Prosím o kontrolu logu - pomalý notebook Vyřešeno

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Reklama]

[Zdendys75]

OTL logfile created on: 26.1.2013 9:07:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdendys\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,18 Mb Total Physical Memory | 229,24 Mb Available Physical Memory | 22,60% Memory free
1,99 Gb Paging File | 0,82 Gb Available in Paging File | 41,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 41,49 Gb Free Space | 41,49% Space Free | Partition Type: NTFS
Drive D: | 117,87 Gb Total Space | 47,33 Gb Free Space | 40,15% Space Free | Partition Type: NTFS

Computer Name: ZDENDYS-PC | User Name: Zdendys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Zdendys\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Zdendys\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
PRC - C:\Program Files\Asus\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\Asus\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Asus\HotkeyService\HotkeyService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\Asus\HotkeyService\HotKeyMon.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\Asus\SHE\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\AsusService.exe ()
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
PRC - C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronic Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.56\libglesv2.dll ()
MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.56\libegl.dll ()
MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\b95e7795ea5951d09521cddfc03b5c4e\Microsoft.VisualBasic.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4d6518ef6ae8d6f005c49ab1c86de7fe\IAStorCommon.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ab54c04b3df40416205883b4049fe273\IAStorUtil.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Users\Zdendys\AppData\Local\Facebook\Messenger\2.1.4651.0\libcef.dll ()
MOD - C:\Users\Zdendys\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.WinForms.dll ()
MOD - C:\Users\Zdendys\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()


========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files\Asus\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (AsusService) -- C:\Windows\System32\AsusService.exe ()
SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (HFGService) -- C:\Windows\System32\HFGService.dll (CSR, plc)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (btwrchid) -- C:\windows\system32\drivers\btwrchid.sys File not found
DRV - (btwl2cap) -- system32\DRIVERS\btwl2cap.sys File not found
DRV - (btwavdt) -- C:\windows\system32\drivers\btwavdt.sys File not found
DRV - (btwaudio) -- system32\drivers\btwaudio.sys File not found
DRV - (FldSafe) -- C:\Windows\System32\drivers\FldSafe.sys (Windows (R) Win 7 DDK provider)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (iBtFltCoex) -- C:\Windows\System32\drivers\iBtFltCoex.sys (Intel Corporation)
DRV - (btmhsf) -- C:\Windows\System32\drivers\btmhsf.sys (Intel Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (AsUpIO) -- C:\Windows\System32\drivers\AsUpIO.sys ()
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (BthAudioHF) -- C:\Windows\System32\drivers\BthAudioHF.sys (CSR, plc)
DRV - (csr_a2dp) -- C:\Windows\System32\drivers\bthav.sys (CSR, plc)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (ASMMAP) -- C:\Program Files\Asus\ATK Package\ATKGFNEX\ASMMAP.sys (ASUS)
DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (IpwP) -- C:\Windows\System32\drivers\ipw3gnet.sys (IPWireless Inc.)
DRV - (Ethpdrv) -- C:\Windows\System32\drivers\ethpdrv.sys (Gemfor s.r.o.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si= ... tid=592&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Zdendys\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.22 18:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.01.06 22:11:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.22 18:51:30 | 000,000,000 | ---D | M]

[2011.10.24 20:25:46 | 000,002,036 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.10.12 23:09:55 | 000,003,280 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml

========== Chrome ==========

CHR - homepage: http://seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\windows\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Zdendys\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - Extension: YouTube = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Turbo Racing = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\cefbaeiadhnofgmbbdbabdnfmimefebl\1.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Blue Space Sunset Chrome Theme = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog\3.5_0\
CHR - Extension: Red Bull TV = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbalkogcfbpplioohgihkidalmomblfc\1.15_0\
CHR - Extension: Gmail = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: YouTube = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Turbo Racing = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\cefbaeiadhnofgmbbdbabdnfmimefebl\1.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Blue Space Sunset Chrome Theme = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog\3.5_0\
CHR - Extension: Red Bull TV = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbalkogcfbpplioohgihkidalmomblfc\1.15_0\
CHR - Extension: Gmail = C:\Users\Zdendys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013.01.25 14:13:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\Asus\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\Asus\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_CAAC5E4F679C6FF9EA148200860ED670] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Zdendys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Zdendys\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O4 - Startup: C:\Users\Zdendys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fliptoast.lnk = File not found
O4 - Startup: C:\Users\Zdendys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

[Zdendys75]

p://java.sun.com/update/1.6.0/jinstall- ... s-i586.cab (Java Plug-in 10.11.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.11.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90ABDC79-EA12-4DFB-A747-31100A486809}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCD0D3B5-94F3-4C7E-98BE-2403A3FAB7C7}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.01.25 23:27:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Zdendys\Desktop\OTL.exe
[2013.01.25 23:16:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.25 17:36:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.01.25 16:56:34 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\Desktop\S6500XXLC5_S6500XEZLC1_XEZ
[2013.01.24 17:34:03 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Local\{44F6D920-36F1-40E2-9E08-7FD4A8A64091}
[2013.01.24 15:38:11 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.01.24 00:42:13 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Local\Ilium_Software,_Inc
[2013.01.24 00:40:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilium Software
[2013.01.24 00:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\Ilium Software
[2013.01.24 00:32:52 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Local\Adobe
[2013.01.23 21:29:54 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Roaming\Ilium Software
[2013.01.23 21:29:54 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\Documents\eWallet
[2013.01.23 21:02:00 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2013.01.23 21:01:59 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Roaming\IsolatedStorage
[2013.01.23 21:01:30 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Local\_
[2013.01.23 19:45:04 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\System32\drivers\ssudmdm.sys
[2013.01.23 19:45:03 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\System32\drivers\ssudbus.sys
[2013.01.23 19:42:21 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\ssadwhnt.sys
[2013.01.23 19:42:20 | 000,136,808 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\ssadmdm.sys
[2013.01.23 19:42:20 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\ssadmdfl.sys
[2013.01.23 19:42:20 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\ssadcmnt.sys
[2013.01.23 19:42:19 | 000,121,064 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\ssadbus.sys
[2013.01.23 19:42:18 | 000,114,280 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\ssadserd.sys
[2013.01.22 12:47:28 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013.01.22 12:47:28 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013.01.22 12:47:28 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013.01.22 12:45:37 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2013.01.12 15:54:53 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Local\{4CBADF4F-083C-4A9E-978D-5A1D94E3BBD3}
[2013.01.11 21:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\All Video Fixer
[2013.01.11 19:53:52 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\Documents\Freemake
[2013.01.11 19:53:47 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
[2013.01.11 19:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
[2013.01.11 19:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2013.01.11 19:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake
[2013.01.11 19:39:45 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\windows\System32\yv12vfw.dll
[2013.01.11 19:39:45 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\windows\System32\i420vfw.dll
[2013.01.11 19:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2013.01.11 19:27:29 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\windows\System32\roboot.exe
[2013.01.11 19:27:14 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Roaming\systweak
[2013.01.11 19:24:20 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Local\{BF0911A4-D3C7-4B51-A648-97BEFDC65E7C}
[2013.01.11 19:22:49 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\windows\System32\pncrt.dll
[2013.01.11 19:22:48 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- C:\windows\System32\drvc.dll
[2013.01.11 19:20:25 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2013.01.10 23:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\Axantum
[2013.01.10 23:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axantum AxCrypt
[2013.01.10 22:42:31 | 000,000,000 | ---D | C] -- C:\windows\System32\ShellExt
[2013.01.10 22:33:20 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2013.01.10 22:33:19 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2013.01.10 22:33:19 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.01.10 22:33:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.10 22:33:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.10 22:33:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.10 22:33:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.10 22:33:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.01.10 22:33:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.01.10 22:33:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.01.10 22:33:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.01.10 22:33:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.10 22:33:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.10 22:33:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.01.10 22:33:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.10 22:33:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.10 22:33:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.10 22:33:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.01.10 22:33:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.01.10 22:33:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.01.10 22:33:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.10 22:33:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.01.10 22:33:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.10 22:33:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.01.10 22:33:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.10 22:33:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.01.10 22:33:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.10 22:33:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.01.10 22:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.10 22:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.01.10 22:32:10 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\System32\oflc-nz.rs
[2013.01.10 22:32:10 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\System32\csrr.rs
[2013.01.10 22:32:09 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\System32\fpb.rs
[2013.01.10 22:32:09 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\System32\cob-au.rs
[2013.01.10 22:32:09 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\System32\djctq.rs
[2013.01.10 22:32:08 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\System32\pegibbfc.rs
[2013.01.10 22:32:08 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\System32\usk.rs
[2013.01.10 22:32:08 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\System32\grb.rs
[2013.01.10 22:32:07 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-pt.rs
[2013.01.10 22:32:07 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi.rs
[2013.01.10 22:32:06 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gameux.dll
[2013.01.10 22:32:05 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wpc.dll
[2013.01.10 22:32:01 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\System32\esrb.rs
[2013.01.10 22:32:00 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\System32\cero.rs
[2013.01.10 22:32:00 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\System32\oflc.rs
[2013.01.10 22:32:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-fi.rs
[2013.01.10 22:31:18 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013.01.10 22:29:31 | 000,010,240 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\System32\drivers\FldSafe.sys
[2013.01.10 22:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FolderDefence
[2013.01.10 22:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\FolderDefence
[2013.01.10 22:27:40 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2013.01.10 22:26:56 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe
[2013.01.06 22:12:25 | 000,361,032 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2013.01.06 22:12:25 | 000,021,256 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2013.01.06 22:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.01.06 22:12:21 | 000,054,232 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2013.01.06 22:12:21 | 000,044,784 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys
[2013.01.06 22:12:19 | 000,738,504 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2013.01.06 22:12:18 | 000,058,680 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2013.01.06 22:11:24 | 000,041,224 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013.01.06 22:11:23 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2013.01.04 18:41:07 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Local\{937F9C4D-B0BB-4AF4-8C9B-3A8792EBB740}
[2013.01.04 16:16:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.01.04 16:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.12.30 00:51:14 | 000,000,000 | ---D | C] -- C:\Users\Zdendys\AppData\Local\Programs

========== Files - Modified Within 30 Days ==========

[2013.01.26 09:12:01 | 000,000,942 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.26 09:07:38 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.26 09:07:38 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.26 09:07:03 | 000,000,990 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2508874819-1690819645-4204201855-1000UA.job
[2013.01.26 09:07:00 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.01.26 09:06:46 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.25 23:28:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zdendys\Desktop\OTL.exe
[2013.01.25 23:21:42 | 000,000,938 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.25 23:21:39 | 000,000,382 | ---- | M] () -- C:\windows\tasks\FreeFileViewerUpdateChecker.job
[2013.01.25 23:21:15 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.25 21:00:11 | 000,655,368 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2013.01.25 21:00:11 | 000,631,936 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013.01.25 21:00:11 | 000,130,116 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2013.01.25 21:00:11 | 000,114,464 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013.01.25 14:13:59 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013.01.24 00:40:41 | 000,001,046 | ---- | M] () -- C:\Users\Zdendys\Desktop\eWallet.lnk
[2013.01.23 21:32:38 | 000,003,072 | ---- | M] () -- C:\Users\Zdendys\Documents\My Wallet.wlt
[2013.01.12 22:47:29 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.01.12 03:30:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013.01.12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013.01.12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013.01.11 19:53:45 | 000,001,282 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2013.01.11 18:34:19 | 000,004,309 | ---- | M] () -- C:\windows\SysCare.dat
[2013.01.11 16:33:10 | 000,001,952 | ---- | M] () -- C:\Users\Zdendys\Desktop\Samsung Kies (Lite).lnk
[2013.01.11 16:00:52 | 000,409,792 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013.01.10 22:29:31 | 000,010,240 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\System32\drivers\FldSafe.sys
[2013.01.10 22:29:21 | 000,001,029 | ---- | M] () -- C:\Users\Zdendys\Desktop\Folder Defence Free.lnk
[2013.01.09 22:35:17 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013.01.09 22:35:17 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013.01.06 22:12:25 | 000,002,115 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.06 22:12:18 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2013.01.06 21:54:02 | 000,000,968 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2508874819-1690819645-4204201855-1000Core.job
[2013.01.04 18:36:58 | 000,001,274 | ---- | M] () -- C:\Users\Zdendys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
[2013.01.01 15:56:35 | 000,000,418 | ---- | M] () -- C:\windows\tasks\Wise PC Engineer Schedule Task.job
[2012.12.30 00:52:52 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.27 23:55:42 | 000,001,324 | ---- | M] () -- C:\Users\Zdendys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk

========== Files Created - No Company Name ==========

[2013.01.24 00:40:41 | 000,001,046 | ---- | C] () -- C:\Users\Zdendys\Desktop\eWallet.lnk
[2013.01.23 21:32:38 | 000,003,072 | ---- | C] () -- C:\Users\Zdendys\Documents\My Wallet.wlt
[2013.01.11 19:53:45 | 000,001,282 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2013.01.11 19:39:45 | 000,032,256 | ---- | C] () -- C:\windows\System32\AVSredirect.dll
[2013.01.11 16:33:10 | 000,001,952 | ---- | C] () -- C:\Users\Zdendys\Desktop\Samsung Kies (Lite).lnk
[2013.01.10 22:30:02 | 000,004,309 | ---- | C] () -- C:\windows\SysCare.dat
[2013.01.10 22:29:21 | 000,001,029 | ---- | C] () -- C:\Users\Zdendys\Desktop\Folder Defence Free.lnk
[2013.01.06 22:12:25 | 000,002,115 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.12.27 23:55:42 | 000,001,324 | ---- | C] () -- C:\Users\Zdendys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012.10.29 12:09:28 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll
[2012.10.29 12:09:28 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll
[2012.10.29 12:09:28 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll
[2012.10.29 12:09:28 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll
[2012.10.29 12:09:28 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2012.10.13 21:27:30 | 000,083,445 | ---- | C] () -- C:\windows\hpqins13.dat
[2012.10.12 23:08:55 | 000,015,432 | ---- | C] () -- C:\windows\Launcher.exe
[2012.09.28 20:21:42 | 000,081,542 | ---- | C] () -- C:\Users\Zdendys\.TransferManager.db
[2012.07.24 15:06:57 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys
[2012.07.24 14:34:35 | 000,001,769 | ---- | C] () -- C:\windows\Language_trs.ini
[2012.04.06 21:47:49 | 000,000,135 | ---- | C] () -- C:\windows\AutoKMS.ini
[2012.02.07 23:08:01 | 000,004,874 | ---- | C] () -- C:\ProgramData\lsvsdncd.hix
[2012.02.07 22:34:36 | 000,032,768 | ---- | C] () -- C:\windows\System32\drivers\sp_rsdrv2.sys
[2011.12.17 14:07:28 | 000,003,584 | ---- | C] () -- C:\Users\Zdendys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.22 18:42:21 | 000,179,150 | ---- | C] () -- C:\windows\hpoins27.dat
[2011.09.22 18:42:21 | 000,000,442 | ---- | C] () -- C:\windows\hpomdl27.dat
[2011.09.09 19:05:50 | 000,005,576 | ---- | C] () -- C:\windows\Language.ini
[2011.09.09 18:59:43 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat
[2011.09.09 18:59:43 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat
[2011.08.21 21:56:24 | 000,053,299 | ---- | C] () -- C:\windows\System32\pthreadVC.dll
[2011.04.18 10:03:31 | 000,224,680 | ---- | C] () -- C:\windows\System32\AsusService.exe
[2011.04.18 10:03:31 | 000,025,616 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2011.04.18 09:58:45 | 000,011,832 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2011.04.18 09:58:44 | 000,011,456 | ---- | C] () -- C:\windows\System32\drivers\AsIO.sys
[2011.04.18 09:58:25 | 000,000,702 | ---- | C] () -- C:\windows\Reboot.ini
[2011.04.18 09:53:59 | 000,451,072 | ---- | C] () -- C:\windows\System32\ISSRemoveSP.exe
[2011.04.18 09:53:33 | 000,014,051 | ---- | C] () -- C:\windows\System32\RaCoInst.dat
[2011.02.16 18:02:15 | 000,655,368 | ---- | C] () -- C:\windows\System32\perfh005.dat
[2011.02.16 18:02:15 | 000,292,004 | ---- | C] () -- C:\windows\System32\perfi005.dat
[2011.02.16 18:02:15 | 000,130,116 | ---- | C] () -- C:\windows\System32\perfc005.dat
[2011.02.16 18:02:15 | 000,036,232 | ---- | C] () -- C:\windows\System32\perfd005.dat

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.09.10 22:30:18 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\ASUS WebStorage
[2012.09.04 20:21:20 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.12.27 22:36:53 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\com.w3i.FlipToast
[2011.04.18 10:02:08 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\E-Cam
[2012.04.15 11:34:24 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\FLAC to MP3 Converter
[2012.05.06 22:20:32 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\FreeFileViewer
[2013.01.23 21:29:54 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\Ilium Software
[2013.01.23 21:01:59 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\IsolatedStorage
[2011.09.14 23:19:41 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\PLANStudio Setup
[2011.12.18 16:19:50 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\Publish Providers
[2012.12.09 23:03:05 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\Samsung
[2012.03.09 17:42:26 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\SoftGrid Client
[2012.05.14 21:03:10 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\Softinterface, Inc
[2011.12.18 16:19:25 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\Sony
[2013.01.11 19:47:14 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\systweak
[2011.09.09 19:30:41 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\TP
[2011.10.03 20:35:56 | 000,000,000 | ---D | M] -- C:\Users\Zdendys\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >

[Zdendys75]

OTL Extras logfile created on: 26.1.2013 9:07:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdendys\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,18 Mb Total Physical Memory | 229,24 Mb Available Physical Memory | 22,60% Memory free
1,99 Gb Paging File | 0,82 Gb Available in Paging File | 41,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 41,49 Gb Free Space | 41,49% Space Free | Partition Type: NTFS
Drive D: | 117,87 Gb Total Space | 47,33 Gb Free Space | 40,15% Space Free | Partition Type: NTFS

Computer Name: ZDENDYS-PC | User Name: Zdendys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BDE5502-6B2D-4939-8961-348E83518C4A}" = rport=139 | protocol=6 | dir=out | app=system |
"{1BD8BF28-57F1-4A72-B6A6-608AC3DF03C7}" = rport=137 | protocol=17 | dir=out | app=system |
"{27A525EE-15D3-4126-A8DC-286EEC367EF6}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{37185AA9-AB0E-4ECB-A7E6-54E3DF4433ED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{384026DE-11EE-4CEB-89A4-463294BC0765}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{3FBDAC9D-5DBC-4B80-A475-5B5A5C2B6679}" = lport=139 | protocol=6 | dir=in | app=system |
"{4083A45A-1C1D-4762-8C40-F7A953B9A140}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46ED0010-3485-4111-B78A-99EB98FEA16D}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{55E412EC-8D7F-4434-8447-F9DFD8630D18}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5ABCE106-6635-482C-85F6-4919A24CC648}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5C29D3E0-B5B7-40BE-B880-3D562661F60D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6786507E-6EF2-4EFF-9452-EB7340544681}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{70AE8531-9526-46D3-B1E4-9274A2A6561D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7423A5DD-31FA-4102-8E83-48977E14A144}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{761B8153-0AD2-4748-98E2-ECB77F218DF8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{77585223-DC13-4EA0-90ED-4CB4278E3CB6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7F9760AA-B2C5-4E20-B448-CBA0850AE72C}" = lport=138 | protocol=17 | dir=in | app=system |
"{8913CF91-5285-4E58-AAFC-8964945F4837}" = rport=445 | protocol=6 | dir=out | app=system |
"{930B4629-9847-4CC6-8EBF-A6FFA1B92593}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{932AF277-9306-46ED-9EE5-9EB4B41161F2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{93AA4B4A-B31A-4D86-89E7-B9EB199D9704}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9D0F97FE-799D-4AE6-B72A-C70A3C2D206F}" = rport=138 | protocol=17 | dir=out | app=system |
"{9EFE59E2-54AB-4FB2-AF6E-9E3A5AF6C59C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A3CF14A0-F8CD-4701-AA83-2B1E2A594DFC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BEB8911B-A707-4D65-ADA3-77717B3FF173}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C3038161-860F-42C4-949E-981A0EB846A9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9625E37-C6F4-4CAA-AF18-0DBD67E5BF12}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E49316E8-B6CB-49D3-8CCF-B817770B761E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E59A6C58-C0B0-4BF8-9356-F58E702681BF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F0CD3EDF-B216-48A0-BCC1-5CA9001ABEC2}" = lport=445 | protocol=6 | dir=in | app=system |
"{F45CC518-8471-4B90-B3EB-7173FA7012A5}" = lport=137 | protocol=17 | dir=in | app=system |
"{FFDBF93B-9896-4B2A-9D0D-8925536C9D26}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004944DA-8F09-4EF3-9CC1-368CE72FED7A}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{00933D6E-E715-4159-8736-F50CC7F518E0}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{01CA1F33-C587-4767-AA86-C78A274DA8DC}" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hlds.exe |
"{025A8B0E-008E-42B7-8065-C973A3922C94}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{02F3C27D-11AB-405C-8CF9-CF187A4FE699}" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{0342DD3C-525D-4CD9-A4BB-774D64DE41C3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{035B2AA4-2F8B-48AC-992A-67230ED42FD3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{035F3DDC-B04A-4637-949C-A700B94F39AD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{03B2F8CA-E5F0-42DA-93AB-3545BA6C58AA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{09158C76-3442-47A7-B59F-5D0C785F215A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{093266C8-E511-4154-BFF2-B2A8628111EE}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0970FB8E-AE3D-4EC2-8AC7-0407A33BA4C7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0A2572BC-6216-4C86-8E79-7F2391192AB9}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0D1FCF9D-C32E-43DA-BA11-73E86E694381}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{137D9A03-A4A2-48FB-B007-4F362D01343F}" = protocol=17 | dir=in | app=c:\program files\folderdefence\folderdefence.exe |
"{19E6EF9B-1D29-494A-B416-9091D5BEBBB5}" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"{1DEF84F1-ED71-4CA5-A490-66FED98716C0}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{28C3FA04-107C-4569-933B-F2E7A8A19259}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2BB768E0-0E2B-45DA-8F5E-1ED42A7FF871}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{2BD1F99E-BA57-4B61-B241-B953206E8144}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2D426595-E2E8-47A1-97C7-2EFF85C32B9A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{2DE4D9AC-53B1-4C7C-B224-49C845F42EA2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F586EA4-4BF3-45DF-A00C-FB72F92A862A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{2FCB34BF-81F7-4A55-B9D2-283D573C8D39}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{3795B1B4-DBF0-4354-8E71-3E04BA752AD8}" = dir=in | app=c:\program files\freefileviewer\ffvcheckforupdates.exe |
"{3BDA0C77-4352-434D-B55B-498BC97CEAE7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3C6F60CF-864F-4C75-8753-267D218D542E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3E3463B8-BE94-4CE8-BA82-7627DB1A0078}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{45953354-EF94-4889-BFA3-630C0A91FFFC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{45D8CB33-E5A9-4D2E-9442-1E227935648D}" = protocol=17 | dir=in | app=c:\program files\folderdefence\folderdefence.exe |
"{49A54428-B468-4BC0-B867-BC2A7FEE548E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4D392EBC-1A15-4211-A188-E5F9BC6E0F76}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{52F6BFA1-146B-4C3E-94AE-03BD81C0B671}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53C88A4F-1742-4929-BF0D-E1C6D6A868BD}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{54E1A3B6-07C7-4022-828A-61468E8E97AC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{5856AA35-E847-4DAA-AADE-893C7775F68C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5BB599BB-7EB3-4909-9316-FE4E4A03D164}" = protocol=6 | dir=out | app=system |
"{5CCEA09F-12E5-4615-B0DE-EB0FC5A24381}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5E73CDA8-9416-40AF-802B-B0C9BF3AC82E}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{6824D7A7-40ED-4EA1-8859-2DF0BC315B2A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{689526E8-E6BA-4753-B212-5F4D5461A388}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6D23D773-F3BC-4867-9B73-3D456C43DBBB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F55DBE8-8C1A-4373-B81B-D66E91698AD8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{70FD260E-A80C-4E08-8096-85BCA659C803}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{74DF1BD9-6CBE-4AB0-BB27-302DB212780C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{7885E133-02B3-4EDA-B916-7E3A487E3453}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7ECDAC4F-C579-4440-A702-A2AAD0A82785}" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"{7F8866DE-CDF4-4E76-BB32-E84162199754}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{7FD8E815-C446-48C1-A849-6158F4983D91}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{84E463B1-DE0A-40C0-8853-031F73BD92A4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{860791FE-3879-416A-B410-681B02CCBF1A}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{8DE88C6B-CC5C-46DC-A674-B326E446F8E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90F19DA1-A6CF-43E7-8EAB-7A30C12D798A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{926CDA42-7B89-45AF-A141-B7E96F26AB2E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{94F0BC12-B38B-424C-A79E-E0DE97AB0CE1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{96C68AD9-E4F8-477F-8238-BFBBC2C669D5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{97709DE4-0EAA-4D48-9D00-8C02ADD1895C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97808BD0-B8DF-4FA3-94EE-BA50A5C1B457}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{9D68F75F-798C-47C9-ACD2-109B25937CE8}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{9E0134F1-4A81-4339-AA08-377ABC84B96A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9EC33CE8-38C5-440C-AD79-6FD97F6F67CB}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{A0462F87-5093-4D97-B125-D345365FEDEF}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A2225556-80E5-4767-AC70-AD4BBC5AD48F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A65D58DE-0365-4586-99F6-1A349C467F40}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A7A2AA29-AB3A-4024-8882-920740CCB010}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AC7CB1F4-4A66-48EE-8C1F-0E9401CD1875}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AFF5A13C-0992-4C17-83DC-E115E850A55F}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{B1314378-839B-4135-94B1-3D8978027E6C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B22BE5D7-95A3-4C6C-BD1C-802677C0431A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B6DE5224-F8B5-4D19-9596-97DACF375595}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B8B1030A-4376-47F5-8466-6C654D154022}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B978D7CB-1E9C-4BE9-9635-CFB53A5E07CC}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BA76911D-74B0-4126-9FD9-D65E1D50C39A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{C3E5ED9D-EDC6-42E1-8F07-99A765EE760D}" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hlds.exe |
"{C653D117-4A77-4541-8E40-239AB3F33228}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB1E6636-A045-4273-A659-60B44B1B571A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CDB36D95-04A9-41D6-8499-DA929D5F2727}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{CE2BCC23-C82F-415E-9B4D-FEB77C4AE10F}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{CFFB3519-1D02-477C-A58B-1F75B9C946BC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{D36E3895-CD35-45C8-BBA0-B4AE9C39728E}" = protocol=6 | dir=in | app=c:\program files\valve\hlds.exe |
"{D3F45A0C-FF31-4193-8325-CF214C488F69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{D4033E49-326A-40E1-9210-8C346BFCC42E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D572F547-8D60-4E81-8BD3-FD865F32E5C0}" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{D5A05437-A746-42D9-AC01-29D77C06AC8A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{DB22650B-8FE8-4E20-A3AD-7345EE483074}" = protocol=6 | dir=in | app=c:\program files\folderdefence\folderdefence.exe |
"{DF21BF36-B657-4709-BFC5-3CAF6F054888}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E08EDAAA-F52D-47BC-996E-80AEF42A4621}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E50CBB3F-495E-4C62-8C4B-D3F9ED1D5EFA}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{F1E75A2A-0B8E-47D0-8250-842B1579E3E5}" = protocol=17 | dir=in | app=c:\program files\valve\hlds.exe |
"{F4FBB734-E6F7-4BCE-9215-634C00E92136}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F52A9A01-C80A-4CA5-BCB0-F7E17536FE53}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F6B93691-4D1A-4080-B63A-52C793C47F5B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F87FD125-80F9-4D0B-BDD9-A14B31FF5341}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{FD80FF7A-EFCF-48F3-8075-7496C6ADD673}" = protocol=6 | dir=in | app=c:\program files\folderdefence\folderdefence.exe |
"TCP Query User{08BDDCF1-FEF3-4190-A7E9-307765A989FD}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{1120BD4C-AD8C-4302-A6B1-CFCE657CB54E}C:\program files\valve\hlds.exe" = protocol=6 | dir=in | app=c:\program files\valve\hlds.exe |
"TCP Query User{6898A11D-0024-4DC1-95C9-BF4B5B801D08}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{73D50111-8EAB-4C1B-8F21-4FAE0B3BE348}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{77ABAC85-5C68-4BF3-BF5E-39179E8E99B8}C:\program files\counter-strike 1.6\hlds.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hlds.exe |
"TCP Query User{8845A93F-C776-4ED3-98E1-EFD2DF3F090D}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"TCP Query User{96E32B51-FDA0-4264-8E99-D23059263F95}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{B5B914CB-4C3A-475E-8D44-4154D4CB3E44}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{BF3EA837-7720-45A8-8DB0-6CEDD6269BC9}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{13E50801-9407-4758-BA47-AA07187B5269}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{277EF13D-1467-43AF-9CDB-DE0E4F113A4C}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5069DADD-B29E-4525-9486-EEC1E45CD685}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{5BB8906D-AEF0-4CCF-B659-15EC0F5C7E2F}C:\program files\counter-strike 1.6\hlds.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hlds.exe |
"UDP Query User{85028681-769E-4858-8924-F3B85681FC1C}C:\program files\valve\hlds.exe" = protocol=17 | dir=in | app=c:\program files\valve\hlds.exe |
"UDP Query User{8D65633F-3685-4380-A710-03C599FDC96A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{928694B8-B7C9-4A86-8B96-D5DE22C44683}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{A195E0A6-F521-4B46-B2FA-72629FC76F1A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{BD29BD87-C17F-471B-B3E7-F2753F1ADD64}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{12001D97-ED15-4D04-B4A6-32D16A71844C}" = Adobe Photoshop Lightroom 2.6.1
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{185AFA7A-F63E-450B-94AA-011CAC18090E}" = E-Cam
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{201B5096-AF6E-423E-B987-023E040D9B42}" = Windows Live Remote Service Resources
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{25BD99C3-F0C8-436F-AC2F-4F1B00A518AC}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28A25E3A-2855-4A39-B72B-50BF80FB86C5}" = Windows Live Family Safety
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BB0BDFF-E193-42A0-90BE-2D59441E51D2}" = F2200
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3690900F-85EA-447F-BAD1-5CA25AA9B627}" = HP Deskjet F2200 All-In-One Driver Software 13.0 Rel. 3
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41E4FA4B-9376-4C32-AA46-65FCC0087CD5}" = Windows Live Remote Service Resources
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B5092B6-F231-4D18-83BC-2618B729CA45}" = CapsHook
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6905AAF7-2EEA-4BC0-A429-9A6FB75D57BF}" = Windows Live Family Safety
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zařízení Windows Mobile
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96E2E493-C484-43E3-9B95-D62EE7D40D3A}" = Toolbar 4.7 by SweetPacks
"{9722FEED-6540-42A3-851F-E9BDEAD05633}" = Windows Live Family Safety
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9BA2A8C7-BFFD-4125-9377-C191C3FF174F}" = AxCrypt 1.7.2867.0
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A4C16B19-10AA-4990-AA87-D14F653E3345}" = Windows Live Remote Client Resources
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Czech
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE38545B-08F7-4f80-95AE-752B99BF159C}" = IPWireless Drivers
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C222566F-1C50-4ECD-A01E-77F9C4B95458}" = DJ_AIO_03_F2200_Software_Min
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C30628D8-D3A0-4F23-90F0-F145808087B6}" = Windows Live Remote Client Resources
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D44AA979-47C2-4BC0-A860-09A54224EA44}_is1" = Game Park Console
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D802DD00-16A8-4A58-AFC9-020C2380ECDA}" = EeeSplendid
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEDF8BAB-98D7-4CFA-9C42-27431EC4BD1F}" = Windows Live Remote Service Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1629C45-9CEF-498E-83CD-D6A09CADA176}" = Windows Live Remote Client Resources
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7044E25-3038-4A76-9064-344AC038043E}" = Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"avast" = avast! Free Antivirus
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"CCleaner" = CCleaner
"Eee Docking_is1" = Eee Docking 3.8.3
"Elantech" = ETDWare PS/2-x86 7.0.5.13_WHQL
"Folder Defence Free_is1" = Folder Defence 1.0.0.17
"FreeFileViewer_is1" = Free File Viewer 2011
"Freemake Video Converter_is1" = Freemake Video Converter verze 3.2.1
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Ilium Software eWallet_is1" = eWallet 7.1
"InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IP Camera Viewer_is1" = IP Camera Viewer 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PokerStars" = PokerStars
"Shop for HP Supplies" = Shop for HP Supplies
"Skype™ for Windows Mobile_is1" = Skype™ for Windows Mobile 3.0
"VLC media player" = VideoLAN VLC media player 0.8.6h
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR
"Wise PC Engineer_is1" = Wise PC Engineer 6.3.9

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.10.2012 6:40:30 | Computer Name = Zdendys-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 10.10.2012 6:40:30 | Computer Name = Zdendys-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 10.10.2012 6:40:30 | Computer Name = Zdendys-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 10.10.2012 6:40:36 | Computer Name = Zdendys-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 10.10.2012 6:40:36 | Computer Name = Zdendys-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 10.10.2012 6:40:36 | Computer Name = Zdendys-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 10.10.2012 6:40:36 | Computer Name = Zdendys-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 11.10.2012 16:12:23 | Computer Name = Zdendys-PC | Source = Google Update | ID = 20
Description =

Error - 26.10.2012 10:33:40 | Computer Name = Zdendys-PC | Source = Google Update | ID = 20
Description =

Error - 12.11.2012 11:12:11 | Computer Name = Zdendys-PC | Source = Google Update | ID = 20
Description =

Error - 21.11.2012 10:34:55 | Computer Name = Zdendys-PC | Source = IAStorDataMgrSvc | ID = 0
Description = Službu nelze spustit. Proces služby se nemohl připojit k síťovému
řadiči

[ System Events ]
Error - 25.1.2013 8:57:07 | Computer Name = Zdendys-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 25.1.2013 9:10:58 | Computer Name = Zdendys-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 25.1.2013 9:11:11 | Computer Name = Zdendys-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 25.1.2013 9:12:05 | Computer Name = Zdendys-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (14:11:01, ?25.?1.?2013) bylo neočekávané.

Error - 25.1.2013 9:13:32 | Computer Name = Zdendys-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 25.1.2013 12:01:55 | Computer Name = Zdendys-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 25.1.2013 18:21:54 | Computer Name = Zdendys-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 25.1.2013 18:22:44 | Computer Name = Zdendys-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 25.1.2013 18:22:44 | Computer Name = Zdendys-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 26.1.2013 0:33:39 | Computer Name = Zdendys-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby PlugPlay bylo dosaženo časového
limitu (30000 ms).


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (btwrchid) -- C:\windows\system32\drivers\btwrchid.sys File not found
DRV - (btwl2cap) -- system32\DRIVERS\btwl2cap.sys File not found
DRV - (btwavdt) -- C:\windows\system32\drivers\btwavdt.sys File not found
DRV - (btwaudio) -- system32\drivers\btwaudio.sys File not found
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si= ... tid=592&q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2013.01.25 21:00:11 | 000,655,368 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2013.01.25 21:00:11 | 000,631,936 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013.01.25 21:00:11 | 000,130,116 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2013.01.25 21:00:11 | 000,114,464 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011.02.16 18:02:15 | 000,655,368 | ---- | C] () -- C:\windows\System32\perfh005.dat
[2011.02.16 18:02:15 | 000,292,004 | ---- | C] () -- C:\windows\System32\perfi005.dat
[2011.02.16 18:02:15 | 000,130,116 | ---- | C] () -- C:\windows\System32\perfc005.dat
[2011.02.16 18:02:15 | 000,036,232 | ---- | C] () -- C:\windows\System32\perfd005.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Users\Zdendys\AppData\Local\{44F6D920-36F1-40E2-9E08-7FD4A8A64091}
C:\Users\Zdendys\AppData\Local\_
C:\Users\Zdendys\AppData\Local\{BF0911A4-D3C7-4B51-A648-97BEFDC65E7C}
C:\Users\Zdendys\AppData\Local\{937F9C4D-B0BB-4AF4-8C9B-3A8792EBB740}
C:\windows\System32\cis-2.4.dll
C:\windows\System32\issacapi_bs-2.3.dll
C:\windows\System32\issacapi_pe-2.3.dll
C:\windows\System32\issacapi_se-2.3.dll
C:\windows\AutoKMS.ini
C:\ProgramData\lsvsdncd.hix
C:\windows\System32\drivers\sp_rsdrv2.sys
C:\Users\Zdendys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

[Zdendys75]

All processes killed
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si= ... tid=592&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present> in the current context!
Error: Unable to interpret <O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <[2013.01.25 21:00:11 | 000,655,368 | ---- | M] () -- C:\windows\System32\perfh005.dat> in the current context!
Error: Unable to interpret <[2013.01.25 21:00:11 | 000,631,936 | ---- | M] () -- C:\windows\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2013.01.25 21:00:11 | 000,130,116 | ---- | M] () -- C:\windows\System32\perfc005.dat> in the current context!
Error: Unable to interpret <[2013.01.25 21:00:11 | 000,114,464 | ---- | M] () -- C:\windows\System32\perfc009.dat> in the current context!
Error: Unable to interpret <[2011.02.16 18:02:15 | 000,655,368 | ---- | C] () -- C:\windows\System32\perfh005.dat> in the current context!
Error: Unable to interpret <[2011.02.16 18:02:15 | 000,292,004 | ---- | C] () -- C:\windows\System32\perfi005.dat> in the current context!
Error: Unable to interpret <[2011.02.16 18:02:15 | 000,130,116 | ---- | C] () -- C:\windows\System32\perfc005.dat> in the current context!
Error: Unable to interpret <[2011.02.16 18:02:15 | 000,036,232 | ---- | C] () -- C:\windows\System32\perfd005.dat> in the current context!
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2508874819-1690819645-4204201855-1000Core.job moved successfully.
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2508874819-1690819645-4204201855-1000UA.job moved successfully.
c:\windows\Tasks\FreeFileViewerUpdateChecker.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\Wise PC Engineer Schedule Task.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Users\Zdendys\AppData\Local\{44F6D920-36F1-40E2-9E08-7FD4A8A64091} folder moved successfully.
C:\Users\Zdendys\AppData\Local\_\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.5.0.0 folder moved successfully.
C:\Users\Zdendys\AppData\Local\_\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm folder moved successfully.
C:\Users\Zdendys\AppData\Local\_ folder moved successfully.
C:\Users\Zdendys\AppData\Local\{BF0911A4-D3C7-4B51-A648-97BEFDC65E7C} folder moved successfully.
C:\Users\Zdendys\AppData\Local\{937F9C4D-B0BB-4AF4-8C9B-3A8792EBB740} folder moved successfully.
C:\windows\System32\cis-2.4.dll moved successfully.
C:\windows\System32\issacapi_bs-2.3.dll moved successfully.
C:\windows\System32\issacapi_pe-2.3.dll moved successfully.
C:\windows\System32\issacapi_se-2.3.dll moved successfully.
C:\windows\AutoKMS.ini moved successfully.
C:\ProgramData\lsvsdncd.hix moved successfully.
C:\windows\System32\drivers\sp_rsdrv2.sys moved successfully.
C:\Users\Zdendys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Zdendys
->Temp folder emptied: 227763 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 139199974 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 182368 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 133,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01272013_105002

Files\Folders moved on Reboot...
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\windows\temp\HS.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[jaro3]

Spusť OTL a klikni na Vyčisti.

Jak to vypadá?

[Zdendys75]

Musím říct, že je to podstatně svižnější. Ještě dotaz. Dnes se mi nabídla instalace javy (upgrade). Nejsem si jist, jestli to je ta java, cos mi doporučil víše, nebo jestli se zas chce instalovat nějaká jiná. Mám to vždy potvrdit?

[jaro3]

Můžeš , pokud je od firmy Oracle.

[Zdendys75]

Jo to je. Takže pěkně děkuji za IT podporu a Klikám na vyřešeno.