Prosím o kontrolu, podozrenie na vírus Vyřešeno

[Kobra.svk]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-07 23:53:44
-----------------------------
23:53:44.698 OS Version: Windows 6.1.7601 Service Pack 1
23:53:44.698 Number of processors: 2 586 0x170A
23:53:44.699 ComputerName: KOBRA UserName:
23:53:46.676 Initialize success
23:53:54.312 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:53:54.314 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3
23:53:54.436 Disk 0 MBR read successfully
23:53:54.439 Disk 0 MBR scan
23:53:54.441 Disk 0 Windows 7 default MBR code
23:53:54.444 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 12001 MB offset 63
23:53:54.456 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 80011 MB offset 24579450
23:53:54.459 Disk 0 Partition - 00 0F Extended LBA 384924 MB offset 188442450
23:53:54.488 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 384924 MB offset 188442513
23:53:54.493 Disk 0 scanning sectors +976768065
23:53:54.621 Disk 0 scanning C:\Windows\system32\drivers
23:54:10.016 Service scanning
23:54:18.607 Service ASUSProcObsrv E:\I386\AsProcOb.sys **LOCKED** 21
23:54:27.819 Service MpKslfa3b63a5 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CACD9A5F-E37F-4EDE-9682-D2DCED97725A}\MpKslfa3b63a5.sys **LOCKED** 32
23:54:35.854 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
23:54:43.234 Modules scanning
23:54:59.704 Disk 0 trace - called modules:
23:54:59.755 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys sptd.sys
23:54:59.761 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8756b030]
23:54:59.766 3 CLASSPNP.SYS[8b80459e] -> nt!IofCallDriver -> [0x86b18630]
23:54:59.772 5 ACPI.sys[8b9bd3d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86adb028]
23:54:59.777 Scan finished successfully
23:55:11.083 Disk 0 MBR has been saved successfully to "C:\Users\Miroslav\Desktop\MBR.dat"
23:55:11.089 The log file has been saved successfully to "C:\Users\Miroslav\Desktop\aswMBR.txt"

[Reklama]

[Kobra.svk]

OTL logfile created on: 7. 5. 2013 23:57:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Miroslav\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,00% Memory free
6,00 Gb Paging File | 4,65 Gb Available in Paging File | 77,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,14 Gb Total Space | 20,84 Gb Free Space | 26,68% Space Free | Partition Type: NTFS
Drive D: | 375,90 Gb Total Space | 58,26 Gb Free Space | 15,50% Space Free | Partition Type: NTFS

Computer Name: KOBRA | User Name: Miroslav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Miroslav\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Soluto\SolutoService.exe (Soluto)
PRC - C:\Program Files\Soluto\Soluto.exe (Soluto)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe (LSoft Technologies Inc)
PRC - C:\Program Files\PANDORA.TV\PanService\PanProcess.exe (PandoraTV)
PRC - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\Rainmeter\Rainmeter.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Razer\DeathAdder\razerhid.exe ()
PRC - C:\Program Files\Razer\DeathAdder\vdDaemon.exe (TODO: <Company name>)
PRC - C:\Program Files\Dokan\DokanLibrary\mounter.exe ()
PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files\Common Files\SPBA\upeksvr.exe (UPEK Inc.)
PRC - C:\Program Files\Razer\DeathAdder\razerofa.exe (Razer Inc.)
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files\Mouse Tachometer\Mouse Tachometer.exe (Pavel Müller)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\dcce4ad57f6201d472fdea3463f3e9e0\PCGHIDProbe.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\bda6a8853bf5cd69ecd12c6ad381123c\Soluto.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7badd9a67b9f34f7222697c220dfa88b\System.DirectoryServices.AccountManagement.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\7a0f82a2543aa6acfce648bc06e66ec4\PCGPostBootResources.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\a2b5a6c10868338720d56c0a97e0843f\PCGRSPProbe.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\c843629101c9ab36933c728f778f31ed\Community.CsharpSqlite.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\14d45acffcbe4e8b028327fd59b740aa\Interop.IWshRuntimeLibrary.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\9d178312ef97ed3384741adf263b4bfc\PCGAppControlPluginLoader.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\fabb10df0b5646de7d03f462b9be667b\PCGUsersCenter.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\bd2aabf357580beb16eaa191891fe2e2\PCGClientCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\a79d72282e27f13775640a0c53e5e5d6\PCGBootVisualizingCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\cd0fcdd43d44221fc13b75dd97409336\PCGDriverProbe.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\32bd1ae7d60a6b7fc53a379e540a22e0\PCGConfiguration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\8a0b7f0fa467d8f0adb28048d98b8c2a\PCGDatabase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\3183daa9229044a793ef0383c7f75501\PCGAzureEntityFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\aa73d708c4828f8758f3d9f82150d1aa\PCGAzureShared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\4c790aaa459ace5baa07385a240166cc\PCGCommunication.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\40b3e56f6605068ebcde0facb8049505\PCGPreCompiled.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\430cf827c8557371e5c5d5bc572a5759\System.Data.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\0e72621afff56b0b550de34640cfdb12\Newtonsoft.Json.Net35.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\928a439cb075115ac18b99b706659b00\Ionic.Zip.Reduced.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\2a5eebb96452661e1377320aa38c3acc\PCGFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\abf5f0f6b5d995fb86b0529ac85e14ed\System.DirectoryServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files\Rainmeter\Plugins\WebParser.dll ()
MOD - C:\Program Files\Rainmeter\Rainmeter.exe ()
MOD - C:\Program Files\Rainmeter\Rainmeter.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files\Razer\DeathAdder\razerhid.exe ()
MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\P4G\OvrClk.dll ()
MOD - C:\Program Files\P4G\DevMng.dll ()
MOD - C:\Program Files\RocketDock\RocketDock.exe ()
MOD - C:\Program Files\RocketDock\RocketDock.dll ()
MOD - C:\Program Files\ATKGFNEX\AGFNEX.dll ()
MOD - C:\Program Files\Mouse Tachometer\english.dll ()
MOD - C:\Program Files\Mouse Tachometer\czech.dll ()
MOD - C:\Program Files\Mouse Tachometer\hooks.dll ()


========== Services (SafeList) ==========

SRV - (NPVR Recording Service) -- C:\Program Files\NPVR\NRecord.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SolutoLauncherService) -- C:\Program Files\Soluto\SolutoLauncherService.exe ()
SRV - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)
SRV - (SolutoRemoteService) -- C:\Program Files\Soluto\SolutoRemoteService.exe (Soluto)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Active@ Disk Monitor) -- C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe (LSoft Technologies Inc)
SRV - (PanService) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll ()
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (DokanMounter) -- C:\Program Files\Dokan\DokanLibrary\mounter.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WDFME) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe ()
SRV - (WDSC) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe ()
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (SRS_VolSync_Service) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe (SRS Labs, Inc.)
SRV - (mi-raysat_3dsmax2010_32) -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe ()
SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe ()
SRV - (FMMService) -- C:\Program Files\Mobility Manager\FMMService.exe (Flarion Technologies, Inc.)
SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)


========== Driver Services (SafeList) ==========

DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (ndisahMP) -- system32\DRIVERS\ndisah.sys File not found
DRV - (EIO) -- system32\DRIVERS\EIO.sys File not found
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (CV2K1) -- system32\DRIVERS\cv2k1.sys File not found
DRV - (aswMBR) -- C:\Users\Miroslav\AppData\Local\Temp\aswMBR.sys File not found
DRV - (ASUSProcObsrv) -- E:\I386\AsProcOb.sys File not found
DRV - (apmkcep2) -- File not found
DRV - (ALSysIO) -- C:\Users\Miroslav\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (akkajvs9) -- File not found
DRV - (MpKslfa3b63a5) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CACD9A5F-E37F-4EDE-9682-D2DCED97725A}\MpKslfa3b63a5.sys (Microsoft Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (Soluto) -- C:\Windows\System32\drivers\Soluto.sys (Soluto LTD.)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (TS_AR5416) -- C:\Windows\System32\drivers\ts_athw.sys (TamoSoft)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (Dokan) -- C:\Windows\System32\drivers\dokan.sys (Windows (R) Win 7 DDK provider)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (VKbms) -- C:\Windows\System32\drivers\VKbms.sys (Windows (R) Win 7 DDK provider)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmHidLo) -- C:\Windows\System32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (ivusb) -- C:\Windows\System32\drivers\ivusb.sys (Initio Corporation)
DRV - (danewFltr) -- C:\Windows\System32\drivers\danew.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (CYUSB) -- C:\Windows\System32\drivers\CYUSB.sys (Cypress Semiconductor)
DRV - (GRemoteJoy) -- C:\Windows\System32\drivers\GRemoteJoy.sys (GBM Software)
DRV - (GRemoteBus) -- C:\Windows\System32\drivers\GRemoteBus.sys (GBM Software)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ASUS)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C60x86.sys (Atheros Communications, Inc.)
DRV - (SRS_PremiumSound_Service) -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys ()
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (FlrnUSB) -- C:\Windows\System32\drivers\LtkUSB.sys (Qualcomm Flarion Technologies)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (NVR0Dev) -- C:\Windows\nvoclock.sys (NVidia Corp.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.sk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5D EC 78 53 3B 8E CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15
FF - prefs.js..network.proxy.http: "192.168.20.1"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Miroslav\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/25 23:14:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/25 23:14:31 | 000,000,000 | ---D | M]

[2010/11/06 17:20:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\Extensions
[2010/11/06 17:20:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013/04/02 17:58:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\Firefox\Profiles\n0wmyrw4.default\extensions
[2013/04/02 17:58:51 | 000,392,806 | ---- | M] () (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\n0wmyrw4.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
[2012/09/12 12:46:23 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\n0wmyrw4.default\extensions\testpilot@labs.mozilla.com.xpi
[2013/04/25 23:14:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/04/25 23:14:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/05/03 01:38:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\distribution\extensions
[2003/01/13 17:08:06 | 000,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\mozilla firefox\plugins\npjp2.dll
[2013/02/16 00:04:52 | 000,208,448 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2004/11/09 03:43:08 | 000,139,305 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2004/11/08 21:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2004/11/08 21:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2004/11/08 21:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2004/11/08 21:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2004/11/08 21:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2004/11/08 21:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2004/11/08 21:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2004/11/09 03:43:04 | 000,081,967 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2011/07/11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

O1 HOSTS File: ([2013/05/04 20:50:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Mouse Tachometer] C:\Program Files\Mouse Tachometer\Mouse Tachometer.exe (Pavel Müller)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Obrazovková spinka a spúšťač programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&oslať do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.110.186.240 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62FC7AEA-B373-42A1-8FCF-C21D2EF7F725}: DhcpNameServer = 193.110.186.240 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA2DE3B0-CAA8-4845-BA3A-5C30B3012241}: DhcpNameServer = 195.91.0.17 194.154.227.17
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/07 23:56:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Miroslav\Desktop\OTL.exe
[2013/05/07 23:53:40 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Miroslav\Desktop\aswMBR(1).exe
[2013/05/07 16:51:51 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\Desktop\Uzkostne poruchy- HRICIKOVA, LACKOVA
[2013/05/06 19:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
[2013/05/06 19:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\PANDORA.TV
[2013/05/06 19:09:08 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2013/05/05 13:00:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013/05/04 20:56:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/04 17:27:52 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Local\Adobe
[2013/05/04 16:31:49 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/04/27 00:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2013/04/25 23:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/04/12 22:57:03 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\Desktop\Photo like this
[2013/04/10 17:43:36 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/04/10 17:43:35 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/04/10 17:43:34 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/04/10 17:43:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/04/10 17:43:34 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/04/10 17:43:33 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/04/10 17:43:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/04/10 17:43:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/04/10 17:43:33 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/04/10 17:43:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/04/10 17:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/04/10 17:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/04/10 12:56:27 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/04/10 12:56:26 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/04/10 12:56:25 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/04/10 12:56:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[12 C:\Users\Miroslav\Desktop\*.tmp files -> C:\Users\Miroslav\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/08 00:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/07 23:56:50 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/07 23:56:50 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/07 23:55:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Miroslav\Desktop\OTL.exe
[2013/05/07 23:55:11 | 000,000,512 | ---- | M] () -- C:\Users\Miroslav\Desktop\MBR.dat
[2013/05/07 23:53:17 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Miroslav\Desktop\aswMBR(1).exe
[2013/05/07 23:49:50 | 003,714,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/07 23:49:08 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/07 23:48:51 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013/05/07 23:48:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/07 23:48:10 | 2415,218,688 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/07 23:35:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/07 19:34:11 | 000,619,146 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/07 19:34:11 | 000,107,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/07 02:59:44 | 000,001,278 | ---- | M] () -- C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Obrazovková spinka a spúšťač programu OneNote 2010.lnk
[2013/05/06 19:09:09 | 000,000,997 | ---- | M] () -- C:\Users\Miroslav\Desktop\KMPlayer.lnk
[2013/05/05 13:05:57 | 000,002,009 | ---- | M] () -- C:\Users\Miroslav\Desktop\Kies Air Discovery Service.lnk
[2013/05/04 20:50:57 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/04 19:12:47 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/05/04 19:12:46 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/05/03 16:01:26 | 000,628,743 | ---- | M] () -- C:\Users\Miroslav\Desktop\adwcleaner.exe
[2013/05/02 17:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[12 C:\Users\Miroslav\Desktop\*.tmp files -> C:\Users\Miroslav\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/07 23:48:20 | 003,714,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/07 23:35:07 | 000,000,512 | ---- | C] () -- C:\Users\Miroslav\Desktop\MBR.dat
[2013/05/06 19:09:09 | 000,000,997 | ---- | C] () -- C:\Users\Miroslav\Desktop\KMPlayer.lnk
[2013/05/05 13:05:57 | 000,002,009 | ---- | C] () -- C:\Users\Miroslav\Desktop\Kies Air Discovery Service.lnk
[2013/05/05 10:30:43 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/05 10:30:42 | 000,000,920 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/03 16:01:43 | 000,628,743 | ---- | C] () -- C:\Users\Miroslav\Desktop\adwcleaner.exe
[2013/03/04 02:13:13 | 000,000,132 | ---- | C] () -- C:\Users\Miroslav\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
[2013/02/05 18:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/02/05 18:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013/02/05 18:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013/02/05 18:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013/02/05 18:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013/01/19 04:43:56 | 000,099,023 | ---- | C] () -- C:\Users\Miroslav\AppData\Roaming\icarus-dxdiag.xml
[2012/07/29 23:47:02 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2012/07/28 21:56:07 | 000,200,631 | ---- | C] () -- C:\Windows\System32\poclbm120327GeForce GT 240Mv1w256l4.bin
[2012/07/28 21:40:29 | 000,200,631 | ---- | C] () -- C:\Users\Miroslav\AppData\Roaming\poclbm120327GeForce GT 240Mv1w256l4.bin
[2012/07/15 12:12:05 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2012/07/15 12:12:05 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2012/07/15 12:12:05 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2012/07/14 22:02:19 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012/05/12 23:39:25 | 000,036,877 | ---- | C] () -- C:\Windows\Q-Dir.ini
[2012/03/26 02:17:37 | 000,000,132 | ---- | C] () -- C:\Users\Miroslav\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2012/02/20 19:16:08 | 000,110,592 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2012/02/04 16:04:55 | 000,000,058 | ---- | C] () -- C:\Windows\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2012/01/28 12:35:43 | 000,069,632 | ---- | C] () -- C:\Windows\System32\GkSui18.EXE
[2012/01/22 02:41:44 | 000,000,029 | ---- | C] () -- C:\Windows\LANGMAKE.INI
[2012/01/06 18:16:21 | 000,000,475 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/12/23 13:54:58 | 000,000,132 | ---- | C] () -- C:\Users\Miroslav\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2011/12/23 12:56:34 | 000,000,048 | ---- | C] () -- C:\Windows\iltwain.ini
[2011/12/23 03:04:03 | 000,916,480 | ---- | C] () -- C:\Windows\expstart.exe
[2011/12/23 02:49:34 | 000,303,216 | ---- | C] () -- C:\Windows\UTP.exe
[2011/10/30 23:19:52 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/10/30 23:19:52 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/10/17 20:14:17 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2011/10/17 20:14:17 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2011/10/13 00:31:30 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/09/20 01:23:25 | 000,000,297 | ---- | C] () -- C:\Users\Miroslav\AppData\Roaming\Network Meter_Settings.ini
[2011/09/20 00:01:53 | 000,000,412 | ---- | C] () -- C:\Users\Miroslav\AppData\Roaming\All CPU Meter_Settings.ini
[2011/08/29 00:35:24 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/08/05 21:34:01 | 000,141,072 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/08/05 21:33:49 | 000,281,120 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011/08/05 21:33:22 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/07/09 21:40:11 | 000,083,872 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011/07/09 21:40:11 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011/06/13 22:33:35 | 000,000,000 | ---- | C] () -- C:\Users\Miroslav\AppData\Roaming\.NANotifyHere
[2011/05/06 19:12:05 | 000,004,969 | ---- | C] () -- C:\ProgramData\zncjglaq.cjr
[2011/04/22 15:49:10 | 000,000,096 | ---- | C] () -- C:\Users\Miroslav\.asadminpass
[2011/04/09 19:19:37 | 000,138,904 | ---- | C] () -- C:\Users\Miroslav\AppData\Roaming\PnkBstrK.sys
[2010/12/28 19:49:55 | 000,007,605 | ---- | C] () -- C:\Users\Miroslav\AppData\Local\Resmon.ResmonCfg

[Kobra.svk]

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/01/28 14:03:07 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Autodesk
[2012/07/20 13:44:23 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\BitLord
[2012/09/12 20:38:02 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\BSplayer
[2012/07/31 13:29:48 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\BSplayer Pro
[2011/06/21 19:41:38 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Canon
[2013/05/07 23:42:10 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\DAEMON Tools Lite
[2012/10/10 15:22:32 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Desktop Google Reader
[2012/02/04 16:04:55 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\DonationCoder
[2011/08/28 04:48:11 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\ERGOM
[2011/02/13 21:38:41 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Feedreader
[2012/03/03 14:17:40 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\FreeFLVConverter
[2012/10/11 20:53:27 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\full phat
[2012/12/26 18:23:57 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\GameRanger
[2011/04/10 12:48:47 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\GBM Software
[2010/12/10 19:23:35 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\GHISLER
[2012/04/28 17:45:24 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\ijjigame
[2012/08/07 23:04:01 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\LolClient
[2011/06/09 23:26:41 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\MAGIX
[2010/12/11 19:18:46 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Mount&Blade Warband
[2012/07/18 22:26:11 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\My Battle for Middle-earth Files
[2012/08/04 23:21:50 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\NetBeans
[2013/02/17 11:43:49 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Origin
[2011/10/30 19:24:01 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Publish Providers
[2012/07/20 13:43:19 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Python-Eggs
[2012/05/14 17:22:26 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Q-Dir
[2012/01/15 16:40:28 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\QIP
[2011/12/22 19:20:45 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Rainmeter
[2011/05/30 19:34:41 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Razer
[2011/12/23 13:47:12 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Resource Tuner
[2012/01/20 22:11:37 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\runic games
[2013/04/14 00:40:01 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Samsung
[2011/07/29 19:00:21 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\SGTY
[2013/02/07 22:59:37 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Sony
[2011/05/27 01:10:24 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/12/23 04:11:36 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Stardock
[2012/06/27 17:19:07 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\stickies
[2011/04/10 11:22:28 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Synthesia
[2012/07/29 21:36:13 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\TeamViewer
[2011/05/29 15:57:07 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\The Creative Assembly
[2013/05/07 23:42:10 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\TS3Client
[2012/07/29 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Tunngle
[2010/12/28 04:14:49 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Ubisoft
[2011/05/01 21:31:12 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\UDC Profiles
[2012/12/17 00:14:54 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Unity
[2011/04/22 15:52:11 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\updatetool
[2013/05/07 23:42:10 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\uTorrent
[2010/11/06 19:36:04 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\VitySoft
[2012/05/23 19:41:53 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\wargaming.net
[2010/11/09 21:11:18 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Western Digital
[2011/12/23 14:11:08 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Windows 7 Taskbar Color Changer
[2012/12/01 12:25:41 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Windows Live Writer
[2012/02/07 00:58:45 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\XnView
[2011/10/01 13:28:12 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\YouTube HD Transfer
[2012/02/05 21:17:15 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Zoner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:39413AC3

< End of report >

[Kobra.svk]

OTL Extras logfile created on: 7. 5. 2013 23:57:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Miroslav\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,00% Memory free
6,00 Gb Paging File | 4,65 Gb Available in Paging File | 77,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,14 Gb Total Space | 20,84 Gb Free Space | 26,68% Space Free | Partition Type: NTFS
Drive D: | 375,90 Gb Total Space | 58,26 Gb Free Space | 15,50% Space Free | Partition Type: NTFS

Computer Name: KOBRA | User Name: Miroslav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Program Files\Combat Arms\Combat Arms EU\CombatArms.exe" = D:\Program Files\Combat Arms\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"D:\Program Files\Combat Arms\Combat Arms EU\Engine.exe" = D:\Program Files\Combat Arms\Combat Arms EU\Engine.exe:*Enabled:Engine.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"D:\Program Files\Combat Arms\Combat Arms EU\CombatArms.exe" = D:\Program Files\Combat Arms\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"D:\Program Files\Combat Arms\Combat Arms EU\Engine.exe" = D:\Program Files\Combat Arms\Combat Arms EU\Engine.exe:*Enabled:Engine.exe


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034ABD0F-B0FA-45F7-8368-8B5EE6A6914E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0F43110B-DED7-484F-8E78-7ACECDA1FCFA}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{13F9F1B3-9CE7-4BEB-A46F-E9A11F130DA7}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{21C63452-7C37-4704-997B-F64EE93149B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{25AFE0B3-76CA-4623-879E-EDA47BFAA853}" = rport=137 | protocol=17 | dir=out | app=system |
"{36D492E4-0016-431C-AF01-3E0F75947F89}" = rport=10243 | protocol=6 | dir=out | app=system |
"{38872ADD-D061-4E25-833B-71D83674635A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{3B180A14-92B6-4795-9527-87262EC490FB}" = rport=445 | protocol=6 | dir=out | app=system |
"{4418CE6D-48D3-47EF-B8FE-7A0A178D7E41}" = rport=139 | protocol=6 | dir=out | app=system |
"{50153C77-59D9-4464-91A7-F03EA95FFD84}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{553A7329-49B0-4F58-95FD-DB1A660B8B6A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{57EE801F-4BDB-4ED5-8D23-865FB5D1CE45}" = lport=139 | protocol=6 | dir=in | app=system |
"{65244CF1-539E-4476-B3B6-F8107A8551E0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{68169A88-093E-4FF0-864A-8600F4A00F1B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6912A0AE-9990-4033-A875-A95CD6FF5323}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D40FA71-6945-4ACA-A4B8-4233AE27094E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{84FA99B8-29B3-42FB-8845-D37333B441B8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{910A09A5-F758-4AF2-9CAD-25CD2914EDA2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A873AB3D-7ACF-4895-9DAC-C300DF32E9E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3418938-4E16-4181-828D-A3D6D8B23635}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B8966F18-F582-41A7-B3F4-A62D084CC4FF}" = lport=445 | protocol=6 | dir=in | app=system |
"{BACEE0F4-28F9-470D-86E2-E94059855474}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BCE73ED0-0D15-44AF-B5AC-8BB2A1F34101}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C95A638C-97F2-45F8-95ED-E0029D3E9984}" = lport=138 | protocol=17 | dir=in | app=system |
"{C9FB451B-6705-418F-8016-27AE43CA301B}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{D99B819D-08DA-46CE-B807-60F0920A3594}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DBC50CE6-8A81-49E7-97AA-3861A5CFCAF8}" = lport=137 | protocol=17 | dir=in | app=system |
"{DE505D50-FE3F-4DDC-ADDB-C678EDFB1096}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E1C560B0-A1DA-4113-A15C-BEC614EA8AF1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E25775EF-ED23-459F-BBE8-7F04481D4C40}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E6BABF2A-68B3-4009-BD74-1D4AA1DE4DAE}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F8FCDF9C-3A21-49F3-B70C-1CCB5A720821}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FBC6BC85-2CE3-4FE3-8668-D5B39ADBB75C}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016E9CB3-A641-415C-A921-E0762F3B0D60}" = protocol=6 | dir=in | app=d:\program files\titan quest\titan quest.exe |
"{072D3BF1-E85D-4F59-B104-F87E4D7A01C2}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{086984C8-E1EA-43AA-AE3E-7F94B55DEF6B}" = protocol=6 | dir=in | app=d:\program files\the battle for middle-earth\game.dat |
"{099D157A-DAE8-45AC-9A7B-8FB6BB04591A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{09EDBD62-AB63-49C6-9581-47EC8D4DDAEB}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0AC136F0-A678-49B8-83F4-3E0F4639246A}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{0DE4C820-5641-48CA-B77B-D8A0E9F11BC2}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{113B76A9-CF22-42A0-8FF3-C5016508DC99}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{126DE70E-0AF8-4E73-9D01-4FE4FBD8F2A4}" = protocol=17 | dir=in | app=d:\program files\the battle for middle-earth\game.dat |
"{13A2B1EC-7069-439B-8968-D358F3A71A22}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{1BCADE40-4037-4F48-8F2C-82B049E1DB5C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1E74B1B3-D39B-43AD-AC0B-12B82B89356D}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe |
"{1F7AA280-B3BA-4216-A873-91DBB90E9E2C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{227BD117-2047-4EC1-9101-7D05B145B4BF}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{247BDEFE-87A5-4EB1-9E35-FD5F7ABBD033}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2A737F99-AF0C-426A-8522-DAD30B88104C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2CCA56A3-DE05-42FF-994E-49F0CECB654C}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2FF9A7FC-5162-463B-91DC-11AC879C2EF8}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{30668B8F-1AD2-4263-8092-2F4E4C982A21}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{32344DE4-08AB-4A7F-84F9-0C93E265EC1C}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{3461E2F2-5805-4083-BFD9-6F66485511D2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{37130F08-F266-4FE3-A3B9-181951472217}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{39BD6D72-1D87-4AD4-9F9F-A578C2E65DF0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{3AC9D58F-E4CF-4F0A-AA50-E8EAA0732D53}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E7CB793-DEA2-4B6F-A6B3-4B716A76E6D4}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{3F909E56-BEC7-4268-B141-8588182A6A03}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{40DDF595-C519-43DF-82D1-ED8360B32A0D}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{43C4F46A-8A1A-4440-8C76-CA6AE0DCEE27}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{463D466F-62A7-4D6C-ABC0-47E49EBDAC5E}" = protocol=17 | dir=in | app=d:\program files\the battle for middle-earth\game.dat |
"{464B8011-47CC-4BE0-86AA-8B9017F2862C}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{47E2D1DB-AE9A-439B-8064-534583CCD9B5}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{4A77180F-8403-423E-89A5-3E3E2DBFEA06}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{4CC684F0-D1FB-4A23-8388-D37D102D48B4}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{4DCAF08E-BDEE-48D6-B02C-725E908FB3C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5330351C-3CFC-4F9A-8777-65E589528F42}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe |
"{5748E252-874B-4855-9E05-6BF71E937604}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{5A973B79-7D74-448B-B53E-57FCE871EFDB}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{5EA1D931-69FB-46B1-B8A8-9C985D4D04A0}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{624F87F4-FBA5-4C30-8CF5-5F4C15ADD2B1}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{62BB4054-9644-4CE8-A078-8A20E683A30A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6392A561-8D46-4D9D-A809-1E0948728F0C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6467E90B-A796-4FCA-8B03-8F4A16D685BF}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{64EDC8CA-E543-48A1-9F2A-8465306629A1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{666459D6-D737-49DC-B17A-08820F31E71D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{6757E2C5-60D3-4F29-ACE8-5AA6E76AB6B7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{68095BCF-B805-412E-9259-25C689C306EA}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{6AE04104-4B79-4D91-B809-60E574788E2A}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{6B6F8144-F03B-41FF-A83F-5E5F1982A7DA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{6B8B3794-7377-4BD2-951F-214118A22C67}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7121E473-8EB8-473E-9913-485693014947}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{74BB2C24-6EB8-4908-AF34-5370CDC5C592}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{75822706-1A84-4BDD-9D64-0266689ED542}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{75879549-19E0-46B3-969D-2F7D7D5F57B8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{767054E0-64B0-40C2-AA80-A9BFB4660E2F}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{76733328-EE2C-4A7B-A25E-88689C2CA4EF}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{77E4F59C-9155-45D6-B99B-290BF9BA160C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{785E3135-DB3C-4174-A2EA-DDB2E6C4D19B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{78D2EB0A-6821-4ACF-8BCA-BF6218368D93}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7A194379-03D4-46D7-81AD-6FFF026B55D7}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe |
"{7FDF825C-0CF6-40B1-8B7C-A2A63CC26FB9}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{83FD3B4F-6883-493F-8D69-2FEFAA0E0988}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{8BA2CD4B-7C44-4302-BB5F-554A6762BCD8}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{8C1CBAEB-A139-47AB-AF12-03019B968840}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{8C8EF279-BDE4-40CC-9371-4744CBADF00E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{97CA663A-4EFA-490E-BEA2-D83AB26C0E15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{997DE7A6-BEFF-43B7-AE9F-3E689F3E928E}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{9B06740F-F98B-4570-970C-A6EAFC6BF961}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9DCCB077-6E04-47B1-91C5-6891133B74F6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{9FB03401-F72A-4503-9F50-ABCC61DD52C8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A01D151E-DF5F-4AC5-8DF7-38347D087187}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{A372C9D2-AF92-41AF-9DCF-F28CD347717A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A4B2AB81-800A-4E77-8FAD-0C7A4D8712C6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AA8C3169-1A12-4649-B9DA-231E87104721}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AE8B46B6-D1FE-4192-BC1F-D10CF99BBF0A}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{AF27AA9A-1F57-4EF2-9342-67D791092A31}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{B25D6E6E-808D-4F8E-8AEA-2F15DC018E4B}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{B9C2FA22-1987-4A28-80A5-930BDF6B70D0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BAC5CA7A-D203-4E9F-9EBD-B2AF128A87E6}" = protocol=6 | dir=in | app=d:\program files\the battle for middle-earth\game.dat |
"{BE0244EA-2F81-4125-9762-C5830CA297CB}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{C27FA0DD-F9AC-4026-BB6B-A03B56B56556}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C557AD9F-978E-4F23-BF49-36C8FEBA506C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C97A796C-6B66-4D5C-996C-818877462D10}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{C9A53483-CDB6-4A8C-906E-AC69E11AD838}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{CC291AD9-E1A8-494F-8CA9-6BE8A4B88321}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{D392946B-8ADD-4FDC-BA0A-FA9CA61813C6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D47C21FC-72C3-4F50-B7BF-C44B1BDED6BE}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{D6AD1939-537D-4C86-97D1-103E7D3E21C4}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{D9A3EAE6-FF20-4E69-B30D-234F865D4F27}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DAB4BAF4-064D-4836-A369-7C95F5F7A5AF}" = protocol=6 | dir=out | app=system |
"{DD9471DE-F253-43D9-84B6-538B4E0E83B7}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{DDDD2D59-FDF1-4143-BF44-21A74796D570}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E30C28A5-C4D1-42E1-8650-8DB87198A496}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E6815255-0FCD-483A-9B5F-86AA91325FE1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E7FEA781-6253-44D0-8328-F6E96B0B4677}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{E9553FC6-48F9-46F9-90AD-BACFD04F3921}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E9CA1311-D3FF-43E6-BAF4-1133E9E59A0A}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{EA19D135-7B19-4449-813C-01DE013AACDF}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{EB6CCD01-B48F-44F7-966A-22EABC80CD89}" = protocol=17 | dir=in | app=d:\program files\titan quest\titan quest.exe |
"{ECE28D7F-44C0-4D99-A4C7-80AA49CD211C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F3130F89-6395-42F3-983D-AC5858C49C46}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{F36C0F97-239C-41E5-B03E-42EF12A8DCED}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{F3C27C84-44F7-4EFB-AC87-A863FA85C381}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F4ED9DEF-5B4C-4368-B927-C8C1A3FE3B5C}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{F7603015-BDB0-4AE4-9BD6-64094C1D9B14}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{FF3062C1-9FD3-4E50-8A02-A44C7ECBC569}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe |
"TCP Query User{0207560C-18A9-4789-8D07-322AA38F156B}C:\qip infium jadrispack\qip.exe" = protocol=6 | dir=in | app=c:\qip infium jadrispack\qip.exe |
"TCP Query User{088420EA-D057-4F37-B561-406AE595D848}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{0CF2209A-988A-4FF3-9FE4-2A9E3FF2FCE1}C:\program files\java\jre6\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |
"TCP Query User{1717687F-6D0D-41EB-91ED-28A25C91E553}D:\program files\killingfloor\system\killingfloor.exe" = protocol=6 | dir=in | app=d:\program files\killingfloor\system\killingfloor.exe |
"TCP Query User{318F95EC-11AA-496A-8398-71A330BBEE68}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{3922B65B-7EFF-4F33-9313-F3693EBBD9ED}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{4A1316C5-657E-4A7B-B385-A1837096D1F7}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{4EDFB533-E61B-4988-AD56-B3A424BCBE55}D:\program files\titan quest immortal throne\tqit.exe" = protocol=6 | dir=in | app=d:\program files\titan quest immortal throne\tqit.exe |
"TCP Query User{4F08F501-8C19-4413-ADB2-C51C65D1B453}C:\program files\java\jre6\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |
"TCP Query User{51528D87-701A-46AD-8546-32B7CC1766C2}J:\images\race.driver.grid.multi-5.full-rip.skullptura\grid\grid.exe" = protocol=6 | dir=in | app=j:\images\race.driver.grid.multi-5.full-rip.skullptura\grid\grid.exe |
"TCP Query User{5673EAA8-68A7-45C9-B012-9E18412F18AA}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{68DC145B-F2E2-4388-B4B4-4A087B2F46DF}D:\program files\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=d:\program files\left 4 dead 2\left 4 dead 2\left4dead2.exe |
"TCP Query User{6A4E0D81-36A8-4F90-8837-D2961D4F816A}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe |
"TCP Query User{726CF635-839D-411C-8824-0FD37304B4D2}D:\program files\killingfloor\system\killingfloor.exe" = protocol=6 | dir=in | app=d:\program files\killingfloor\system\killingfloor.exe |
"TCP Query User{77B81860-1409-435A-9DCB-9BC671FF4DE6}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"TCP Query User{9101917B-39A2-4013-B9CE-34E3B1E14088}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe |
"TCP Query User{9F8FFC00-787A-45FC-821D-F06A488CD0B3}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{A708C585-ACB7-4AA8-8266-3598DF88B803}D:\program files\world_of_tanks_closed_beta\wotlauncher.exe" = protocol=6 | dir=in | app=d:\program files\world_of_tanks_closed_beta\wotlauncher.exe |
"TCP Query User{A9418CCA-4370-4F0A-80E1-33E53E530CD7}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{B10D1C03-7E6A-4F3F-9872-C8B837E90B56}C:\qip infium jadrispack\qip.exe" = protocol=6 | dir=in | app=c:\qip infium jadrispack\qip.exe |
"TCP Query User{BAFC3EC7-CB63-4CEA-ADD1-898C952EE590}C:\program files\ibm\spss\statistics\19\stats.exe" = protocol=6 | dir=in | app=c:\program files\ibm\spss\statistics\19\stats.exe |
"TCP Query User{BCEA9AF6-026C-476D-A128-8A6C18D4185B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{D57B7CAF-9977-4B68-9DB5-C02062282065}D:\program files\world_of_tanks_closed_beta\worldoftanks.exe" = protocol=6 | dir=in | app=d:\program files\world_of_tanks_closed_beta\worldoftanks.exe |
"TCP Query User{D8DBD104-00F5-40D9-8353-8D1C1E8C9BA0}D:\program files\world_of_tanks_closed_beta\wotlauncher.exe" = protocol=6 | dir=in | app=d:\program files\world_of_tanks_closed_beta\wotlauncher.exe |
"TCP Query User{ECFD316D-D5AB-4DAD-8A06-168EE7F6835C}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{FBA8BECF-6483-40B1-A2AD-56407ECD563B}D:\program files\world_of_tanks_closed_beta\worldoftanks.exe" = protocol=6 | dir=in | app=d:\program files\world_of_tanks_closed_beta\worldoftanks.exe |
"UDP Query User{09225480-C4A1-4B4E-AB92-671641180F87}C:\program files\java\jre6\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |
"UDP Query User{0B4D7ABC-EF1C-4BA9-AB75-7F684FCE4435}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{10E96B6B-E687-4E91-95AA-6099D8859275}C:\program files\ibm\spss\statistics\19\stats.exe" = protocol=17 | dir=in | app=c:\program files\ibm\spss\statistics\19\stats.exe |
"UDP Query User{195E8A49-7D20-496B-98C8-8252254F7EE0}D:\program files\world_of_tanks_closed_beta\worldoftanks.exe" = protocol=17 | dir=in | app=d:\program files\world_of_tanks_closed_beta\worldoftanks.exe |
"UDP Query User{247B474A-D4AD-42A8-96C4-E2FD89B91A17}J:\images\race.driver.grid.multi-5.full-rip.skullptura\grid\grid.exe" = protocol=17 | dir=in | app=j:\images\race.driver.grid.multi-5.full-rip.skullptura\grid\grid.exe |
"UDP Query User{33CB92D1-7B8B-4E7F-A3E2-65252259FB6F}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{4224083B-C6A2-499D-B903-D09B8BB17BA6}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe |
"UDP Query User{48792C84-5641-4A3E-914D-EB04A6BBA34A}D:\program files\killingfloor\system\killingfloor.exe" = protocol=17 | dir=in | app=d:\program files\killingfloor\system\killingfloor.exe |
"UDP Query User{4C79F01C-01B7-4DAE-9740-E518CEA00F84}D:\program files\world_of_tanks_closed_beta\wotlauncher.exe" = protocol=17 | dir=in | app=d:\program files\world_of_tanks_closed_beta\wotlauncher.exe |
"UDP Query User{5A2270E9-F082-4518-A95D-A741F796AF36}D:\program files\world_of_tanks_closed_beta\worldoftanks.exe" = protocol=17 | dir=in | app=d:\program files\world_of_tanks_closed_beta\worldoftanks.exe |
"UDP Query User{5D823FE1-C0FB-411E-AA19-E0406DE01DE6}D:\program files\killingfloor\system\killingfloor.exe" = protocol=17 | dir=in | app=d:\program files\killingfloor\system\killingfloor.exe |
"UDP Query User{5E273BFA-062B-4CD0-8B4D-3C331B5D59EB}D:\program files\titan quest immortal throne\tqit.exe" = protocol=17 | dir=in | app=d:\program files\titan quest immortal throne\tqit.exe |
"UDP Query User{65115F36-0FDC-4811-82C5-856836B77B0A}D:\program files\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=d:\program files\left 4 dead 2\left 4 dead 2\left4dead2.exe |
"UDP Query User{7B20ED2D-FC0D-4AFC-8C7C-EF5514A7495A}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe |
"UDP Query User{7D207AC2-BC0B-43CA-B6C4-206A9A15FB07}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{8161EC02-4A1D-4015-83F7-1E0F4262BB74}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{817E2EC4-8420-46E0-B513-C3724C17410F}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{8307C9C3-2B6E-43A6-A616-A84A30F75602}D:\program files\world_of_tanks_closed_beta\wotlauncher.exe" = protocol=17 | dir=in | app=d:\program files\world_of_tanks_closed_beta\wotlauncher.exe |
"UDP Query User{8642A048-83D1-4E62-8313-726949262E90}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{979FC7B5-C06A-4D64-912B-2EC709E071F6}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{A4882903-84C7-462E-B660-61956A40167F}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{AAB74A3C-5148-4311-A67A-FACA629B786C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{D833AF69-DCCB-46DF-9F29-4F8C2E6D5DB1}C:\qip infium jadrispack\qip.exe" = protocol=17 | dir=in | app=c:\qip infium jadrispack\qip.exe |
"UDP Query User{E644AAA5-3DAA-4785-AE71-2BC421F4DBE5}C:\qip infium jadrispack\qip.exe" = protocol=17 | dir=in | app=c:\qip infium jadrispack\qip.exe |
"UDP Query User{E6C38FCF-BAF7-4E4C-9A4C-2A6766622E24}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{E709FBF0-D31B-4145-9BFB-CA954E5B6A4F}C:\program files\java\jre6\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}" = IBM SPSS Statistics 19
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FB871A9-C617-4415-BB5D-619A8D946115}" = Microsoft Antimalware Service SK-SK Language Pack
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{153C7D89-9CF4-4719-A551-C5BF45236DB5}" = redist
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1C42D474-BDBD-4200-829D-28246879365D}" = Active@ Hard Disk Monitor
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks closed Beta v.0.6.2.8
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2222706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 SDK
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{32A3A4F4-B792-11D6-A78A-00B0D0170040}" = Java SE Development Kit 7 Update 4
"{32A3A4F4-B792-11D6-A78A-00B0D0170050}" = Java SE Development Kit 7 Update 5
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{41E4FA4B-9376-4C32-AA46-65FCC0087CD5}" = Windows Live Remote Service Resources
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client SK-SK Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7177EE4E-3D1D-4F45-85B5-B93DC758BA0B}" = OLYMPUS Viewer 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72FD5FFF-965B-B45B-E104-442B19C91644}" = Multiplayer Battleship
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{865CD808-6D31-4269-9D36-693CFE75D26A}" = Express Gate
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-0000-0000000FF1CE}_Office14.PROPLUSR_{71431694-851E-4BC7-92A9-4BB9D196E24F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{93F2D01D-F7E6-46E5-9A7C-316262461F9F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{56405E5D-9583-4644-B183-AFB3E19D80B3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zariadení Windows Mobile
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{975F2150-DC2B-43F9-B41A-1C1046C68CD1}_is1" = Army Rage version 1.0.378
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A68C62E8-B243-4777-89BB-12173DFA1D45}" = OLYMPUS Digital Camera Updater
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 301.42
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D42F84B6-3709-4A50-8502-6719D16AE6C8}" = SRS Premium Sound Control Panel
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC5F786F-0733-46AC-8160-972A6906A872}" = WD SmartWare
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1629C45-9CEF-498E-83CD-D6A09CADA176}" = Windows Live Remote Client Resources
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{E5BA7FD7-45F0-4C12-9D2C-C522C332130C}" = Soluto
"{E6F012B0-E930-11E0-A67A-F04DA23A5C58}" = Vegas Pro 11.0
"{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder(TM) Mouse
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}" = inSSIDer
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"8-com.novelgames.multiplayerflashgames.battleship" = Multiplayer Battleship
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Afterburner" = MSI Afterburner 2.1.0
"Akamai" = Akamai NetSession Interface
"Android SDK Tools" = Android SDK Tools
"aTube Catcher" = aTube Catcher
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"AutoREALM_is1" = AutoREALM Version 2.2.1
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Civilization V 1.0.1.705" = Civilization V 1.0.1.705
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DesktopGoogleReader" = Desktop Google Reader
"DjVuLibre+DjView" = DjVuLibre+DjView
"DokanLibrary" = Dokan Library 0.6.0
"E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"GMouse" = GIGABYTE FORCE Driver
"Hamachi" = Hamachi 1.0.1.5
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib
"Killing Floor_is1" = Killing Floor
"Lexicon 4.0" = Lingea Lexicon 2002
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mobility Manager" = Mobility Manager
"Mouse Tachometer" = Mouse Tachometer
"Mozilla Firefox 21.0 (x86 sk)" = Mozilla Firefox 21.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"nbi-glassfish-mod-3.1.2.23.2" = GlassFish Server Open Source Edition 3.1.2.2
"nbi-nb-base-7.2.0.0.201207171143" = NetBeans IDE 7.2
"nbi-tomcat-7.0.27.0.0" = Apache Tomcat 7.0.27
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"PSPad editor_is1" = PSPad editor
"Q2l0aWVzIGluIE1vdGlvbiAyIChjKSBQYXJhZG94IEludGVyYWN0aXZl_is1" = Cities in Motion 2 (c) Paradox Interactive version 1
"Rainmeter" = Rainmeter
"RocketDock_is1" = RocketDock 1.3.5
"ScreenshotCaptor_is1" = Screenshot Captor 2.95.01
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Unlocker" = Unlocker 1.9.0
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archivátor
"Worms Reloaded_is1" = Worms Reloaded
"Xvid Video Codec 1.3.2" = Xvid Video Codec

[Kobra.svk]

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7. 5. 2013 17:49:44 | Computer Name = Kobra | Source = ESENT | ID = 455
Description = Windows (1124) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS021D4.log.

Error - 7. 5. 2013 17:49:44 | Computer Name = Kobra | Source = Windows Search Service | ID = 9000
Description =

Error - 7. 5. 2013 17:49:44 | Computer Name = Kobra | Source = Windows Search Service | ID = 7040
Description =

Error - 7. 5. 2013 17:49:44 | Computer Name = Kobra | Source = Windows Search Service | ID = 7042
Description =

Error - 7. 5. 2013 17:49:44 | Computer Name = Kobra | Source = Windows Search Service | ID = 9002
Description =

Error - 7. 5. 2013 17:49:44 | Computer Name = Kobra | Source = Windows Search Service | ID = 3029
Description =

Error - 7. 5. 2013 17:49:51 | Computer Name = Kobra | Source = Windows Search Service | ID = 3029
Description =

Error - 7. 5. 2013 17:49:52 | Computer Name = Kobra | Source = Windows Search Service | ID = 3028
Description =

Error - 7. 5. 2013 17:49:52 | Computer Name = Kobra | Source = Windows Search Service | ID = 3058
Description =

Error - 7. 5. 2013 17:49:52 | Computer Name = Kobra | Source = Windows Search Service | ID = 7010
Description =

[ Media Center Events ]
Error - 25. 12. 2010 10:31:17 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 15:31:16 - Chyba pripájania na Internet. 15:31:16 - Nebolo možné
spojiť sa so serverom..

Error - 25. 12. 2010 11:31:22 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 16:31:22 - Chyba pripájania na Internet. 16:31:22 - Nebolo možné
spojiť sa so serverom..

Error - 25. 12. 2010 11:31:28 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 16:31:27 - Chyba pripájania na Internet. 16:31:27 - Nebolo možné
spojiť sa so serverom..

Error - 25. 12. 2010 12:31:33 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 17:31:33 - Chyba pripájania na Internet. 17:31:33 - Nebolo možné
spojiť sa so serverom..

Error - 25. 12. 2010 12:31:39 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 17:31:38 - Chyba pripájania na Internet. 17:31:38 - Nebolo možné
spojiť sa so serverom..

Error - 5. 1. 2011 22:19:30 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 3:19:27 - Chyba pripájania na Internet. 3:19:27 - Nebolo možné
spojiť sa so serverom..

Error - 3. 4. 2011 14:12:00 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 20:12:00 - Chyba pripájania na Internet. 20:12:00 - Nebolo možné
spojiť sa so serverom..

Error - 3. 4. 2011 14:12:09 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 20:12:05 - Chyba pripájania na Internet. 20:12:05 - Nebolo možné
spojiť sa so serverom..

Error - 16. 4. 2011 14:41:54 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 20:41:54 - Nepodarilo sa načítať položku Directory (chyba: Unable
to connect to the remote server)

Error - 16. 4. 2011 14:42:03 | Computer Name = Kobra-PC | Source = MCUpdate | ID = 0
Description = 20:41:59 - Chyba pripájania na Internet. 20:41:59 - Nebolo možné
spojiť sa so serverom..

[ System Events ]
Error - 7. 5. 2013 10:49:49 | Computer Name = Kobra | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NPVR Recording Service zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 7. 5. 2013 10:49:52 | Computer Name = Kobra | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Soluto Launcher Service zlyhalo kvôli nasledujúcej
chybe: %%5

Error - 7. 5. 2013 17:30:54 | Computer Name = Kobra | Source = EventLog | ID = 6008
Description = The previous system shutdown at 23:28:55 on ?7. ?5. ?2013 was unexpected.

Error - 7. 5. 2013 17:30:57 | Computer Name = KOBRA | Source = BugCheck | ID = 1001
Description =

Error - 7. 5. 2013 17:31:16 | Computer Name = Kobra | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NPVR Recording Service zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 7. 5. 2013 17:31:20 | Computer Name = Kobra | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Soluto Launcher Service zlyhalo kvôli nasledujúcej
chybe: %%5

Error - 7. 5. 2013 17:48:54 | Computer Name = Kobra | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NPVR Recording Service zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 7. 5. 2013 17:49:01 | Computer Name = Kobra | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Soluto Launcher Service zlyhalo kvôli nasledujúcej
chybe: %%5

Error - 7. 5. 2013 17:49:52 | Computer Name = Kobra | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search bola ukončená s chybou služby %%-1073473535.

Error - 7. 5. 2013 17:49:52 | Computer Name = Kobra | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (NPVR Recording Service) -- C:\Program Files\NPVR\NRecord.exe File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (ndisahMP) -- system32\DRIVERS\ndisah.sys File not found
DRV - (EIO) -- system32\DRIVERS\EIO.sys File not found
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (CV2K1) -- system32\DRIVERS\cv2k1.sys File not found
DRV - (aswMBR) -- C:\Users\Miroslav\AppData\Local\Temp\aswMBR.sys File not found
DRV - (ASUSProcObsrv) -- E:\I386\AsProcOb.sys File not found
DRV - (apmkcep2) -- File not found
DRV - (ALSysIO) -- C:\Users\Miroslav\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (akkajvs9) -- File not found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
[2010/11/06 17:20:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\Extensions
[2010/11/06 17:20:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013/04/02 17:58:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\Firefox\Profiles\n0wmyrw4.default\extensions
[2013/04/02 17:58:51 | 000,392,806 | ---- | M] () (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\n0wmyrw4.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
[2012/09/12 12:46:23 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\n0wmyrw4.default\extensions\testpilot@labs.mozilla.com.xpi
[2013/04/25 23:14:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/03 01:38:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\distribution\extensions
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
[2013/05/07 19:34:11 | 000,619,146 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/07 19:34:11 | 000,107,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:39413AC3

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\TDSSKiller_Quarantine
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[12 C:\Users\Miroslav\Desktop\*.tmp files -> C:\Users\Miroslav\Desktop\*.tmp -> ]
C:\Windows\MusiccityDownload.exe
C:\Windows\System32\cis-2.4.dll
C:\Windows\System32\issacapi_bs-2.3.dll
C:\Windows\System32\issacapi_pe-2.3.dll
C:\Windows\System32\issacapi_se-2.3.dll

:Reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\System32\poclbm120327GeForce GT 240Mv1w256l4.bin
C:\Windows\System32\GkSui18.EXE
C:\Windows\LANGMAKE.INI
C:\ProgramData\zncjglaq.cjr

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

[Kobra.svk]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service NPVR Recording Service stopped successfully!
Service NPVR Recording Service deleted successfully!
File C:\Program Files\NPVR\NRecord.exe File not found not found.
Service VGPU stopped successfully!
Service VGPU deleted successfully!
File System32\drivers\rdvgkmd.sys File not found not found.
Service tsusbhub stopped successfully!
Service tsusbhub deleted successfully!
File system32\drivers\tsusbhub.sys File not found not found.
Service Synth3dVsc stopped successfully!
Service Synth3dVsc deleted successfully!
File System32\drivers\synth3dvsc.sys File not found not found.
Service ndisahMP stopped successfully!
Service ndisahMP deleted successfully!
File system32\DRIVERS\ndisah.sys File not found not found.
Service EIO stopped successfully!
Service EIO deleted successfully!
File system32\DRIVERS\EIO.sys File not found not found.
Service EagleXNt stopped successfully!
Service EagleXNt deleted successfully!
File C:\Windows\system32\drivers\EagleXNt.sys File not found not found.
Service CV2K1 stopped successfully!
Service CV2K1 deleted successfully!
File system32\DRIVERS\cv2k1.sys File not found not found.
Error: No service named aswMBR was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswMBR deleted successfully.
File C:\Users\Miroslav\AppData\Local\Temp\aswMBR.sys File not found not found.
Service ASUSProcObsrv stopped successfully!
Service ASUSProcObsrv deleted successfully!
File E:\I386\AsProcOb.sys File not found not found.
Error: No service named apmkcep2 was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\apmkcep2 deleted successfully.
File File not found not found.
Service ALSysIO stopped successfully!
Service ALSysIO deleted successfully!
File C:\Users\Miroslav\AppData\Local\Temp\ALSysIO.sys File not found not found.
Error: No service named akkajvs9 was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\akkajvs9 deleted successfully.
File File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 removed from extensions.enabledAddons
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Users\Miroslav\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\mozilla\Extensions folder moved successfully.
Folder C:\Users\Miroslav\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Users\Miroslav\AppData\Roaming\mozilla\Firefox\Profiles\n0wmyrw4.default\extensions folder moved successfully.
File C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\n0wmyrw4.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi not found.
File C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\n0wmyrw4.default\extensions\testpilot@labs.mozilla.com.xpi not found.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\distribution\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
ADS C:\ProgramData\Temp:39413AC3 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\8A809006C25A4A3A9DAB94659BCDB107.TMP folder moved successfully.
C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder moved successfully.
C:\WINDOWS\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\TDSSKiller_Quarantine\04.05.2013_16.30.54\susp0000\svc0000 folder moved successfully.
C:\TDSSKiller_Quarantine\04.05.2013_16.30.54\susp0000 folder moved successfully.
C:\TDSSKiller_Quarantine\04.05.2013_16.30.54 folder moved successfully.
C:\TDSSKiller_Quarantine folder moved successfully.
File\Folder [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] not found.
File\Folder [12 C:\Users\Miroslav\Desktop\*.tmp files -> C:\Users\Miroslav\Desktop\*.tmp -> ] not found.
C:\Windows\MusiccityDownload.exe moved successfully.
C:\Windows\System32\cis-2.4.dll moved successfully.
C:\Windows\System32\issacapi_bs-2.3.dll moved successfully.
C:\Windows\System32\issacapi_pe-2.3.dll moved successfully.
C:\Windows\System32\issacapi_se-2.3.dll moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\MyFreeCodec not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 57616 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Miroslav
->Temp folder emptied: 40192428 bytes
->Temporary Internet Files folder emptied: 144203 bytes
->Java cache emptied: 25531354 bytes
->FireFox cache emptied: 271302372 bytes
->Flash cache emptied: 58308 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Wiki
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 24778901 bytes
->Flash cache emptied: 57144 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37000 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 345,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05082013_163638

Files\Folders moved on Reboot...
File\Folder C:\Users\Miroslav\AppData\Local\Temp\OICE_C87DD7F0-4CA2-4836-8D6D-B963D59179E2.0\A03E78F8. not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Kobra.svk]

https://www.virustotal.com/sk/file/2ea7 ... 368024824/

https://www.virustotal.com/sk/file/a4ad ... 368026302/

https://www.virustotal.com/sk/file/84c1 ... 368026373/

https://www.virustotal.com/sk/file/3d08 ... 368026428/

[jaro3]

Ještě smažeme dva soubory , i když virus total neukazuje nákazu.

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

:Files
C:\Windows\System32\GkSui18.EXE
C:\ProgramData\zncjglaq.cjr

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[Kobra.svk]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
========== FILES ==========
C:\Windows\System32\GkSui18.EXE moved successfully.
C:\ProgramData\zncjglaq.cjr moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Miroslav
->Temp folder emptied: 348035 bytes
->Temporary Internet Files folder emptied: 504605 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 299910026 bytes
->Flash cache emptied: 1678 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Wiki
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 23250 bytes
RecycleBin emptied: 180942 bytes

Total Files Cleaned = 287,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05092013_115933

Files\Folders moved on Reboot...
File\Folder C:\Users\Miroslav\AppData\Local\Temp\OICE_C87DD7F0-4CA2-4836-8D6D-B963D59179E2.0\A03E78F8. not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...




Ak tu uz nic nie je, je mozne ze to divne spravanie klavesnice ma na svedomi voda? Ak ano, preco sa to objavi len niekedy a len pri istych aplikaciach? Tuto hypotezu otestujem cez vikend s externou klavesnicou (toto je ntbook) a dam vediet.... ale je to celkom zvlastne... v kazdom pripadnikovy dakujem za cas a ochotu =)

[jaro3]

Nemáš zač!

Spusť OTL a klikni na Vyčisti.

Voda může způsobit nenapravitelné škody. Jak zjistíš , že se Ti tam dostala voda , nezapínej NB! Pokud neumíš rozebrat a vysušit , dej raději do servisu.

Pokud nejsou jiné problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.