TermService) -- C:\Windows\System32\termsrv.dll (Microsoft Corporation)
SRV - (swprv) -- C:\Windows\System32\swprv.dll (Microsoft Corporation)
SRV - (TapiSrv) -- C:\Windows\System32\tapisrv.dll (Microsoft Corporation)
SRV - (LanmanServer) -- C:\Windows\System32\srvsvc.dll (Microsoft Corporation)
SRV - (SSDPSRV) -- C:\Windows\System32\ssdpsrv.dll (Microsoft Corporation)
SRV - (SstpSvc) -- C:\Windows\System32\sstpsvc.dll (Microsoft Corporation)
SRV - (TabletInputService) -- C:\Windows\System32\TabSvc.dll (Microsoft Corporation)
SRV - (TBS) -- C:\Windows\System32\tbssvc.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (ShellHWDetection) -- C:\Windows\System32\shsvcs.dll (Microsoft Corporation)
SRV - (Schedule) -- C:\Windows\System32\schedsvc.dll (Microsoft Corporation)
SRV - (RpcSs) -- C:\Windows\System32\rpcss.dll (Microsoft Corporation)
SRV - (DcomLaunch) -- C:\Windows\System32\rpcss.dll (Microsoft Corporation)
SRV - (SCardSvr) -- C:\Windows\System32\SCardSvr.dll (Microsoft Corporation)
SRV - (SDRSVC) -- C:\Windows\System32\sdrsvc.dll (Microsoft Corporation)
SRV - (RemoteRegistry) -- C:\Windows\System32\regsvc.dll (Microsoft Corporation)
SRV - (SessionEnv) -- C:\Windows\System32\SessEnv.dll (Microsoft Corporation)
SRV - (SENS) -- C:\Windows\System32\Sens.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (seclogon) -- C:\Windows\System32\seclogon.dll (Microsoft Corporation)
SRV - (pla) -- C:\Windows\System32\pla.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (BITS) -- C:\Windows\System32\qmgr.dll (Microsoft Corporation)
SRV - (napagent) -- C:\Windows\System32\QAGENTRT.DLL (Microsoft Corporation)
SRV - (p2psvc) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
SRV - (RasMan) -- C:\Windows\System32\rasmans.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (QWAVE) -- C:\Windows\System32\qwave.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (ProfSvc) -- C:\Windows\System32\profsvc.dll (Microsoft Corporation)
SRV - (PcaSvc) -- C:\Windows\System32\pcasvc.dll (Microsoft Corporation)
SRV - (RasAuto) -- C:\Windows\System32\rasauto.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (nsi) -- C:\Windows\System32\nsisvc.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\System32\netprofm.dll (Microsoft Corporation)
SRV - (Netman) -- C:\Windows\System32\netman.dll (Microsoft Corporation)
SRV - (NlaSvc) -- C:\Windows\System32\nlasvc.dll (Microsoft Corporation)
SRV - (KtmRm) -- C:\Windows\System32\msdtckrm.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MpsSvc) -- C:\Windows\System32\MPSSVC.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\Windows\System32\mprdim.dll (Microsoft Corporation)
SRV - (THREADORDER) -- C:\Windows\System32\mmcss.dll (Microsoft Corporation)
SRV - (MMCSS) -- C:\Windows\System32\mmcss.dll (Microsoft Corporation)
SRV - (Mcx2Svc) -- C:\Windows\System32\Mcx2Svc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (lltdsvc) -- C:\Windows\System32\lltdsvc.dll (Microsoft Corporation)
SRV - (lmhosts) -- C:\Windows\System32\lmhsvc.dll (Microsoft Corporation)
SRV - (hkmsvc) -- C:\Windows\System32\KMSVC.DLL (Microsoft Corporation)
SRV - (MSiSCSI) -- C:\Windows\System32\iscsiexe.dll (Microsoft Corporation)
SRV - (iphlpsvc) -- C:\Windows\System32\iphlpsvc.dll (Microsoft Corporation)
SRV - (PolicyAgent) -- C:\Windows\System32\IPSECSVC.DLL (Microsoft Corporation)
SRV - (SharedAccess) -- C:\Windows\System32\ipnathlp.dll (Microsoft Corporation)
SRV - (IPBusEnum) -- C:\Windows\System32\IPBusEnum.dll (Microsoft Corporation)
SRV - (IKEEXT) -- C:\Windows\System32\IKEEXT.DLL (Microsoft Corporation)
SRV - (gpsvc) -- C:\Windows\System32\gpsvc.dll (Microsoft Corporation)
SRV - (hidserv) -- C:\Windows\System32\hidserv.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (FDResPub) -- C:\Windows\System32\FDResPub.dll (Microsoft Corporation)
SRV - (fdPHost) -- C:\Windows\System32\fdPHost.dll (Microsoft Corporation)
SRV - (EventSystem) -- C:\Windows\System32\es.dll (Microsoft Corporation)
SRV - (EapHost) -- C:\Windows\System32\eapsvc.dll (Microsoft Corporation)
SRV - (dot3svc) -- C:\Windows\System32\dot3svc.dll (Microsoft Corporation)
SRV - (DPS) -- C:\Windows\System32\dps.dll (Microsoft Corporation)
SRV - (Dnscache) -- C:\Windows\System32\dnsrslvr.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (CscService) -- C:\Windows\System32\cscsvc.dll (Microsoft Corporation)
SRV - (CryptSvc) -- C:\Windows\System32\cryptsvc.dll (Microsoft Corporation)
SRV - (SCPolicySvc) -- C:\Windows\System32\certprop.dll (Microsoft Corporation)
SRV - (CertPropSvc) -- C:\Windows\System32\certprop.dll (Microsoft Corporation)
SRV - (Browser) -- C:\Windows\System32\browser.dll (Microsoft Corporation)
SRV - (bthserv) -- C:\Windows\System32\bthserv.dll (Microsoft Corporation)
SRV - (BFE) -- C:\Windows\System32\BFE.DLL (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (Audiosrv) -- C:\Windows\System32\audiosrv.dll (Microsoft Corporation)
SRV - (AudioEndpointBuilder) -- C:\Windows\System32\audiosrv.dll (Microsoft Corporation)
SRV - (AppMgmt) -- C:\Windows\System32\appmgmts.dll (Microsoft Corporation)
SRV - (AeLookupSvc) -- C:\Windows\System32\aelupsvc.dll (Microsoft Corporation)
SRV - (Appinfo) -- C:\Windows\System32\appinfo.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (wmiApSrv) -- C:\Windows\System32\wbem\WmiApSrv.exe (Microsoft Corporation)
SRV - (wbengine) -- C:\Windows\System32\wbengine.exe (Microsoft Corporation)
SRV - (VSS) -- C:\Windows\System32\VSSVC.exe (Microsoft Corporation)
SRV - (vds) -- C:\Windows\System32\vds.exe (Microsoft Corporation)
SRV - (UI0Detect) -- C:\Windows\System32\UI0Detect.exe (Microsoft Corporation)
SRV - (TrustedInstaller) -- C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
SRV - (Spooler) -- C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
SRV - (SNMPTRAP) -- C:\Windows\System32\snmptrap.exe (Microsoft Corporation)
SRV - (WSearch) -- C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (MSDTC) -- C:\Windows\System32\msdtc.exe (Microsoft Corporation)
SRV - (msiserver) -- C:\Windows\System32\msiexec.exe (Microsoft Corporation)
SRV - (VaultSvc) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (SamSs) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (ProtectedStorage) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (Netlogon) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (EFS) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (RpcLocator) -- C:\Windows\System32\Locator.exe (Microsoft Corporation)
SRV - (Fax) -- C:\Windows\System32\FXSSVC.exe (Microsoft Corporation)
SRV - (ehRecvr) -- C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (ehSched) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (COMSysApp) -- C:\Windows\System32\dllhost.exe (Microsoft Corporation)
SRV - (ALG) -- C:\Windows\System32\alg.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (MarkFun_NT) -- C:\Program Files\Gigabyte\ET5\markfun.w32 File not found
DRV - (catchme) -- C:\Users\ondra\AppData\Local\Temp\catchme.sys File not found
DRV - (ALSysIO) -- C:\Users\ondra\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (cnnctfy2) -- C:\Windows\System32\drivers\cnnctfy2.sys (Connectify)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (BstHdDrv) -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (TsLwWfF) -- C:\Windows\System32\drivers\TsLwWfF.sys (TamoSoft)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (AODDriver4.2.0) -- C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys (Advanced Micro Devices)
DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (VBoxDrv) -- C:\Windows\System32\drivers\VBoxDrv.sys (Oracle Corporation)
DRV - (VBoxNetFlt) -- C:\Windows\System32\drivers\VBoxNetFlt.sys (Oracle Corporation)
DRV - (VBoxUSBMon) -- C:\Windows\System32\drivers\VBoxUSBMon.sys (Oracle Corporation)
DRV - (VBoxUSB) -- C:\Windows\System32\drivers\VBoxUSB.sys (Oracle Corporation)
DRV - (mcaudrv_simple) -- C:\Windows\System32\drivers\mcaudrv.sys (ManyCam LLC)
DRV - (ManyCam) -- C:\Windows\System32\drivers\mcvidrv.sys (ManyCam LLC)
DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID)
DRV - (RTCore32) -- C:\Program Files\MSI Afterburner\RTCore32.sys ()
DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys ()
DRV - (DxkgFilter) -- C:\Program Files\iDisplay\idisplay.sys ()
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (vmx86) -- C:\Windows\System32\drivers\vmx86.sys (VMware, Inc.)
DRV - (vmci) -- C:\Windows\System32\drivers\vmci.sys (VMware, Inc.)
DRV - (VMparport) -- C:\Windows\System32\drivers\vmparport.sys (VMware, Inc.)
DRV - (vmkbd) -- C:\Windows\System32\drivers\VMkbd.sys (VMware, Inc.)
DRV - (VMnetuserif) -- C:\Windows\System32\drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (hcmon) -- C:\Windows\System32\drivers\hcmon.sys (VMware, Inc.)
DRV - (VMnetBridge) -- C:\Windows\System32\drivers\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetAdapter) -- C:\Windows\System32\drivers\vmnetadapter.sys (VMware, Inc.)
DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software)
DRV - (EkaProt6) -- C:\Windows\System32\drivers\ekaprot6.sys (Ekahau Inc.)
DRV - (vstor2-ws60) -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys (VMware, Inc.)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (athur) -- C:\Windows\System32\drivers\athur.sys (Atheros Communications, Inc.)
DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (RTL85n86) -- C:\Windows\System32\drivers\RTL85n86.sys (Realtek)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (TBPanel) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (USB_RNDIS) -- C:\Windows\System32\drivers\usb8023k.sys (Microsoft Corporation)
DRV - (giveio) -- C:\Windows\System32\giveio.sys ()
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:17.0.0
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:14.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\ondra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ondra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ondra\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ondra\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ondra\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ondra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012.07.30 09:08:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.07 21:01:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.29 07:58:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.16 09:04:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.29 07:58:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.16 09:04:35 | 000,000,000 | ---D | M]
[2012.05.17 05:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Extensions
[2012.12.28 19:14:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\gq702ok8.default\extensions
[2012.05.25 16:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\gq702ok8.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2012.12.28 19:14:06 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\gq702ok8.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2012.10.24 18:48:08 | 000,199,400 | ---- | M] () (No name found) -- C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\gq702ok8.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.07.16 13:38:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.08.29 07:58:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.11.07 21:01:19 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.08.29 07:58:11 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.02 15:00:42 | 000,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnu.dll
[2012.04.02 15:00:42 | 000,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll
[2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.08.29 07:58:07 | 000,003,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012.04.21 04:17:43 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.04.21 04:17:43 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.21 04:17:44 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.04.21 04:17:44 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.04.21 04:17:44 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\ondra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\ondra\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\ondra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\ondra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
O1 HOSTS File: ([2012.12.28 11:32:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\i-Look110\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001..\Run: [Connectify] C:\Program Files\Connectify\Connectify.exe (Connectify)
O4 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co.)
O4 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001..\Run: [HotSwap! Applet] C:\Users\ondra\Documents\HotSwap! 5.0.0.0\32bit\HotSwap!.EXE (Kazuyuki Nakayama)
O4 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
Re: Číňan a nemám přístup k vytváření na C: LOG
2, čast
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000065 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000066 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000067 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000068 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000069 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000070 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000071 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000072 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000073 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000074 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000075 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000076 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000077 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000078 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000079 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000080 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000081 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000082 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000083 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000084 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000085 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000086 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000087 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000088 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000089 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000090 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000091 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000092 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000093 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000094 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000095 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000096 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000097 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000098 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000099 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000100 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000101 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000102 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000103 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000104 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000105 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000106 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000107 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000108 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000109 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000110 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000111 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000112 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000113 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000114 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000115 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000116 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000117 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000118 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000119 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000120 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000121 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000122 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000123 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000124 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000125 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000126 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000127 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000128 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000129 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000130 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000131 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000132 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000133 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000134 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000135 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000136 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000137 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0720E444-34BE-4B53-B4C4-A5A3EBCB7B03}: DhcpNameServer = 77.48.95.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D54BCAEB-426B-4C42-B20B-84363566BD66}: DhcpNameServer = 77.48.95.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6E58FBF-C792-4CFD-9860-93D29FE14E4D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAEA8D73-6FE9-4A03-A92D-46D3FA99D587}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0E5EBA5-6939-47F7-A343-E813B499E998}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.08.31 15:59:30 | 000,000,069 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 14 Days ==========
[2012.12.30 13:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TamoSoft
[2012.12.30 13:41:03 | 000,000,000 | ---D | C] -- C:\Users\ondra\Documents\CommView for WiFi
[2012.12.30 13:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CommView for WiFi
[2012.12.30 13:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\CommViewWiFi
[2012.12.29 10:12:46 | 000,000,000 | ---D | C] -- C:\Users\ondra\Documents\Vistumbler
[2012.12.29 10:11:09 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vistumbler
[2012.12.29 10:10:57 | 000,000,000 | ---D | C] -- C:\Program Files\Vistumbler
[2012.12.28 18:53:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.28 13:20:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ondra\Desktop\OTL.exe
[2012.12.28 11:30:34 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\temp
[2012.12.27 21:26:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.27 19:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\Nová složka
[2012.12.25 13:20:24 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Roaming\JAM Software
[2012.12.25 13:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeavyLoad
[2012.12.25 13:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software
[2012.12.24 10:00:24 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[2012.12.23 21:22:40 | 000,000,000 | ---D | C] -- C:\found.002
[2012.12.23 20:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2012.12.23 20:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012.12.23 20:01:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sweex Wireless LAN
[2012.12.22 16:27:20 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\IsolatedStorage
[2012.12.20 22:18:17 | 000,000,000 | ---D | C] -- C:\Users\ondra\Documents\4A Games
[2012.12.20 22:17:56 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\4A Games
[2012.12.20 22:16:50 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012.12.20 22:16:50 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012.12.20 22:16:50 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012.12.20 22:16:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012.12.20 22:16:50 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012.12.20 22:16:49 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012.12.20 22:16:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012.12.20 22:16:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012.12.20 22:16:47 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012.12.20 22:16:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012.12.20 22:16:47 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012.12.20 22:16:46 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012.12.20 22:16:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012.12.20 22:16:45 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012.12.20 22:16:44 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012.12.20 22:16:44 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012.12.20 22:16:44 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012.12.20 22:16:44 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012.12.20 22:16:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012.12.20 22:16:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012.12.20 22:16:42 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012.12.20 22:16:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012.12.20 22:16:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012.12.20 22:16:41 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012.12.20 22:16:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012.12.20 22:16:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012.12.20 22:16:41 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012.12.20 22:16:41 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012.12.20 22:16:39 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012.12.20 22:16:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012.12.20 22:16:39 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012.12.20 22:16:39 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012.12.20 22:16:38 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012.12.20 22:16:38 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012.12.20 22:16:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012.12.20 22:16:37 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012.12.20 22:16:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012.12.20 22:16:37 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012.12.20 22:16:36 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012.12.20 22:16:36 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012.12.20 22:16:36 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012.12.20 22:16:35 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012.12.20 22:16:34 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012.12.20 22:16:34 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012.12.20 22:16:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012.12.20 22:16:33 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012.12.20 22:16:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012.12.20 22:16:33 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012.12.20 22:16:32 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012.12.20 22:16:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012.12.20 22:16:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012.12.20 22:16:31 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012.12.20 22:16:31 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012.12.20 22:16:30 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012.12.20 22:16:29 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012.12.20 22:16:29 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012.12.20 22:16:28 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012.12.20 22:16:28 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012.12.20 22:16:28 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012.12.20 22:16:27 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012.12.20 22:16:27 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012.12.20 22:16:26 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012.12.20 22:16:26 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012.12.20 22:16:26 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012.12.20 22:16:25 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012.12.20 22:16:25 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012.12.20 22:16:25 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012.12.20 22:16:24 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012.12.20 22:16:24 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012.12.20 22:16:24 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012.12.20 22:16:16 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012.12.20 22:16:15 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012.12.20 22:16:15 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012.12.20 22:16:15 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012.12.20 22:16:13 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012.12.20 22:16:12 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012.12.20 22:16:10 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012.12.20 22:16:08 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012.12.19 20:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\metro
[2012.12.19 14:30:53 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\{CC5D7601-D27D-435C-9C2C-4BB872B0AF38}
[2012.12.19 14:30:16 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\{02591907-D740-4FA2-95AB-F7A0C794BA60}
========== Files - Modified Within 14 Days ==========
[2012.12.31 10:01:51 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.31 10:01:51 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.31 09:53:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.31 09:53:53 | 2615,762,944 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.31 09:07:18 | 000,668,390 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.12.31 09:07:18 | 000,654,134 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.31 09:07:18 | 000,140,612 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.12.31 09:07:18 | 000,121,592 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.29 10:11:09 | 000,000,893 | ---- | M] () -- C:\Users\ondra\Desktop\Vistumbler.lnk
[2012.12.28 13:20:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ondra\Desktop\OTL.exe
[2012.12.28 11:32:29 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.12.28 11:15:01 | 000,001,138 | ---- | M] () -- C:\Users\ondra\Desktop\ComboFix – zástupce.lnk
[2012.12.25 20:25:39 | 000,304,160 | ---- | M] () -- C:\PA207.DAT
[2012.12.25 13:20:22 | 000,001,096 | ---- | M] () -- C:\Users\ondra\Desktop\HeavyLoad.lnk
[2012.12.24 10:06:15 | 000,000,043 | ---- | M] () -- C:\END
[2012.12.23 21:37:25 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.12.23 21:37:20 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.12.19 20:18:21 | 000,000,215 | ---- | M] () -- C:\Users\ondra\Desktop\Metro 2033.url
========== Files Created - No Company Name ==========
[2012.12.29 10:11:09 | 000,000,893 | ---- | C] () -- C:\Users\ondra\Desktop\Vistumbler.lnk
[2012.12.28 11:15:01 | 000,001,138 | ---- | C] () -- C:\Users\ondra\Desktop\ComboFix – zástupce.lnk
[2012.12.25 13:20:22 | 000,001,096 | ---- | C] () -- C:\Users\ondra\Desktop\HeavyLoad.lnk
[2012.12.24 10:06:10 | 000,000,043 | ---- | C] () -- C:\END
[2012.12.23 21:37:25 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.12.19 20:18:21 | 000,000,215 | ---- | C] () -- C:\Users\ondra\Desktop\Metro 2033.url
[2012.12.11 19:48:45 | 000,005,120 | ---- | C] () -- C:\Windows\System32\tcusbdrv.dll
[2012.12.05 20:10:56 | 000,014,119 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012.12.05 20:10:32 | 000,480,608 | ---- | C] () -- C:\Windows\System32\DiagFunc.dll
[2012.12.05 20:10:32 | 000,000,451 | ---- | C] () -- C:\Windows\System32\DiagFunc.ini
[2012.12.05 18:55:56 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012.11.24 17:44:30 | 000,002,692 | ---- | C] () -- C:\Users\ondra\AppData\Local\recently-used.xbel
[2012.11.09 19:32:14 | 000,141,072 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.11.09 19:32:13 | 000,138,904 | ---- | C] () -- C:\Users\ondra\AppData\Roaming\PnkBstrK.sys
[2012.11.09 19:31:41 | 000,281,120 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.11.09 19:31:40 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.11.04 11:17:02 | 002,468,520 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2012.11.04 11:17:02 | 002,468,520 | ---- | C] () -- C:\Windows\System32\¸´Ľţ BootMan.exe
[2012.11.04 11:17:02 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2012.11.04 11:17:02 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2012.11.04 11:17:02 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2012.11.04 11:17:02 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2012.10.01 18:15:58 | 000,000,000 | ---- | C] () -- C:\Windows\musicmaker.INI
[2012.10.01 18:12:20 | 000,000,321 | ---- | C] () -- C:\Windows\BeatBox.INI
[2012.10.01 18:08:04 | 000,038,912 | ---- | C] () -- C:\Windows\System32\mgxasio.dll
[2012.10.01 18:07:11 | 000,005,729 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2012.09.28 10:56:35 | 000,001,451 | ---- | C] () -- C:\Users\ondra\AppData\Local\RecConfig.xml
[2012.09.27 14:46:54 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.09.17 17:40:10 | 000,000,110 | ---- | C] () -- C:\Windows\System32\RichardBurnsRally.ini
[2012.08.30 09:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012.07.20 16:37:53 | 000,088,484 | ---- | C] () -- C:\Users\ondra\final_bstSnapshot_72848.jpg
[2012.07.19 19:21:22 | 000,095,231 | ---- | C] () -- C:\Users\ondra\final_bstSnapshot_76526.jpg
[2012.07.19 18:46:49 | 000,070,511 | ---- | C] () -- C:\Users\ondra\final_bstSnapshot_89126.jpg
[2012.07.16 15:24:00 | 000,007,597 | ---- | C] () -- C:\Users\ondra\AppData\Local\resmon.resmoncfg
[2012.07.13 06:24:37 | 000,006,144 | ---- | C] () -- C:\Users\ondra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.30 11:49:50 | 000,000,241 | ---- | C] () -- C:\Users\ondra\AppData\Roaming\GPU Meter_Settings.ini
[2012.06.29 19:01:26 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.06.29 19:01:25 | 000,029,127 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.06.29 13:37:57 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
[2012.06.29 13:37:57 | 000,011,296 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2012.06.29 13:37:55 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2012.06.29 13:37:55 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2012.06.10 16:17:42 | 000,001,047 | ---- | C] () -- C:\Windows\unins000.dat
[2012.06.01 05:18:37 | 000,000,644 | RHS- | C] () -- C:\Users\ondra\ntuser.pol
[2012.05.29 14:53:59 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012.05.27 08:47:27 | 000,517,120 | ---- | C] () -- C:\Windows\System32\CLWCP.exe
[2012.05.16 17:45:35 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.ini
[2012.05.16 14:57:56 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.19 14:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2011.06.10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.12.16 15:44:17 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\.minecraft
[2012.05.18 17:56:47 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\.Nitrous
[2012.05.19 18:32:57 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\.spoutcraft
[2012.06.30 09:55:28 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\AnvSoft
[2012.12.28 21:34:35 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Audacity
[2012.05.18 13:39:00 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\BANDISOFT
[2012.05.21 14:42:57 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Blender Foundation
[2012.08.28 07:11:28 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\CadSoft
[2012.11.19 19:57:05 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2012.11.26 08:06:31 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\DAEMON Tools Lite
[2012.07.02 09:24:32 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\fltk.org
[2012.08.25 12:21:49 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\GHISLER
[2012.09.30 11:48:42 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Image-Line
[2012.08.01 11:46:03 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\InfraRecorder
[2012.09.15 10:41:51 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\IObit
[2012.12.09 18:28:43 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\IrfanView
[2012.12.25 13:20:24 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\JAM Software
[2012.06.20 19:27:02 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\LolClient2
[2012.11.27 09:14:54 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\MAGIX
[2012.07.10 08:17:39 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\ManyCam
[2012.07.30 09:09:30 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Nokia
[2012.05.29 18:01:16 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Notepad++
[2012.05.17 13:05:17 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\OpenOffice.org
[2012.07.30 09:09:29 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\PC Suite
[2012.10.07 15:44:17 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\pdfforge
[2012.05.31 16:07:30 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\PhotoFiltre
[2012.09.12 13:14:16 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Pixelplan
[2012.09.16 15:35:26 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\ProfiCAD
[2012.09.27 15:04:18 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Renoise
[2012.09.16 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\RotMG.Production
[2012.07.14 12:26:35 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\SHAPE Services
[2012.08.07 10:22:36 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Sony
[2012.09.28 11:32:44 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\SynthMaker
[2012.07.03 10:04:41 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\SYSTEMAX Software Development
[2012.10.05 15:41:48 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\TeamViewer
[2012.10.24 18:34:33 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\TS3Client
[2012.06.15 16:48:17 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Ubisoft
[2012.07.30 17:05:43 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Unity
[2012.12.29 16:18:19 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\uTorrent
[2012.07.27 08:02:54 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\VitySoft
[2012.11.08 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\wargaming.net
[2012.08.05 17:09:59 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Windows Live Writer
[2012.09.04 13:45:55 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Wireshark
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 12 bytes -> C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
< End of report >
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-33959413-2999115600-1941737774-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000065 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000066 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000067 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000068 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000069 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000070 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000071 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000072 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000073 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000074 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000075 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000076 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000077 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000078 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000079 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000080 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000081 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000082 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000083 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000084 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000085 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000086 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000087 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000088 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000089 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000090 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000091 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000092 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000093 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000094 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000095 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000096 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000097 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000098 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000099 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000100 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000101 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000102 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000103 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000104 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000105 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000106 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000107 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000108 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000109 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000110 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000111 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000112 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000113 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000114 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000115 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000116 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000117 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000118 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000119 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000120 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000121 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000122 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000123 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000124 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000125 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000126 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000127 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000128 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000129 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000130 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000131 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000132 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000133 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000134 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000135 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000136 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000137 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0720E444-34BE-4B53-B4C4-A5A3EBCB7B03}: DhcpNameServer = 77.48.95.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D54BCAEB-426B-4C42-B20B-84363566BD66}: DhcpNameServer = 77.48.95.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6E58FBF-C792-4CFD-9860-93D29FE14E4D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAEA8D73-6FE9-4A03-A92D-46D3FA99D587}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0E5EBA5-6939-47F7-A343-E813B499E998}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.08.31 15:59:30 | 000,000,069 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 14 Days ==========
[2012.12.30 13:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TamoSoft
[2012.12.30 13:41:03 | 000,000,000 | ---D | C] -- C:\Users\ondra\Documents\CommView for WiFi
[2012.12.30 13:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CommView for WiFi
[2012.12.30 13:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\CommViewWiFi
[2012.12.29 10:12:46 | 000,000,000 | ---D | C] -- C:\Users\ondra\Documents\Vistumbler
[2012.12.29 10:11:09 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vistumbler
[2012.12.29 10:10:57 | 000,000,000 | ---D | C] -- C:\Program Files\Vistumbler
[2012.12.28 18:53:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.28 13:20:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ondra\Desktop\OTL.exe
[2012.12.28 11:30:34 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\temp
[2012.12.27 21:26:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.27 19:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\Nová složka
[2012.12.25 13:20:24 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Roaming\JAM Software
[2012.12.25 13:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeavyLoad
[2012.12.25 13:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software
[2012.12.24 10:00:24 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[2012.12.23 21:22:40 | 000,000,000 | ---D | C] -- C:\found.002
[2012.12.23 20:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2012.12.23 20:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012.12.23 20:01:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sweex Wireless LAN
[2012.12.22 16:27:20 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\IsolatedStorage
[2012.12.20 22:18:17 | 000,000,000 | ---D | C] -- C:\Users\ondra\Documents\4A Games
[2012.12.20 22:17:56 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\4A Games
[2012.12.20 22:16:50 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012.12.20 22:16:50 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012.12.20 22:16:50 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012.12.20 22:16:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012.12.20 22:16:50 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012.12.20 22:16:49 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012.12.20 22:16:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012.12.20 22:16:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012.12.20 22:16:47 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012.12.20 22:16:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012.12.20 22:16:47 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012.12.20 22:16:46 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012.12.20 22:16:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012.12.20 22:16:45 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012.12.20 22:16:44 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012.12.20 22:16:44 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012.12.20 22:16:44 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012.12.20 22:16:44 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012.12.20 22:16:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012.12.20 22:16:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012.12.20 22:16:42 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012.12.20 22:16:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012.12.20 22:16:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012.12.20 22:16:41 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012.12.20 22:16:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012.12.20 22:16:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012.12.20 22:16:41 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012.12.20 22:16:41 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012.12.20 22:16:39 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012.12.20 22:16:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012.12.20 22:16:39 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012.12.20 22:16:39 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012.12.20 22:16:38 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012.12.20 22:16:38 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012.12.20 22:16:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012.12.20 22:16:37 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012.12.20 22:16:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012.12.20 22:16:37 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012.12.20 22:16:36 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012.12.20 22:16:36 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012.12.20 22:16:36 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012.12.20 22:16:35 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012.12.20 22:16:34 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012.12.20 22:16:34 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012.12.20 22:16:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012.12.20 22:16:33 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012.12.20 22:16:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012.12.20 22:16:33 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012.12.20 22:16:32 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012.12.20 22:16:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012.12.20 22:16:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012.12.20 22:16:31 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012.12.20 22:16:31 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012.12.20 22:16:30 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012.12.20 22:16:29 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012.12.20 22:16:29 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012.12.20 22:16:28 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012.12.20 22:16:28 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012.12.20 22:16:28 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012.12.20 22:16:27 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012.12.20 22:16:27 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012.12.20 22:16:26 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012.12.20 22:16:26 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012.12.20 22:16:26 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012.12.20 22:16:25 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012.12.20 22:16:25 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012.12.20 22:16:25 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012.12.20 22:16:24 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012.12.20 22:16:24 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012.12.20 22:16:24 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012.12.20 22:16:16 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012.12.20 22:16:15 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012.12.20 22:16:15 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012.12.20 22:16:15 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012.12.20 22:16:13 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012.12.20 22:16:12 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012.12.20 22:16:10 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012.12.20 22:16:08 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012.12.19 20:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\metro
[2012.12.19 14:30:53 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\{CC5D7601-D27D-435C-9C2C-4BB872B0AF38}
[2012.12.19 14:30:16 | 000,000,000 | ---D | C] -- C:\Users\ondra\AppData\Local\{02591907-D740-4FA2-95AB-F7A0C794BA60}
========== Files - Modified Within 14 Days ==========
[2012.12.31 10:01:51 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.31 10:01:51 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.31 09:53:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.31 09:53:53 | 2615,762,944 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.31 09:07:18 | 000,668,390 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.12.31 09:07:18 | 000,654,134 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.31 09:07:18 | 000,140,612 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.12.31 09:07:18 | 000,121,592 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.29 10:11:09 | 000,000,893 | ---- | M] () -- C:\Users\ondra\Desktop\Vistumbler.lnk
[2012.12.28 13:20:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ondra\Desktop\OTL.exe
[2012.12.28 11:32:29 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.12.28 11:15:01 | 000,001,138 | ---- | M] () -- C:\Users\ondra\Desktop\ComboFix – zástupce.lnk
[2012.12.25 20:25:39 | 000,304,160 | ---- | M] () -- C:\PA207.DAT
[2012.12.25 13:20:22 | 000,001,096 | ---- | M] () -- C:\Users\ondra\Desktop\HeavyLoad.lnk
[2012.12.24 10:06:15 | 000,000,043 | ---- | M] () -- C:\END
[2012.12.23 21:37:25 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.12.23 21:37:20 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.12.19 20:18:21 | 000,000,215 | ---- | M] () -- C:\Users\ondra\Desktop\Metro 2033.url
========== Files Created - No Company Name ==========
[2012.12.29 10:11:09 | 000,000,893 | ---- | C] () -- C:\Users\ondra\Desktop\Vistumbler.lnk
[2012.12.28 11:15:01 | 000,001,138 | ---- | C] () -- C:\Users\ondra\Desktop\ComboFix – zástupce.lnk
[2012.12.25 13:20:22 | 000,001,096 | ---- | C] () -- C:\Users\ondra\Desktop\HeavyLoad.lnk
[2012.12.24 10:06:10 | 000,000,043 | ---- | C] () -- C:\END
[2012.12.23 21:37:25 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.12.19 20:18:21 | 000,000,215 | ---- | C] () -- C:\Users\ondra\Desktop\Metro 2033.url
[2012.12.11 19:48:45 | 000,005,120 | ---- | C] () -- C:\Windows\System32\tcusbdrv.dll
[2012.12.05 20:10:56 | 000,014,119 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012.12.05 20:10:32 | 000,480,608 | ---- | C] () -- C:\Windows\System32\DiagFunc.dll
[2012.12.05 20:10:32 | 000,000,451 | ---- | C] () -- C:\Windows\System32\DiagFunc.ini
[2012.12.05 18:55:56 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012.11.24 17:44:30 | 000,002,692 | ---- | C] () -- C:\Users\ondra\AppData\Local\recently-used.xbel
[2012.11.09 19:32:14 | 000,141,072 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.11.09 19:32:13 | 000,138,904 | ---- | C] () -- C:\Users\ondra\AppData\Roaming\PnkBstrK.sys
[2012.11.09 19:31:41 | 000,281,120 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.11.09 19:31:40 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.11.04 11:17:02 | 002,468,520 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2012.11.04 11:17:02 | 002,468,520 | ---- | C] () -- C:\Windows\System32\¸´Ľţ BootMan.exe
[2012.11.04 11:17:02 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2012.11.04 11:17:02 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2012.11.04 11:17:02 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2012.11.04 11:17:02 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2012.10.01 18:15:58 | 000,000,000 | ---- | C] () -- C:\Windows\musicmaker.INI
[2012.10.01 18:12:20 | 000,000,321 | ---- | C] () -- C:\Windows\BeatBox.INI
[2012.10.01 18:08:04 | 000,038,912 | ---- | C] () -- C:\Windows\System32\mgxasio.dll
[2012.10.01 18:07:11 | 000,005,729 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2012.09.28 10:56:35 | 000,001,451 | ---- | C] () -- C:\Users\ondra\AppData\Local\RecConfig.xml
[2012.09.27 14:46:54 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.09.17 17:40:10 | 000,000,110 | ---- | C] () -- C:\Windows\System32\RichardBurnsRally.ini
[2012.08.30 09:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012.07.20 16:37:53 | 000,088,484 | ---- | C] () -- C:\Users\ondra\final_bstSnapshot_72848.jpg
[2012.07.19 19:21:22 | 000,095,231 | ---- | C] () -- C:\Users\ondra\final_bstSnapshot_76526.jpg
[2012.07.19 18:46:49 | 000,070,511 | ---- | C] () -- C:\Users\ondra\final_bstSnapshot_89126.jpg
[2012.07.16 15:24:00 | 000,007,597 | ---- | C] () -- C:\Users\ondra\AppData\Local\resmon.resmoncfg
[2012.07.13 06:24:37 | 000,006,144 | ---- | C] () -- C:\Users\ondra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.30 11:49:50 | 000,000,241 | ---- | C] () -- C:\Users\ondra\AppData\Roaming\GPU Meter_Settings.ini
[2012.06.29 19:01:26 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.06.29 19:01:25 | 000,029,127 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.06.29 13:37:57 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
[2012.06.29 13:37:57 | 000,011,296 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2012.06.29 13:37:55 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2012.06.29 13:37:55 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2012.06.10 16:17:42 | 000,001,047 | ---- | C] () -- C:\Windows\unins000.dat
[2012.06.01 05:18:37 | 000,000,644 | RHS- | C] () -- C:\Users\ondra\ntuser.pol
[2012.05.29 14:53:59 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012.05.27 08:47:27 | 000,517,120 | ---- | C] () -- C:\Windows\System32\CLWCP.exe
[2012.05.16 17:45:35 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.ini
[2012.05.16 14:57:56 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.19 14:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2011.06.10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.12.16 15:44:17 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\.minecraft
[2012.05.18 17:56:47 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\.Nitrous
[2012.05.19 18:32:57 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\.spoutcraft
[2012.06.30 09:55:28 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\AnvSoft
[2012.12.28 21:34:35 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Audacity
[2012.05.18 13:39:00 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\BANDISOFT
[2012.05.21 14:42:57 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Blender Foundation
[2012.08.28 07:11:28 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\CadSoft
[2012.11.19 19:57:05 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2012.11.26 08:06:31 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\DAEMON Tools Lite
[2012.07.02 09:24:32 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\fltk.org
[2012.08.25 12:21:49 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\GHISLER
[2012.09.30 11:48:42 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Image-Line
[2012.08.01 11:46:03 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\InfraRecorder
[2012.09.15 10:41:51 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\IObit
[2012.12.09 18:28:43 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\IrfanView
[2012.12.25 13:20:24 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\JAM Software
[2012.06.20 19:27:02 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\LolClient2
[2012.11.27 09:14:54 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\MAGIX
[2012.07.10 08:17:39 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\ManyCam
[2012.07.30 09:09:30 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Nokia
[2012.05.29 18:01:16 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Notepad++
[2012.05.17 13:05:17 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\OpenOffice.org
[2012.07.30 09:09:29 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\PC Suite
[2012.10.07 15:44:17 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\pdfforge
[2012.05.31 16:07:30 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\PhotoFiltre
[2012.09.12 13:14:16 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Pixelplan
[2012.09.16 15:35:26 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\ProfiCAD
[2012.09.27 15:04:18 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Renoise
[2012.09.16 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\RotMG.Production
[2012.07.14 12:26:35 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\SHAPE Services
[2012.08.07 10:22:36 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Sony
[2012.09.28 11:32:44 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\SynthMaker
[2012.07.03 10:04:41 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\SYSTEMAX Software Development
[2012.10.05 15:41:48 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\TeamViewer
[2012.10.24 18:34:33 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\TS3Client
[2012.06.15 16:48:17 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Ubisoft
[2012.07.30 17:05:43 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Unity
[2012.12.29 16:18:19 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\uTorrent
[2012.07.27 08:02:54 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\VitySoft
[2012.11.08 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\wargaming.net
[2012.08.05 17:09:59 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Windows Live Writer
[2012.09.04 13:45:55 | 000,000,000 | ---D | M] -- C:\Users\ondra\AppData\Roaming\Wireshark
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 12 bytes -> C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
< End of report >
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Číňan a nemám přístup k vytváření na C: LOG
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/Opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Pod Vlastní skenování/Opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
DRV - (MarkFun_NT) -- C:\Program Files\Gigabyte\ET5\markfun.w32 File not found
DRV - (catchme) -- C:\Users\ondra\AppData\Local\Temp\catchme.sys File not found
DRV - (ALSysIO) -- C:\Users\ondra\AppData\Local\Temp\ALSysIO.sys File not found
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ondra\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ondra\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Value error.)
@Alternate Data Stream - 12 bytes -> C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
:Services
MarkFun_NT
catchme
ALSysIO
:Files
C:\found.002
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\system32\SET*.tmp
C:\Recycler
C:\$RECYCLE.BIN
C:\RECYCLER
C:\Windows\tasks\*.job
:Reg
:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Číňan a nemám přístup k vytváření na C: LOG +
Zítra se na to kouknu,ted moc nemám čas.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 121 hostů