Prosím o kontrolu, pomalý start PC, mrznutí PC

Makrela · Příspěvekod **Makrela** » 16 srp 2012 21:01

Udělal jsem všechno co si napsal, ale furt při startu kompu trvá cca 5 minut než se indetifikuje internet (u těch čárek signálu wifi tam je modrý kolečko) - až se to identifikuje tak mi najedou gadgety a múžu pracovat ... :(
*edit - a zapomněl jsem : že když u toho signalu wifi je to modrý kolečko tak se neotáčí dokola jak by mělo.

Reklama

Příspěvekod **jaro3** » 16 srp 2012 23:04

To vypadá možná na disk nebo RAM.

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

Je třeba zkontrolovat HDD na chyby , zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Makrela · Příspěvekod **Makrela** » 19 srp 2012 11:14

Ramky jsem zkontroloval, žádná chyba , tady ten log z CrystalDiskInfo:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/08/19 11:13:25

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ AMD SATA Controller [ATA]
- WDC WD50 00BEVT-22A0RT0 SATA Disk Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BEVT-22A0RT0 : 500,1 GB [0/2/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000BEVT-22A0RT0
----------------------------------------------------------------------------
Model : WDC WD5000BEVT-22A0RT0
Firmware : 01.01A01
Serial Number : WD-WX91A51Y1299
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 1167 hod.
Power On Count : 1527 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 186 181 _21 00000000069B Čas na roztočení ploten
04 _98 _98 __0 000000000A9B Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _99 _99 __0 00000000048F Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000005F7 Počet cyklů zapnutí zařízení
BF __1 __1 __0 00000000079A Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000018 Počet vypnutí disku
C1 186 186 __0 00000000AEA0 Počet cyklů načítání/vymazání
C2 112 100 __0 000000000023 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4135 4135 3159 3132 3939
020: 0000 4000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3530 3030 4245 5654 2D32 3052 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F06 1F06 0000 004C 0044
080: 01FE 0000 746B 7F09 6163 BC09 BC09 6163 407F 0044
090: 0044 0060 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE6
110: 0152 A1B9 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 7037 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DDA5

Příspěvekod **jaro3** » 19 srp 2012 12:33

Stáhni si RogueKiller
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Až se objeví úvodní okno programu , klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“, celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Makrela · Příspěvekod **Makrela** » 19 srp 2012 21:06

Log toho roguekilleru :)

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v: Normální režim
Uživatel: Pastorkov [Práva správce]
Mód: Kontrola -- Datum: 08/19/2012 21:05:10

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD50 00BEVT-22A0RT0 SATA Disk Device +++++
--- User ---
[MBR] 88b740928ce739bc509f8cf3f665710b
[BSP] 1a67ba66c4e1306b5c0aecb0e2309eed : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 11765 Mo
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 24096768 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 24301568 | Size: 279040 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 595775846 | Size: 186032 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

Příspěvekod **jaro3** » 19 srp 2012 22:40

ESET OnlineScan

Poznámka:
Je doporučeno mít během skenu vypnutý antivirový a antispywarový program .Zároveň se doporučuje mít zavřeny všechny ostatní okna , programy a nesurfovat po netu. Po skončení skenu si nezapomeň zase ochrany antiviru a antispywaru zapnout.Je doporučeno použít pro kontrolu prohlížeč Internet Explorer , jinak je nutno nainstalovat ESET Smart Installer a po skončení skenu vše zase řádně odinstalovat.

1. Klikni na ESET OnlineScan
2. Klikni na tlačítko Run ESET Online Scanner
3. Jen pro jiné prohlížeče než je Internet Explorer ( Ti , co mají spuštěn IE mohou toto přeskočit)
3.1. Klikni na esetsmartinstaller_enu.exe ke stáhnutí ESET Smart Installeru , ulož si soubor na svojí plochu.
3.2. Poklepej na ploše na ikonu esetsmartinstaller_enu

4. Dej zatržítko do čtverečku YES , I accept the Terms of Use. ( k potvrzení podmínek užití)
5. Klikni na tlačítko Start
6. Akceptuj další bezpečnostní varování ze svého prohlížeče. Nainstaluj si ovl.prvek ActiveX
7. Dej zatržítko do čtverečku Scan archives
8. Ujisti se , že volba "Remove found threats" je nezaškrtnuta
9. Když se objeví display nastavení skenu počítače , klikni na Advanced settings , a dej zatržítko na :
Enable Anti-Stealth technology (pokud není již zatržena)
10. Klikni na tlačítko Start
11. ESET si pak stáhne svojí aktualizaci , nainstaluje jí a poté začne skenovat Tvůj počítač
12. Když bude sken hotov , klikni na šipku List of found threads
13. Klikni na tlačítko Export to text file , a soubor si ulož pod nějakým jménem na svojí plochu
14. Klikni na tlačítko Back
15. Klikni na tlačítko Finish

Celý obsah textového souboru , který sis uložil na plochu sem prosím vlož.

Makrela · Příspěvekod **Makrela** » 20 srp 2012 20:53

tak z toho online scanneru:

log:
C:\Windows\AutoKMS.exe Win32/HackKMS.A application
D:\Downloads\Tom.Clancys.Splinter.Cell.Conviction-SKIDROW\sr-tcscc.iso a variant of Win32/Packed.VMProtect.AAA trojan
D:\Games\Counter-Strike Source\Uninstall.exe probably a variant of Win32/TrojanDropper.MultiDropper.CLASOF trojan
D:\Games\Splinter Cell Conviction\src\system\ubiorbitapi_r2.dll a variant of Win32/Packed.VMProtect.AAA trojan

Příspěvekod **jaro3** » 21 srp 2012 00:48

Vše smaž!

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Makrela · Příspěvekod **Makrela** » 22 srp 2012 15:13

Logy:

OTL.txt:

OTL logfile created on: 8/22/2012 2:45:58 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Pastorkov\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.48 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 62.67% Memory free
6.96 Gb Paging File | 5.34 Gb Available in Paging File | 76.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 272.50 Gb Total Space | 211.02 Gb Free Space | 77.44% Space Free | Partition Type: NTFS
Drive D: | 181.67 Gb Total Space | 35.26 Gb Free Space | 19.41% Space Free | Partition Type: NTFS

Computer Name: PASTORKOV-MSI | User Name: Pastorkov | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Pastorkov\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\S-Bar\MSIService.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe (Micro-Star Int'l Co., Ltd.)
PRC - C:\Program Files (x86)\Mobbcore bControl_1_0_809\bControlAgent.exe ()
PRC - C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe (msi)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files (x86)\Mobbcore bControl_1_0_809\bControlAgent.exe ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ABBYY.Licensing.FineReader.Corporate.11.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe (ABBYY)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMwareHostd) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe ()
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (Micro Star SCM) -- C:\Program Files (x86)\S-Bar\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (MSI Foundation Service) -- C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe (MSI)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (OberonGameConsoleService) -- C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe ()
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)

========== Driver Services (SafeList) ==========

DRV:64bit: - (MGHwCtrl) -- C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys File not found
DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (fspad_xp64) -- C:\Windows\SysNative\drivers\fspad_xp64.sys (Sentelic Corporation)
DRV:64bit: - (fspad_win764) -- C:\Windows\SysNative\drivers\fspad_win764.sys (Sentelic Corporation)
DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {62D8AA6A-7670-40A2-A89D-177DF4B29B1A}
IE:64bit: - HKLM\..\SearchScopes\{62D8AA6A-7670-40A2-A89D-177DF4B29B1A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {62D8AA6A-7670-40A2-A89D-177DF4B29B1A}
IE - HKLM\..\SearchScopes\{62D8AA6A-7670-40A2-A89D-177DF4B29B1A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {62D8AA6A-7670-40A2-A89D-177DF4B29B1A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pastorkov\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pastorkov\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/05 13:39:18 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://google.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://google.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pastorkov\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pastorkov\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pastorkov\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pastorkov\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Pastorkov\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\Pastorkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\Pastorkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Pastorkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail Offline = C:\Users\Pastorkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: avast! WebRep = C:\Users\Pastorkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Pocket Legends = C:\Users\Pastorkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdbcnfpodnaefldpdohoibdajcfabp\1.7.5.3_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Pastorkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Pastorkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/15 15:00:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AutoKMS] C:\windows\AutoKMS.exe File not found
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BControl_1_0_809] C:\Program Files (x86)\Mobbcore bControl_1_0_809\BControlAgent.exe ()
O4 - HKLM..\Run: [Bonus.SSR.FR11] C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe (ABBYY.)
O4 - HKLM..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe (Micro-Star Int'l Co., Ltd.)
O4 - HKLM..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe (msi)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 10.69.100.99
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D77C751-F284-4A40-A0FD-A93C6BA35768}: DhcpNameServer = 192.168.1.1 10.69.100.99
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{369FA7A3-2743-42BA-A7E3-10B7107795A1}: DhcpNameServer = 81.30.225.2 213.195.222.2
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/22 14:38:04 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Pastorkov\Desktop\OTL.exe
[2012/08/20 12:28:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/08/19 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\Pastorkov\Desktop\RK_Quarantine
[2012/08/17 22:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2012/08/17 22:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2012/08/17 17:47:33 | 000,000,000 | ---D | C] -- C:\Users\Pastorkov\Desktop\babi
[2012/08/16 23:50:04 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/08/16 23:50:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/08/16 23:50:02 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/08/16 23:50:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/08/16 23:49:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/08/16 23:49:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/08/16 23:49:58 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/08/16 23:49:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/08/16 23:49:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/08/16 23:49:55 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/08/16 23:49:55 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/08/16 23:49:51 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/08/16 23:49:50 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/08/16 20:25:12 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll
[2012/08/16 20:25:12 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2012/08/16 20:25:12 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2012/08/16 20:25:12 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2012/08/16 20:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/08/16 19:54:28 | 000,000,000 | ---D | C] -- C:\Users\Pastorkov\Desktop\zalohareg
[2012/08/16 19:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/08/16 19:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/08/16 19:25:07 | 003,907,920 | ---- | C] (Piriform Ltd) -- C:\Users\Pastorkov\Desktop\ccsetup321.exe
[2012/08/16 19:23:37 | 000,000,000 | ---D | C] -- C:\Users\Pastorkov\Desktop\backups
[2012/08/16 13:03:23 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/08/16 13:03:19 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/08/16 13:03:18 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/08/16 13:03:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/08/16 13:03:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/08/16 13:03:16 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/08/16 13:03:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/08/16 13:03:12 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/08/15 15:33:39 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Pastorkov\Desktop\aswMBR.exe
[2012/08/15 15:00:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/13 12:46:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/08/13 12:46:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/08/13 12:46:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/08/13 12:46:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/13 12:45:31 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/08/13 12:12:13 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Pastorkov\Desktop\TDSSKiller.exe
[2012/08/12 21:51:49 | 000,000,000 | ---D | C] -- C:\Users\Pastorkov\AppData\Roaming\Malwarebytes
[2012/08/12 21:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/12 21:50:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/12 21:50:48 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/08/12 21:50:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/12 11:56:42 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Pastorkov\Desktop\HJT.exe
[2012/07/24 12:30:40 | 002,770,944 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\SysNative\athrx.sys
[2012/07/24 12:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/22 14:37:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Pastorkov\Desktop\OTL.exe
[2012/08/22 14:34:00 | 000,000,978 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001UA.job
[2012/08/22 13:59:14 | 000,024,432 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/22 13:59:14 | 000,024,432 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/22 13:47:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/22 13:47:19 | 2803,318,784 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/22 13:44:21 | 000,007,595 | ---- | M] () -- C:\Users\Pastorkov\AppData\Local\Resmon.ResmonCfg
[2012/08/22 13:43:22 | 000,002,441 | ---- | M] () -- C:\Users\Pastorkov\Desktop\Google Chrome.lnk
[2012/08/21 23:34:00 | 000,000,926 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001Core.job
[2012/08/20 23:28:44 | 000,000,132 | ---- | M] () -- C:\Users\Pastorkov\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012/08/19 21:02:34 | 001,558,528 | ---- | M] () -- C:\Users\Pastorkov\Desktop\RogueKiller.exe
[2012/08/18 22:55:00 | 002,261,518 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/18 22:55:00 | 000,634,864 | ---- | M] () -- C:\windows\SysNative\perfh00E.dat
[2012/08/18 22:55:00 | 000,633,976 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2012/08/18 22:55:00 | 000,618,692 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/18 22:55:00 | 000,149,520 | ---- | M] () -- C:\windows\SysNative\perfc00E.dat
[2012/08/18 22:55:00 | 000,123,124 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2012/08/18 22:55:00 | 000,107,598 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/08/17 22:37:13 | 000,001,950 | ---- | M] () -- C:\Users\Pastorkov\Desktop\CrystalDiskInfo.lnk
[2012/08/17 18:02:58 | 000,013,507 | ---- | M] () -- C:\Users\Pastorkov\Desktop\MemTest.zip
[2012/08/17 17:37:28 | 005,014,120 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/16 20:24:49 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2012/08/16 20:24:48 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2012/08/16 20:24:48 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2012/08/16 20:24:44 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll
[2012/08/16 19:26:44 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/16 19:25:45 | 003,907,920 | ---- | M] (Piriform Ltd) -- C:\Users\Pastorkov\Desktop\ccsetup321.exe
[2012/08/16 01:03:32 | 000,000,132 | ---- | M] () -- C:\Users\Pastorkov\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2012/08/15 15:34:16 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Pastorkov\Desktop\aswMBR.exe
[2012/08/15 15:00:29 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/08/15 00:30:44 | 000,062,777 | ---- | M] () -- C:\Users\Pastorkov\Desktop\s_travou.png
[2012/08/15 00:30:31 | 000,024,214 | ---- | M] () -- C:\Users\Pastorkov\Desktop\bez_travy.png
[2012/08/13 12:11:41 | 002,117,108 | ---- | M] () -- C:\Users\Pastorkov\Desktop\tdsskiller.zip
[2012/08/12 21:51:04 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/12 20:43:46 | 000,000,698 | ---- | M] () -- C:\Users\Pastorkov\Desktop\Revo Uninstaller.lnk
[2012/08/12 11:56:24 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Pastorkov\Desktop\HJT.exe
[2012/08/10 15:38:58 | 000,057,954 | ---- | M] () -- C:\Users\Pastorkov\Desktop\express-css-table-design.zip
[2012/08/07 16:40:06 | 022,453,277 | ---- | M] () -- C:\Users\Pastorkov\Desktop\20120807_183623.mp4
[2012/08/07 12:43:16 | 004,715,977 | ---- | M] () -- C:\Users\Pastorkov\Desktop\Cathedral Sterlain.rar
[2012/08/06 22:04:22 | 001,100,646 | ---- | M] () -- C:\Users\Pastorkov\26072012062.jpg
[2012/08/06 22:04:21 | 001,087,573 | ---- | M] () -- C:\Users\Pastorkov\26072012064.jpg
[2012/08/06 20:47:50 | 000,178,367 | ---- | M] () -- C:\Users\Pastorkov\Desktop\ico-Captain-America-Live-Wallpaper.png
[2012/08/06 14:06:48 | 000,080,096 | ---- | M] () -- C:\Users\Pastorkov\Desktop\alone.jpg
[2012/08/06 13:57:32 | 000,035,323 | ---- | M] () -- C:\Users\Pastorkov\Desktop\ss.jpg
[2012/08/06 11:36:28 | 000,044,702 | ---- | M] () -- C:\Users\Pastorkov\Desktop\ManioSoft chat - Login2.png
[2012/08/05 23:19:42 | 000,000,411 | ---- | M] () -- C:\Users\Pastorkov\Desktop\control_right.png
[2012/08/05 20:17:35 | 006,296,130 | ---- | M] () -- C:\Users\Pastorkov\Desktop\my chat.bmp
[2012/08/05 20:15:49 | 000,078,787 | ---- | M] () -- C:\Users\Pastorkov\Desktop\ManioSoft chat - Login.png
[2012/07/26 14:30:25 | 000,338,329 | ---- | M] () -- C:\Users\Pastorkov\Desktop\OperaMini7.7z
[2012/07/25 15:08:21 | 000,335,585 | ---- | M] () -- C:\Users\Pastorkov\Desktop\OperaMini.jar
[2012/07/24 23:33:27 | 000,000,522 | ---- | M] () -- C:\Users\Pastorkov\Desktop\toolbar_find.png
[2012/07/24 13:22:36 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Pastorkov\Desktop\TDSSKiller.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

Makrela · Příspěvekod **Makrela** » 22 srp 2012 15:15

========== Files Created - No Company Name ==========

[2012/08/19 21:02:37 | 001,558,528 | ---- | C] () -- C:\Users\Pastorkov\Desktop\RogueKiller.exe
[2012/08/17 22:37:13 | 000,001,950 | ---- | C] () -- C:\Users\Pastorkov\Desktop\CrystalDiskInfo.lnk
[2012/08/17 18:03:15 | 000,024,576 | ---- | C] () -- C:\Users\Pastorkov\Desktop\memtest.exe
[2012/08/17 18:03:04 | 000,013,507 | ---- | C] () -- C:\Users\Pastorkov\Desktop\MemTest.zip
[2012/08/16 19:26:44 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/15 00:30:44 | 000,062,777 | ---- | C] () -- C:\Users\Pastorkov\Desktop\s_travou.png
[2012/08/15 00:30:29 | 000,024,214 | ---- | C] () -- C:\Users\Pastorkov\Desktop\bez_travy.png
[2012/08/13 12:46:56 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/08/13 12:46:56 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/08/13 12:46:56 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/08/13 12:46:56 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/08/13 12:46:55 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/08/13 12:11:45 | 002,117,108 | ---- | C] () -- C:\Users\Pastorkov\Desktop\tdsskiller.zip
[2012/08/12 21:51:04 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/10 15:39:03 | 000,057,954 | ---- | C] () -- C:\Users\Pastorkov\Desktop\express-css-table-design.zip
[2012/08/08 14:08:05 | 022,453,277 | ---- | C] () -- C:\Users\Pastorkov\Desktop\20120807_183623.mp4
[2012/08/07 12:43:11 | 004,715,977 | ---- | C] () -- C:\Users\Pastorkov\Desktop\Cathedral Sterlain.rar
[2012/08/06 22:04:07 | 001,100,646 | ---- | C] () -- C:\Users\Pastorkov\26072012062.jpg
[2012/08/06 22:04:07 | 001,087,573 | ---- | C] () -- C:\Users\Pastorkov\26072012064.jpg
[2012/08/06 20:47:57 | 000,178,367 | ---- | C] () -- C:\Users\Pastorkov\Desktop\ico-Captain-America-Live-Wallpaper.png
[2012/08/06 14:02:42 | 000,080,096 | ---- | C] () -- C:\Users\Pastorkov\Desktop\alone.jpg
[2012/08/06 13:57:32 | 000,035,323 | ---- | C] () -- C:\Users\Pastorkov\Desktop\ss.jpg
[2012/08/05 23:19:47 | 000,000,411 | ---- | C] () -- C:\Users\Pastorkov\Desktop\control_right.png
[2012/08/05 22:25:44 | 000,044,702 | ---- | C] () -- C:\Users\Pastorkov\Desktop\ManioSoft chat - Login2.png
[2012/08/05 20:16:44 | 006,296,130 | ---- | C] () -- C:\Users\Pastorkov\Desktop\my chat.bmp
[2012/08/05 20:15:48 | 000,078,787 | ---- | C] () -- C:\Users\Pastorkov\Desktop\ManioSoft chat - Login.png
[2012/07/26 14:31:38 | 000,335,585 | ---- | C] () -- C:\Users\Pastorkov\Desktop\OperaMini.jar
[2012/07/26 14:30:29 | 000,338,329 | ---- | C] () -- C:\Users\Pastorkov\Desktop\OperaMini7.7z
[2012/07/24 23:33:30 | 000,000,522 | ---- | C] () -- C:\Users\Pastorkov\Desktop\toolbar_find.png
[2012/07/24 12:30:40 | 000,463,634 | ---- | C] () -- C:\windows\SysNative\netathrx.inf
[2012/07/24 12:30:40 | 000,070,753 | ---- | C] () -- C:\windows\SysNative\athrextx.cat
[2012/06/02 20:49:23 | 000,001,480 | ---- | C] () -- C:\Users\Pastorkov\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2012/04/09 00:34:21 | 000,000,132 | ---- | C] () -- C:\Users\Pastorkov\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2012/04/07 23:55:50 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\Access.dat
[2012/04/07 20:33:48 | 000,000,600 | ---- | C] () -- C:\Users\Pastorkov\AppData\Local\PUTTY.RND
[2012/04/06 19:47:02 | 000,000,132 | ---- | C] () -- C:\Users\Pastorkov\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012/04/05 12:08:45 | 000,045,270 | ---- | C] () -- C:\Users\Pastorkov\AppData\Roaming\room_v3.dat
[2012/04/04 23:44:12 | 000,007,595 | ---- | C] () -- C:\Users\Pastorkov\AppData\Local\Resmon.ResmonCfg
[2012/04/04 18:31:00 | 002,284,018 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/04/04 14:50:49 | 000,120,200 | ---- | C] () -- C:\windows\SysWow64\DLLDEV32i.dll
[2011/08/19 20:10:59 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/08/19 20:08:31 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2011/08/19 06:39:25 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/06/28 01:23:20 | 000,053,760 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll

========== LOP Check ==========

[2012/08/20 10:54:59 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\.minecraft
[2012/04/13 07:55:16 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\BatteryBar
[2012/04/08 14:00:29 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/08/16 19:51:45 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\DAEMON Tools Lite
[2012/08/21 23:57:46 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\FileZilla
[2012/04/04 14:54:14 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\MAGIX
[2012/04/06 20:09:36 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/04/15 13:41:11 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\TeamViewer
[2012/08/16 19:51:40 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\TS3Client
[2012/07/18 15:01:03 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\Tunngle
[2012/08/21 22:25:37 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\uTorrent
[2012/05/20 21:57:46 | 000,000,000 | ---D | M] -- C:\Users\Pastorkov\AppData\Roaming\yWorks
[2012/07/24 20:57:39 | 000,032,624 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 12 bytes -> C:\Users\Pastorkov\Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3

< End of report >

-----------------------------------------------------------------------------

a EXTRAS.txt:

OTL Extras logfile created on: 8/22/2012 2:45:58 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Pastorkov\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.48 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 62.67% Memory free
6.96 Gb Paging File | 5.34 Gb Available in Paging File | 76.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 272.50 Gb Total Space | 211.02 Gb Free Space | 77.44% Space Free | Partition Type: NTFS
Drive D: | 181.67 Gb Total Space | 35.26 Gb Free Space | 19.41% Space Free | Partition Type: NTFS

Computer Name: PASTORKOV-MSI | User Name: Pastorkov | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0397F231-A120-4FC6-A59D-58B5935CE9A2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0E1C4658-FC49-443D-9C46-9B02C5C03964}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{0F5E7DD1-2D01-491A-8990-1BDA2802C0EB}" = lport=137 | protocol=17 | dir=in | app=system |
"{13AFAB11-5D6B-448F-937C-2EF25B552BA3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{152AA440-1D02-4A94-957C-DDC6A2BEF2FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{238CCC3F-4491-415C-BC70-53ABA6FD6388}" = lport=445 | protocol=6 | dir=in | app=system |
"{2A6079C0-E385-4509-ADD9-44886E4472DE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{34E5942F-934B-4395-89CC-E94D16E15517}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48EE06B5-F0D4-4F98-8AAE-9743055FA2F8}" = lport=139 | protocol=6 | dir=in | app=system |
"{5111A043-F387-47AE-B38C-2FF2787F75AF}" = rport=445 | protocol=6 | dir=out | app=system |
"{5153C2A5-ECFA-4B7C-84EF-EBD4951095A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{5E406AEB-FCE3-45FF-99BA-BE5B2F07F787}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{659747F0-0553-4CEE-ADCD-509D6C0B94AA}" = rport=138 | protocol=17 | dir=out | app=system |
"{6CC660C3-9F2A-45C7-921B-9F6E342BBD07}" = rport=139 | protocol=6 | dir=out | app=system |
"{94B72203-FFBB-4505-8255-D68C304C9E3A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B019EC4C-9596-4AF9-BAE3-602BBD80CEE4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B96979FE-3F7D-46C6-8FF6-8F19EAFD29E9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BCB6EB0A-43F0-456D-B226-C146FA23A986}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D2BAC9D0-3353-49BD-893F-F19AC5730F9A}" = lport=138 | protocol=17 | dir=in | app=system |
"{DD1E693B-1E03-48EC-A8FC-B2B877BB6D4F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E059EFC1-4441-4940-90F6-2C8D436FF021}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF6ED874-6FC8-40D6-BAB6-432FB94C6B92}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F547F49A-2BAD-4C56-B22E-2E8407306821}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F71E563D-7C61-4062-A576-C10815CBCE03}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{080F897C-263A-4803-8C8E-DA7D8AA93FA2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0AEA2B20-42EA-4936-BA99-CA9AAB57C3C7}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{0DE7080C-BF73-43BA-AE7E-02A422BC61D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0E07149C-D326-4118-98EA-E3AD7438B694}" = protocol=17 | dir=in | app=c:\program files (x86)\mobbcore bcontrol_1_0_809\bcontrolagent.exe |
"{0EEACB1C-57D0-4109-BBBA-B88526C905B2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{17920EF3-E8B5-4029-AC03-F5EB695C4EEA}" = protocol=6 | dir=out | app=system |
"{1914CE7F-3A69-4B2C-A818-6A0E673413D7}" = protocol=17 | dir=in | app=d:\games\battleforge\bootstrapper.exe |
"{1D8624D1-269A-4430-A1B2-61266AFC277B}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{2332160D-1069-4ED2-9506-7C87793545F0}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{2F6C060E-83A8-4F59-A087-437D9EAF4E51}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{30BDF530-7C55-46F2-A81F-F9E380F1E04C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{3353F9F4-69CB-4791-8C93-E4FC335FFFBD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{361223E5-FC60-466C-9CCF-D9F29F067AF4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{41C11BA6-6441-440A-861B-6030AC81FDB7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4A78DBF1-13EE-45DB-8F87-67C04664D487}" = protocol=6 | dir=in | app=d:\games\splinter cell conviction\src\system\conviction_game.exe |
"{4A7C08E0-5C91-4AD3-A625-0F6F39B1AB02}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4A918D30-8069-4457-9934-56C2DAEA4AB5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4D12F176-A3E0-4FAE-BAF7-3B14D29BEF46}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4D7B6C5A-C24B-49C2-B053-79862BCD8702}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4DA82CB9-8B72-4471-9A00-493EE79921D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4DBC640A-7CA4-4542-857D-9D6C1DF47538}" = protocol=6 | dir=in | app=d:\games\battleforge\battleforge.exe |
"{500A50CE-7FC3-4C02-BFEB-B23E5B3F399C}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
"{5055677B-B37D-4F67-8FE5-46F0F162BCEF}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update service\update service.exe |
"{57FE47E8-EEAA-46C0-B65C-F28D4F460E32}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update service\update service.exe |
"{5CC753CD-AA30-48D0-9DA2-03F6FD7D3D50}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63376FE4-12DA-442F-98B0-01089AD9E4B4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{64D39CF6-A666-4E4D-B5A8-7ABE6D79E18F}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{65877F88-4C9B-4C21-B9D8-EAF93E773D8D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{67516449-B122-4ECF-B275-E38182B1A534}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6D506B20-B4A5-459D-A420-24C7F276BABC}" = protocol=17 | dir=in | app=d:\games\splinter cell conviction\src\system\gu.exe |
"{7E1E9CA9-1724-4CF0-940A-97B5CC4A7EC0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8224D41F-7B97-45B6-9857-2B21395FC3B3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{8934A081-58D3-4762-BAEF-C6A901DC7AC6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8BD34C90-51CB-4BC9-A03E-EFEDA20B2779}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{9014BED9-3799-4735-92CB-A974B85B37DD}" = protocol=17 | dir=in | app=d:\games\battleforge\battleforge.exe |
"{90FD4A22-885F-4261-AAB3-568960925C3E}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A2D2189A-1968-426A-9D9E-0C8C7E178C52}" = protocol=6 | dir=in | app=c:\program files (x86)\mobbcore bcontrol_1_0_809\bcontrolagent.exe |
"{AE406B2D-A840-4147-B544-48F0CA763640}" = protocol=6 | dir=in | app=d:\games\splinter cell conviction\src\system\gu.exe |
"{B65F216A-FA62-4FCF-9A04-3EC4B9977C55}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{BAF50B3D-D949-494D-A4D0-B183718CFB3E}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{C7CA70AF-7332-47C7-8491-B07703C85033}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CE0A6C89-01D1-49C5-B562-358D866DEE2C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{D2F4B8F7-7032-45CD-BA72-42CA46B17EC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3584FFD-5348-4851-A5B6-AAE412875C7A}" = protocol=17 | dir=in | app=d:\games\splinter cell conviction\src\system\conviction_game.exe |
"{D5041224-110A-447D-89A3-A2C7443B8C1A}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
"{D5D70367-D0DC-4026-AC32-E35DD3859188}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{DAA049D5-420F-48CA-8F0E-9AF95BDD9801}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DECF2201-472D-4928-B61B-112FDBB8D777}" = protocol=6 | dir=in | app=d:\games\battleforge\bootstrapper.exe |
"{E0E1FF75-31E0-44B1-B7EF-FAAD8A988CD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E9A1212E-97EE-464B-A9EB-F9FEC5CF4017}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EA967C77-DBC8-4002-91B1-9572F5DA2EAC}" = protocol=58 | dir=in | app=system |
"{EEC85FAA-F5B4-4BC5-A010-F90083E369F7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F0D72C46-459C-47CF-B404-9BA494E725B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FDB1C599-689F-4A8A-A9C8-A014218D7DD2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF66D8F7-20AF-4B13-87DC-84538F3BFA6F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{01E46F62-0BFA-4441-8605-850B9156FF3D}D:\games\gta iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\games\gta iv\gtaiv.exe |
"TCP Query User{03EFA520-2F97-49C2-8938-A6F57E52C722}C:\program files (x86)\samsung electronics\snap n' go\monitorlauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\samsung electronics\snap n' go\monitorlauncher.exe |
"TCP Query User{09ADBB6A-7EE3-473E-BAFF-960A05A921A0}D:\games\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=d:\games\heroes of newerth\hon.exe |
"TCP Query User{43706423-0688-4135-BE53-207D7D3BB3A0}C:\program files (x86)\mobbcore bcontrol_1_0_809\bcontrolagent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mobbcore bcontrol_1_0_809\bcontrolagent.exe |
"TCP Query User{5B438FC5-21E7-4EDB-978B-BF2868034A10}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{5CFCDFD4-342C-43ED-AA89-56103722DCBF}C:\program files (x86)\yworks\yed\yed.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yworks\yed\yed.exe |
"TCP Query User{662228EE-D9D7-4756-98D1-F33FDE5B401B}D:\games\flatout2\flatout2.exe" = protocol=6 | dir=in | app=d:\games\flatout2\flatout2.exe |
"TCP Query User{6F32C3C2-5EC1-4265-85E4-0CF0E6D78C93}D:\games\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=d:\games\counter-strike source\hl2.exe |
"TCP Query User{7EF87636-663F-405B-8E44-A0F8E32A8612}C:\program files (x86)\samsung electronics\snap n' go\monitorlauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\samsung electronics\snap n' go\monitorlauncher.exe |
"TCP Query User{82F08ABD-E537-44D9-A720-3D53D5C6F3FF}D:\games\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=d:\games\counter-strike source\hl2.exe |
"TCP Query User{8472EB28-5097-46AD-ABA9-713F7C467F30}D:\games\cs 1.6\hl.exe" = protocol=6 | dir=in | app=d:\games\cs 1.6\hl.exe |
"TCP Query User{9973663A-E538-4CC2-B8EC-F8D083631FD1}D:\games\gta iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\games\gta iv\gtaiv.exe |
"TCP Query User{B28E72A3-E3FA-4770-BD16-059E3434E5B8}C:\program files (x86)\yworks\yed\yed.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yworks\yed\yed.exe |
"TCP Query User{C8486C1B-6645-4AB2-9821-1F5E65F20008}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"TCP Query User{E75CFE38-89EB-4AD5-A125-73D847B95B37}C:\program files (x86)\samsung electronics\snap n' go\sng_monitor_app.win32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\samsung electronics\snap n' go\sng_monitor_app.win32.exe |
"TCP Query User{EC45EFC0-C1A7-4859-B703-97FCA0BDB6DF}D:\games\cs 1.6\hl.exe" = protocol=6 | dir=in | app=d:\games\cs 1.6\hl.exe |
"TCP Query User{F07670CC-5631-4134-93AD-40C775DDF488}D:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\games\warcraft iii\war3.exe |
"TCP Query User{F376AE87-072F-4094-A4D0-7F73E4FDB58F}C:\program files (x86)\samsung electronics\snap n' go\sng_monitor_app.win32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\samsung electronics\snap n' go\sng_monitor_app.win32.exe |
"UDP Query User{1508F286-1B31-4776-B5C2-F3C43FC17EC2}D:\games\flatout2\flatout2.exe" = protocol=17 | dir=in | app=d:\games\flatout2\flatout2.exe |
"UDP Query User{1B155E4D-AF6A-4889-A409-0497870A0FC4}D:\games\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=d:\games\heroes of newerth\hon.exe |
"UDP Query User{3A883DC6-3587-4995-84B9-B77E0746BE11}D:\games\cs 1.6\hl.exe" = protocol=17 | dir=in | app=d:\games\cs 1.6\hl.exe |
"UDP Query User{43E6656C-B4BA-481A-A88D-F29CA60E096C}D:\games\gta iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\games\gta iv\gtaiv.exe |
"UDP Query User{47FA4976-5BD2-4B49-95D1-21F0BBC2AC38}C:\program files (x86)\yworks\yed\yed.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yworks\yed\yed.exe |
"UDP Query User{5BF6C6B4-F582-44F6-8E36-87A51C95E08C}D:\games\cs 1.6\hl.exe" = protocol=17 | dir=in | app=d:\games\cs 1.6\hl.exe |
"UDP Query User{7DC3DA97-979D-4EEB-9247-23AF6BCC3A54}C:\program files (x86)\samsung electronics\snap n' go\monitorlauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\samsung electronics\snap n' go\monitorlauncher.exe |
"UDP Query User{7E34B370-591A-4700-8599-A0172069D10E}C:\program files (x86)\samsung electronics\snap n' go\sng_monitor_app.win32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\samsung electronics\snap n' go\sng_monitor_app.win32.exe |
"UDP Query User{81C13DB0-A7C7-479F-BAE3-54EFF35F4EAC}C:\program files (x86)\yworks\yed\yed.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yworks\yed\yed.exe |
"UDP Query User{83537817-5DD7-4D23-AC32-E76A4A1CE98A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{A84079EB-B552-4A59-8926-0325417B78A0}D:\games\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=d:\games\counter-strike source\hl2.exe |
"UDP Query User{AB2C87AC-E9D9-403F-B1A8-B5451ACDBCA4}C:\program files (x86)\mobbcore bcontrol_1_0_809\bcontrolagent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mobbcore bcontrol_1_0_809\bcontrolagent.exe |
"UDP Query User{BB23E8EA-29C0-4A52-93D0-C74357CAED44}C:\program files (x86)\samsung electronics\snap n' go\sng_monitor_app.win32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\samsung electronics\snap n' go\sng_monitor_app.win32.exe |
"UDP Query User{C3812DB2-6587-4CB4-A412-646334745E16}C:\program files (x86)\samsung electronics\snap n' go\monitorlauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\samsung electronics\snap n' go\monitorlauncher.exe |
"UDP Query User{D09E55B3-063B-4AC2-BF0F-64BAF8309225}D:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\games\warcraft iii\war3.exe |
"UDP Query User{DD8EBEFA-5D69-4C93-B1E5-FA207CF9EA7E}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"UDP Query User{DFC450EA-9C5B-456C-ADE7-20CD1636E416}D:\games\gta iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\games\gta iv\gtaiv.exe |
"UDP Query User{E6840725-373C-483D-9876-63C2EF1436B8}D:\games\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=d:\games\counter-strike source\hl2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{2998191E-A35E-47E2-BE38-7702C731D722}" = SRS Premium Sound Control Panel
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5094768B-3F53-7CEE-F29C-5DA2A1D7919E}" = AMD Fuel
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C1324AF2-DF5C-A52C-B380-B7CBB67A3534}" = ccc-utility64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CCEFD9B7-A152-5638-1718-8BF98C5E43E5}" = ATI Catalyst Install Manager
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{E67C77C8-EC8E-C75D-9B73-2F61DB59CDC4}" = AMD Media Foundation Decoders
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{00F3295E-E3CB-6BA9-31AE-3DEFABD595CC}" = CCC Help Danish
"{02ED7035-4F7B-5026-2A8B-126B65BD5804}" = Catalyst Control Center Profiles Mobile
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{13AF0085-6FAC-2909-8DD8-B41E01DA1EF5}" = AMD VISION Engine Control Center
"{13E22AB7-DD1F-25BD-9AE6-8400E0BAC121}" = CCC Help Turkish
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BCF995D-78B8-4883-BC8E-D7A32BB463DA}" = Windows Live Messenger
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{26513CE5-7A51-478D-93BD-AC1D38103463}" = Windows Live Messenger
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{297F53AA-3863-4CD5-A506-0F805630F1F4}" = S-Bar
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}" = MSI Software Install
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3CCDB14F-8C00-1D3D-F764-F1C732B9C305}" = CCC Help Greek
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{4484967B-6ED8-A1F5-E339-1934E3020C8B}" = CCC Help French
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{48C0FA5E-1B15-3FFD-54ED-602ACCE8892B}" = CCC Help Portuguese
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}" = „Windows Live Messenger“
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C8AE80F-1C1F-8FB4-C4F1-60EECB534278}" = CCC Help English
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{619FA785-489B-4D22-911F-82D6EDF5BDB0}" = Battery Calibration
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AB07D1C-1FFD-E5D7-2260-AA27B2F192B5}" = CCC Help Chinese Standard
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{74855C8E-27F6-DCCF-A08C-6A40B768C975}" = CCC Help Japanese
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7DBBB2A8-F6A3-39B5-46D5-923196E81B66}" = CCC Help Spanish
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113784233}" = Home Sweet Home
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88C24502-3EBE-9D5C-C09D-63347E99DB27}" = CCC Help Czech
"{8BBC7FB6-7FFD-A0A7-9104-EAD38E119D8E}" = CCC Help Russian
"{8C612082-D6C6-163F-11B0-BAB93E1F8914}" = CCC Help Norwegian
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94DE7548-E449-4F7D-804F-0C5CDC3A1E6A}" = EasyFace2
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{992B45D0-56C5-7E4E-7C41-B2F0BEB91E41}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A31FFFBF-3A18-E95B-8F39-B3411820AB08}" = CCC Help Swedish
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A86A4C1D-05B5-46B0-A808-1A15DCD17A17}_is1" = MSI Game Corner Console
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AE85EE86-4DDC-6F1A-C873-218B377A6444}" = CCC Help German
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B5594DAD-0050-6AFE-882D-B51DB10C1C94}" = CCC Help Dutch
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{C13926BE-159B-4494-BEEC-AB6E207F70AD}" = Cinema ProII Setup
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CD1067C8-1AA1-4503-BCAD-EA1EE5427DC7}" = MAGIX Video easy SE
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D02E3267-AC49-B134-D521-6094713929D8}" = Catalyst Control Center InstallProxy
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DA5597C9-9216-44FF-9670-D1E48817B998}" = MSI HOUSE
"{DAEE3EA3-0649-37A8-365D-58DD52BF9874}" = CCC Help Hungarian
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E220BA54-25CA-13FA-21AA-C88342B20747}" = CCC Help Italian
"{E5B6A047-5868-66BB-E7E4-88DFE0B91C9F}" = CCC Help Polish
"{E66B5520-69C1-B559-DCAB-AB0C451F9FDB}" = CCC Help Korean
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEDE3071-D70E-F01A-4A2B-0D79184AD4D2}" = CCC Help Thai
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1100000-0010-0000-0000-074957833700}" = ABBYY FineReader 11 Corporate Edition
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F97661EA-27AF-E018-B14D-12139173A657}" = CCC Help Chinese Traditional
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC3FA913-C422-A7BB-D868-DBD7C07C5704}" = Catalyst Control Center Localization All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"3309-7404-0599-8908" = yEd Graph Editor 3.9.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast" = avast! Free Antivirus
"BControl_1_0_809" = Mobbcore BControl 1.0.809 Agent/PC
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Counter-Strike 1.6" = Counter-Strike 1.6
"Counter-Strike: Source" = Counter-Strike: Source
"Counter-Strike: Source Texture Pack 1.00" = Counter-Strike: Source Texture Pack 1.00
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"ESET Online Scanner" = ESET Online Scanner v3
"FastStone Capture" = FastStone Capture 6.8
"FileZilla Client" = FileZilla Client 3.5.3
"Fraps" = Fraps
"hon" = Heroes of Newerth
"i-Charger_is1" = i-Charger
"IETester" = IETester v0.4.11 (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX Music Maker 16 Download Version UK" = MAGIX Music Maker 16 Download Version
"MAGIX Photo Manager 9 UK" = MAGIX Photo Manager 9
"MAGIX Screenshare UK" = MAGIX Screenshare
"MAGIX Speed burnR UK" = MAGIX Speed burnR
"MAGIX_MSI_Video_easy_SE" = MAGIX Video easy SE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.62.0.1300
"OpenAL" = OpenAL
"PSPad editor_is1" = PSPad editor
"Revo Uninstaller" = Revo Uninstaller 1.94
"Snap N' Go" = Snap N' Go 2.41.3
"TeamViewer 7" = TeamViewer 7
"Update Service" = Sony Ericsson Update Service
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"VMware_Workstation" = VMware Workstation
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Word Manager" = Word Manager

Makrela · Příspěvekod **Makrela** » 22 srp 2012 15:17

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/2/2012 7:05:00 AM | Computer Name = Pastorkov-MSI | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vmware-authd.exe, verze: 8.0.1.27038, časové
razítko: 0x4ec0abf2 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b8f Kód výjimky: 0xc0000005 Posun chyby: 0x000332a0 ID chybujícího
procesu: 0xeac Čas spuštění chybující aplikace: 0x01cd709e988ac2d5 Cesta k chybující
aplikaci: C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe Cesta
k chybujícímu modulu: C:\windows\SysWOW64\ntdll.dll ID zprávy: e668a6e1-dc91-11e1-b1e5-6c626d342c52

Error - 8/2/2012 7:07:01 AM | Computer Name = Pastorkov-MSI | Source = WinMgmt | ID = 10
Description =

Error - 8/2/2012 2:48:31 PM | Computer Name = Pastorkov-MSI | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 8/3/2012 3:48:11 AM | Computer Name = Pastorkov-MSI | Source = WinMgmt | ID = 10
Description =

Error - 8/3/2012 3:48:23 AM | Computer Name = Pastorkov-MSI | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vmware-authd.exe, verze: 8.0.1.27038, časové
razítko: 0x4ec0abf2 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b8f Kód výjimky: 0xc0000005 Posun chyby: 0x000332a0 ID chybujícího
procesu: 0xd28 Čas spuštění chybující aplikace: 0x01cd714c4ba6f0c2 Cesta k chybující
aplikaci: C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe Cesta
k chybujícímu modulu: C:\windows\SysWOW64\ntdll.dll ID zprávy: 9999bcac-dd3f-11e1-ad8a-6c626d342c52

Error - 8/3/2012 11:59:23 AM | Computer Name = Pastorkov-MSI | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 8/4/2012 1:48:41 AM | Computer Name = Pastorkov-MSI | Source = WinMgmt | ID = 10
Description =

Error - 8/4/2012 10:58:33 AM | Computer Name = Pastorkov-MSI | Source = WinMgmt | ID = 10
Description =

Error - 8/4/2012 10:58:51 AM | Computer Name = Pastorkov-MSI | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vmware-authd.exe, verze: 8.0.1.27038, časové
razítko: 0x4ec0abf2 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b8f Kód výjimky: 0xc0000005 Posun chyby: 0x000332a0 ID chybujícího
procesu: 0xe24 Čas spuštění chybující aplikace: 0x01cd7251995032ca Cesta k chybující
aplikaci: C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe Cesta
k chybujícímu modulu: C:\windows\SysWOW64\ntdll.dll ID zprávy: e648957a-de44-11e1-b464-6c626d342c52

Error - 8/4/2012 2:34:51 PM | Computer Name = Pastorkov-MSI | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 7/4/2012 6:56:43 AM | Computer Name = Pastorkov-MSI | Source = Service Control Manager | ID = 7001
Description = Služba VMware Workstation Server závisí na službě VMware Authorization
Service, která neuspěla při spuštění v důsledku následující chyby: %%1053

Error - 7/4/2012 5:50:50 PM | Computer Name = Pastorkov-MSI | Source = DCOM | ID = 10010
Description =

Error - 7/5/2012 6:55:29 AM | Computer Name = Pastorkov-MSI | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby ABBYY FineReader 11 CE Licensing Service
bylo dosaženo časového limitu (30000 ms).

Error - 7/5/2012 6:57:49 AM | Computer Name = Pastorkov-MSI | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby VMware Workstation Server bylo dosaženo
časového limitu (30000 ms).

Error - 7/5/2012 6:57:49 AM | Computer Name = Pastorkov-MSI | Source = Service Control Manager | ID = 7000
Description = Služba VMware Workstation Server neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 7/5/2012 6:30:57 PM | Computer Name = Pastorkov-MSI | Source = DCOM | ID = 10010
Description =

Error - 7/6/2012 8:08:09 AM | Computer Name = Pastorkov-MSI | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby VMware Authorization Service bylo dosaženo
časového limitu (30000 ms).

Error - 7/6/2012 8:08:09 AM | Computer Name = Pastorkov-MSI | Source = Service Control Manager | ID = 7000
Description = Služba VMware Authorization Service neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 7/6/2012 8:08:11 AM | Computer Name = Pastorkov-MSI | Source = Service Control Manager | ID = 7001
Description = Služba VMware Workstation Server závisí na službě VMware Authorization
Service, která neuspěla při spuštění v důsledku následující chyby: %%1053

Error - 7/6/2012 6:23:35 PM | Computer Name = Pastorkov-MSI | Source = DCOM | ID = 10010
Description =

< End of report >

Příspěvekod **jaro3** » 22 srp 2012 21:58

Odinstaluj:
ESET OnlineScan

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV:64bit: - (MGHwCtrl) -- C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys File not found
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {62D8AA6A-7670-40A2-A89D-177DF4B29B1A}
IE:64bit: - HKLM\..\SearchScopes\{62D8AA6A-7670-40A2-A89D-177DF4B29B1A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {62D8AA6A-7670-40A2-A89D-177DF4B29B1A}
IE - HKLM\..\SearchScopes\{62D8AA6A-7670-40A2-A89D-177DF4B29B1A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
IE - HKCU\..\SearchScopes,DefaultScope = {62D8AA6A-7670-40A2-A89D-177DF4B29B1A}
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O1 HOSTS File: ([2012/08/15 15:00:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AutoKMS] C:\windows\AutoKMS.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2012/08/18 22:55:00 | 000,634,864 | ---- | M] () -- C:\windows\SysNative\perfh00E.dat
[2012/08/18 22:55:00 | 000,633,976 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2012/08/18 22:55:00 | 000,618,692 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/18 22:55:00 | 000,149,520 | ---- | M] () -- C:\windows\SysNative\perfc00E.dat
[2012/08/18 22:55:00 | 000,123,124 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2012/08/18 22:55:00 | 000,107,598 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
@Alternate Data Stream - 12 bytes -> C:\Users\Pastorkov\Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\ESET
C:\Users\Pastorkov\Desktop\RK_Quarantine
C:\windows\SWREG.exe
C:\windows\NIRCMD.exe
C:\windows\SWSC.exe
C:\Qoobox
C:\Users\Pastorkov\Desktop\TDSSKiller.exe
C:\Users\Pastorkov\Desktop\RogueKiller.exe
C:\Users\Pastorkov\Desktop\MemTest.zip
C:\windows\PEV.exe
C:\windows\MBR.exe
C:\windows\grep.exe
C:\windows\zip.exe
C:\Users\Pastorkov\AppData\Roaming\room_v3.dat
C:\windows\ativpsrm.bin
C:\windows\sed.exe

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

pokud to nezabere , zkus odinstalovat VMware
Description = Název chybující aplikace: vmware-authd.exe, verze: 8.0.1.27038, časové
razítko: 0x4ec0abf2 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b8f Kód výjimky: 0xc0000005 Posun chyby: 0x000332a0 ID chybujícího
procesu: 0xe24 Čas spuštění chybující aplikace: 0x01cd7251995032ca Cesta k chybující
aplikaci: C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe Cesta
k chybujícímu modulu: C:\windows\SysWOW64\ntdll.dll ID zprávy: e648957a-de44-11e1-b464-6c626d342c52

Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Re: Prosím o kontrolu, pomalý start PC, mrznutí PC

Kdo je online