Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

BSOD

V tomto fóru se řeší problematika modré smrti - BSOD

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
seweone
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 25 srp 2012 16:24

BSOD

#1 Příspěvek od seweone »

Ahoj prosím o radu dneska mi 3x sám od sebe PC spadl tedy lépe řečeno objevila se BSOD. Při startu systému mi to ukázalo okno s informacemi které přikládám: Podpis problému:
Název události problému: BlueScreen
Verze operačního systému: 6.1.7601.2.1.0.768.3
ID národního prostředí: 1029

Další informace o problému:
BCCode: c000021a
BCP1: FFFFF8A001F46C00
BCP2: 0000000000000000
BCP3: FFFFFFFFC0000001
BCP4: 0000000000100590
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Soubory, které popisují problém:
C:\Windows\Minidump\111512-52806-01.dmp
C:\Users\petra\AppData\Local\Temp\WER-117655-0.sysdata.xml

Přečtěte si prohlášení o zásadách ochrany osobních údajů online:
http://go.microsoft.com/fwlink/?linkid= ... cid=0x0405

Pokud není k dispozici Prohlášení o zásadách ochrany osobních údajů online, přečtěte si toto prohlášení offline:
C:\Windows\system32\cs-CZ\erofflps.txt
mohly byste mi prosím pomoc díky
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15686
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: BSOD

#2 Příspěvek od JaRon »

ahoj,
uloz tento suboer na nejaky server a vloz nan link >> C:\Windows\Minidump\111512-52806-01.dmp
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
seweone
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 25 srp 2012 16:24

Re: BSOD

#3 Příspěvek od seweone »

tak tady je ten link http://leteckaposta.cz/722123588
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15686
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: BSOD

#4 Příspěvek od JaRon »

konkretna hlaska je dost vseobecna, ak budu problemy pokracovat spakuj vsetky subory
v C:\Windows\Minidump, uloz na server a vloz link
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
seweone
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 25 srp 2012 16:24

Re: BSOD

#5 Příspěvek od seweone »

tak dneska ráno zase posílám link http://leteckaposta.cz/568832388
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15686
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: BSOD

#6 Příspěvek od JaRon »

pravdepodobne sa na to mrkne kolega, ktoremu su BSOD blizsie :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
MiliNess
Přítel fóra
Přítel fóra
Příspěvky: 4144
Registrován: 15 říj 2009 18:15
Bydliště: Cheb

Re: BSOD

#7 Příspěvek od MiliNess »

V obou případech došlo k selhání, pro běh Windows životně důležitých procesů. Poprvé to byla služba winlogon zodpovědná za inteaktivní přihlašování a odhlašování uživatelů, podruhé wininit.exe, který vytváří relaci 0. Došlo k ukončení tohoto procesu kvůli vyjímce vzniklé narušením ochrany přístupu do paměti.
Nejedná se tedy pravděpodobně o chybu v jádře, ale v uživatelském režimu, minidump moc nepomůže. Může to ale způsobovat nějaký malware.
1) Stává se to pouze občas při přihlašování?
2) Nezačalo se to projevovat po instalaci nějakého softwaru?
3) Stáhni CrystalDiskInfo, v nabídce Úpravy zvol Kopírovat a obsah schránky sem vlož pomocí Ctrl+V.
4) V Ovládací panely->Nástroje pro správu->Prohlížeč událostí->Protokoly systému Windows->klikni pravým myšítkem na protokoly Systém a Aplikace, vyber Uložit všechny události jako, ulož to jako .evtx soubory a ty upni na http://www.leteckaposta.cz
5) Pro sichr spusť test paměti pomocí GoldMemory nebo Memtestu
6) Stáhni toto, spusť to, povol přidání informací do registru. Po dalším BSOD se mrkni, zda se nevytvořila složka c:\CrashDumpsApp a v ní nějaký soubor. Pokud tam bude, upni ho.

Někdo z kolegů ještě mrkne po malwaru.
Pokud jste s naší pomocí spokojeni, můžete nás podpořit. Informace zde
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: BSOD

#8 Příspěvek od motji »

Ahoj, mrkneme po breberkách :)

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
seweone
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 25 srp 2012 16:24

Re: BSOD

#9 Příspěvek od seweone »

OTL logfile created on: 16.11.2012 21:00:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\petra\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,69% Memory free
8,00 Gb Paging File | 6,21 Gb Available in Paging File | 77,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 54,60 Gb Free Space | 46,89% Space Free | Partition Type: NTFS
Drive D: | 334,67 Gb Total Space | 333,27 Gb Free Space | 99,58% Space Free | Partition Type: NTFS

Computer Name: PETRA-PC | User Name: petra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.11.16 20:59:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\petra\Downloads\OTL.exe
PRC - [2012.11.11 16:29:09 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
PRC - [2012.11.08 13:55:00 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.11.08 13:55:00 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012.11.06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012.11.02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.10.09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\petra\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.03.13 05:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009.12.25 09:53:17 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009.09.25 18:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.09.24 22:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.08.17 18:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009.05.19 00:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.04.20 20:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008.07.19 04:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008.03.31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012.11.11 16:29:08 | 014,586,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2012.11.08 13:55:00 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012.11.08 13:55:00 | 000,566,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012.11.08 13:55:00 | 000,134,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
MOD - [2012.03.13 05:36:53 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2009.09.24 22:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2008.08.28 01:32:36 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008.06.09 18:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2007.06.15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Services (SafeList) ==========

SRV:64bit: - [2009.10.02 04:38:17 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.09.17 20:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2012.11.11 16:29:09 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.08 13:55:00 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.11.02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.09.19 11:51:48 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.05.08 20:30:00 | 004,100,400 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.26 18:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- D:\Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008.03.31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.11.08 13:55:00 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012.10.15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.10.05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012.10.02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.09.21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.09.21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012.09.14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.09.04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.28 08:15:40 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.28 08:06:17 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.06.27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009.12.25 09:52:14 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009.10.02 05:11:13 | 006,182,400 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.09.24 12:38:48 | 000,027,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:64bit: - [2009.09.24 04:40:14 | 000,023,304 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2009.08.26 10:16:52 | 000,030,344 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2009.08.21 07:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.07.20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.17 07:00:11 | 000,068,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.17 07:00:11 | 000,029,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 09:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.06.18 21:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009.06.12 12:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 12:53:42 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.05.20 17:11:05 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.05.13 02:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009.05.05 15:00:27 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.12.08 16:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007.07.24 20:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:64bit: - [2007.04.24 11:33:14 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125bus.sys -- (s125bus)
DRV:64bit: - [2007.04.23 15:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt)
DRV:64bit: - [2007.04.23 15:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2007.04.23 15:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007.04.23 15:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007.04.23 15:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus)
DRV - [2012.09.19 10:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.p ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/en/index.php?rvs=google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=bfus&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKLM\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{696C667F-A278-44D1-9CF2-AF62745E8571}: "URL" = http://downloads.phpnuke.org/en/index.p ... earchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2612669


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.p ... earchTerms}
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://ala.asksearch.com/?cfg=2-208-0-0 [binary data]
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home2.zbani.com/
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=bfus&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... 65365D27C4
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{696C667F-A278-44D1-9CF2-AF62745E8571}: "URL" = http://downloads.phpnuke.org/en/index.p ... earchTerms}
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7SUNC_cs
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{6CF82D0E-88AD-6205-BC69-EBB0A35C4A0C}: "URL" = http://ala.asksearch.com/s/?q={searchTe ... =2-208-0-0
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://www.google.com/search?q={searchT ... 1I7SUNC_cs
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={77A ... 2012-02-05 14:06:20&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{E2503233-49B8-4CA2-8626-6B7F9EDD5F49}: "URL" = http://websearch.ask.com/redirect?clien ... ACD3379510
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "data:text/plain,browser.startup.homepage=http://www.seznam.cz/firefox/"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: plugin@starstable.com:1.0.0.2
FF - prefs.js..extensions.enabledAddons: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.6
FF - prefs.js..extensions.enabledAddons: avg@toolbar:13.2.0.5
FF - prefs.js..keyword.URL: "https://isearch.avg.com/search?cid=%7B3 ... &sap=ku&q="
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1:9421,<local>??????????????????????,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localho,t,127.0.0.1,localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012.11.08 13:55:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.10 07:31:17 | 000,000,000 | ---D | M]

[2012.04.13 14:42:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petra\AppData\Roaming\Mozilla\Extensions
[2012.03.26 09:49:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\extensions
[2012.03.26 09:49:07 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012.03.26 09:49:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012.11.11 16:35:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\p3npbjwz.default\extensions
[2012.08.27 23:24:45 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\p3npbjwz.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.07.23 09:11:34 | 000,000,000 | ---D | M] ("Star Stable Online") -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\p3npbjwz.default\extensions\plugin@starstable.com
[2012.10.25 11:49:40 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\p3npbjwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.08.31 07:02:52 | 000,002,324 | ---- | M] () -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\p3npbjwz.default\searchplugins\askcom.xml
[2012.06.06 19:07:22 | 000,003,847 | ---- | M] () -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\p3npbjwz.default\searchplugins\avg-secure-search.xml
[2012.09.04 07:40:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.05.10 07:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2012.05.10 07:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.11.08 13:55:17 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\13.2.0.5
[2012.03.13 05:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

========== Chrome ==========

CHR - Extension: No name found = C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: No name found = C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nacankmfmpcdncjfbnmmogbakklibnol\0.4_0\
CHR - Extension: No name found = C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [GrooveMonitor] D:\Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1426612385-867190673-3753105659-1000..\Run: [Akamai NetSession Interface] C:\Users\petra\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16
O7 - HKU\S-1-5-21-1426612385-867190673-3753105659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07CDB49F-E1A6-4639-81B6-BDBD81ECE93B}: DhcpNameServer = 213.46.172.36 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\alu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\offdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\alu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\offdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3c766d78-fa4b-11e0-8c1f-e0cb4e5be295}\Shell - "" = AutoRun
O33 - MountPoints2\{3c766d78-fa4b-11e0-8c1f-e0cb4e5be295}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{3ea7e1f3-1990-11e1-ba80-e0cb4e5be295}\Shell - "" = AutoRun
O33 - MountPoints2\{3ea7e1f3-1990-11e1-ba80-e0cb4e5be295}\Shell\AutoRun\command - "" = F:\setup.EXE
O33 - MountPoints2\{f1fc753a-e771-11e1-bdad-e0cb4e5be295}\Shell - "" = AutoRun
O33 - MountPoints2\{f1fc753a-e771-11e1-bdad-e0cb4e5be295}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: vidc.xvid - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.11.16 12:39:30 | 000,000,000 | ---D | C] -- C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.11.16 12:39:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.11.16 12:39:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012.11.16 12:34:12 | 000,000,000 | ---D | C] -- C:\Users\petra\Desktop\fka
[2012.11.16 01:26:44 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.16 01:26:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.16 01:17:40 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.16 01:17:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.16 01:17:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.16 01:17:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.16 01:17:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.16 01:17:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.16 01:17:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.16 01:17:38 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.16 01:17:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.16 01:17:37 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.16 01:17:37 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.16 01:17:37 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.16 01:17:35 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.16 01:17:35 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.16 01:17:35 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.16 01:13:26 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.16 01:13:26 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.16 01:13:26 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.16 01:13:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.15 21:56:21 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.15 21:56:21 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.15 08:44:13 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.15 08:44:13 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.15 08:44:13 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.15 08:44:05 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.15 08:44:05 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.15 08:44:04 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.15 08:44:04 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.15 08:44:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.15 08:44:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.08 20:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.11.07 22:47:51 | 000,000,000 | ---D | C] -- C:\Users\petra\AppData\Local\MPlayer
[2012.11.07 22:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
[2012.11.07 22:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PMS
[2012.11.07 22:33:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PS3 Media Server
[2012.11.07 20:43:08 | 000,000,000 | ---D | C] -- C:\Users\petra\Desktop\TETRIS
[2012.11.06 21:09:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012.11.06 21:09:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012.11.06 21:09:19 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012.11.06 21:09:17 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012.11.06 21:09:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012.11.06 21:09:14 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2012.11.06 21:09:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012.11.06 21:09:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012.11.06 21:09:14 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012.11.06 21:09:14 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012.11.06 21:09:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2012.11.06 21:09:13 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012.11.06 21:09:13 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012.11.06 21:09:13 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012.11.06 21:09:13 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012.11.06 21:09:13 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012.11.06 21:09:13 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012.11.06 21:09:13 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2012.11.06 21:09:13 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012.11.06 21:09:13 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2012.11.06 21:09:12 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.11.06 21:09:12 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012.11.06 21:09:11 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012.11.06 21:09:10 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012.11.06 21:06:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.11.06 21:06:35 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.11.06 21:06:03 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.11.06 21:06:03 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.11.05 14:36:40 | 000,000,000 | ---D | C] -- C:\Users\petra\AppData\Roaming\AVG2013
[2012.11.05 14:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012.11.05 14:15:21 | 000,000,000 | ---D | C] -- C:\Users\petra\AppData\Local\MFAData
[2012.11.05 14:15:21 | 000,000,000 | ---D | C] -- C:\Users\petra\AppData\Local\Avg2013
[2012.11.03 00:34:10 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.11.03 00:34:07 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.11.03 00:34:07 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.11.03 00:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2012.11.03 00:33:45 | 000,000,000 | ---D | C] -- C:\Users\petra\AppData\Roaming\TuneUp Software
[2012.11.03 00:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2012.11.03 00:33:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.11.03 00:32:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.11.01 20:20:18 | 000,000,000 | R-SD | C] -- C:\Users\petra\Documents\My Stationery
[2012.10.29 11:11:55 | 000,000,000 | ---D | C] -- C:\Users\petra\AppData\Roaming\dvdcss
[2012.10.26 12:24:44 | 000,000,000 | ---D | C] -- C:\Users\petra\Desktop\Kytice
[2012.10.25 08:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
[2012.10.25 08:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2012.10.25 08:34:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2012.10.22 15:47:17 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.10.22 15:47:17 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.10.22 15:47:17 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.10.22 13:02:44 | 000,154,464 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2012.10.21 00:00:32 | 000,000,000 | ---D | C] -- C:\Users\petra\AppData\Roaming\Zbani Games
[2008.08.12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2012.11.16 21:03:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.11.16 20:33:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.16 18:09:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.16 14:41:49 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012.11.16 13:44:23 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 13:44:23 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 13:37:00 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.11.16 12:39:31 | 000,001,009 | ---- | M] () -- C:\Users\petra\Desktop\SpeedFan.lnk
[2012.11.16 12:39:29 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.11.16 12:07:25 | 337,484,438 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.11.16 08:54:11 | 001,618,966 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.16 08:54:11 | 000,673,904 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.11.16 08:54:11 | 000,659,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.16 08:54:11 | 000,143,624 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.11.16 08:54:11 | 000,124,134 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.16 08:43:42 | 004,973,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.12 11:49:34 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk
[2012.11.11 16:29:08 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.11 16:29:08 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.09 07:17:40 | 000,001,945 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.11.08 20:09:33 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.11.08 13:55:00 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012.11.07 22:18:41 | 000,004,608 | ---- | M] () -- C:\Users\petra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.05 14:39:26 | 000,002,674 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.11.03 00:34:03 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2012.11.03 00:34:03 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2012.10.21 00:00:35 | 000,001,833 | ---- | M] () -- C:\Users\petra\Desktop\Zbani.lnk

========== Files Created - No Company Name ==========

[2012.11.16 21:03:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.11.16 12:39:31 | 000,001,009 | ---- | C] () -- C:\Users\petra\Desktop\SpeedFan.lnk
[2012.11.16 12:39:29 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.11.16 01:26:50 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.16 01:13:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.15 13:23:50 | 337,484,438 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.11.15 13:19:55 | 004,973,184 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.12 11:49:34 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk
[2012.11.05 14:22:57 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.11.03 00:34:03 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2012.11.03 00:34:03 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.11.03 00:34:00 | 000,002,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2012.10.21 00:00:35 | 000,001,833 | ---- | C] () -- C:\Users\petra\Desktop\Zbani.lnk
[2012.08.16 17:27:24 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012.08.16 17:27:24 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012.06.06 07:08:33 | 000,000,056 | ---- | C] () -- C:\Windows\crywmvtoavi.ini
[2012.06.06 06:42:54 | 000,000,005 | ---- | C] () -- C:\Windows\SysWow64\SySwmvtoavi.dat
[2012.05.04 23:19:50 | 000,000,758 | ---- | C] () -- C:\Users\petra\.recently-used.xbel
[2012.02.26 19:13:23 | 000,004,608 | ---- | C] () -- C:\Users\petra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.14 23:48:49 | 000,000,030 | ---- | C] () -- C:\Windows\avp.ini
[2011.10.13 08:25:45 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.26 22:38:58 | 000,005,084 | ---- | C] () -- C:\ProgramData\gtxhlulu.rrk
[2011.09.15 05:55:02 | 000,000,000 | ---- | C] () -- C:\Users\petra\AppData\Local\{79D35ABC-DB2C-4A45-BFE6-92D0AB707E87}
[2011.06.26 19:46:58 | 000,007,607 | ---- | C] () -- C:\Users\petra\AppData\Local\Resmon.ResmonCfg
[2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011.05.10 05:39:01 | 000,000,000 | ---- | C] () -- C:\Users\petra\AppData\Local\{7A9F416A-E27C-4A24-8DBC-82F1A29048BA}
[2011.05.08 06:51:13 | 000,000,000 | ---- | C] () -- C:\Users\petra\AppData\Local\{3782F85F-7BEF-4FC8-9DC1-545472210135}
[2011.04.27 12:16:54 | 000,000,000 | ---- | C] () -- C:\Users\petra\AppData\Local\{26A9F5E8-BF6C-4799-9FFB-44176F460AF1}
[2011.02.22 20:39:04 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.02.22 20:37:30 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.11.24 16:53:41 | 001,577,690 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.08.30 19:09:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.25 09:33:34 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.04.08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.11.08 20:09:32 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012.11.08 20:09:32 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2010.08.14 13:57:55 | 000,000,000 | -HSD | M] -- C:\Users\petra\AppData\Roaming\.#
[2012.06.10 10:00:46 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\aliasworlds
[2010.10.26 19:34:51 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Artogon
[2012.10.26 06:47:14 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Asus WebStorage
[2012.10.25 08:35:22 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\AVG
[2012.11.05 14:36:40 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\AVG2013
[2011.11.06 11:18:59 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Babylon
[2012.08.24 22:07:51 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\DAEMON Tools Lite
[2011.04.27 07:38:37 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\EeeStorageUploader
[2012.10.12 21:16:12 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Friday's games
[2011.09.26 07:27:37 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\GiftBoxPlus
[2012.05.04 12:14:44 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\inkscape
[2010.11.01 12:05:33 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Leadertech
[2012.06.22 19:58:32 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Meridian93
[2012.05.18 21:05:04 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Oberon Media
[2012.01.29 23:07:12 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\PC Suite
[2010.12.19 12:07:39 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\ProtectDISC
[2012.01.11 12:32:20 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\runic games
[2012.08.24 21:41:18 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Samsung
[2010.08.26 21:34:40 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\SecretIslandEng
[2011.04.04 09:18:34 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\SoftGrid Client
[2010.11.24 16:55:57 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\TP
[2012.11.05 14:22:56 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\TuneUp Software
[2011.11.21 00:06:46 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Tunngle
[2011.08.08 19:50:17 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Unity
[2012.11.15 12:56:26 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\uTorrent
[2010.12.12 17:01:50 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Vivox
[2012.09.27 23:21:08 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\WeatherLord
[2012.07.15 21:44:02 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\WildTangent
[2012.02.29 21:24:31 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Yandex
[2012.10.21 00:00:34 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Zbani Games
[2011.08.27 00:11:53 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Zoner
Nahoru
seweone
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 25 srp 2012 16:24

Re: BSOD

#10 Příspěvek od seweone »

========== Purity Check ==========



========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Akamai NetSession Interface" = "C:\Users\petra\AppData\Local\Akamai\netsession_win.exe" -- [2012.10.09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Disabled (Startup Manager)]
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"KPeerNexonEU" = C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,576 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.04.13 14:49:20 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.07.14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009.07.14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys

< MD5 for: HAL.DLL >
[2010.12.15 18:53:58 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Program Files (x86)\Debugging Tools for Windows (x86)\sym\hal.dll\4CE7C66949000\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.08.24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.12.15 17:53:06 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Program Files (x86)\Debugging Tools for Windows (x86)\sym\ndis.sys\4CE79392f3000\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NTFS.SYS >
[2010.11.20 14:33:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2011.03.11 07:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011.03.15 21:41:52 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Program Files (x86)\Debugging Tools for Windows (x86)\sym\Ntfs.sys\4D79997B1a3000\Ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
[2012.08.31 18:57:17 | 001,687,408 | ---- | M] (Microsoft Corporation) MD5=B2746D84DDF68D09B41B72DF745CCBA6 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22104_none_052b7b9d4ca0cf8b\ntfs.sys
[2012.08.31 19:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) MD5=E453ACF4E7D44E5530B5D5F2B9CA8563 -- C:\Windows\SysNative\drivers\ntfs.sys
[2012.08.31 19:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) MD5=E453ACF4E7D44E5530B5D5F2B9CA8563 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17945_none_0477c74a33a2859a\ntfs.sys

< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SPOOLSV.EXE >
[2012.02.11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\SysNative\spoolsv.exe
[2012.02.11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[2010.11.20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2012.02.11 07:20:28 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=B9D7A4858CF32A6A15D2763F1DE47E0E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 12:43:34 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Program Files (x86)\Debugging Tools for Windows (x86)\sym\tcpip.sys\4F757012203000\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 02:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2010.11.20 14:27:28 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2009.08.03 20:59:51 | 000,003,584 | ---- | M] (Lexmark International Inc.) --

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2009.12.25 09:56:46 | 000,000,000 | ---- | M] () -- C:\Windows\system32\drivers\1043_ASUSTEK_K40AB_K50AB_K40AD_K50AD_V30_WIN7.MRK
[2010.08.13 15:43:58 | 000,000,000 | ---- | M] () -- C:\Windows\system32\drivers\1043_ASUSTeK_K50AD.alu
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2012.11.16 12:39:29 | 000,000,045 | ---- | M] () -- C:\Windows\system32\initdebug.nfo

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[366 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[385 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[17 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[151 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2010.08.14 13:57:55 | 000,000,000 | -HSD | M] -- C:\Users\petra\AppData\Roaming\.#
[2012.10.15 10:31:13 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Adobe
[2012.06.10 10:00:46 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\aliasworlds
[2010.10.26 19:34:51 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Artogon
[2012.10.26 06:47:14 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Asus WebStorage
[2010.08.13 15:34:06 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\ATI
[2012.10.25 08:35:22 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\AVG
[2012.11.05 14:36:40 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\AVG2013
[2011.11.06 11:18:59 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Babylon
[2010.08.19 20:05:02 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\CyberLink
[2012.08.24 22:07:51 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\DAEMON Tools Lite
[2012.10.29 11:11:55 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\dvdcss
[2011.04.27 07:38:37 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\EeeStorageUploader
[2012.10.12 21:16:12 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Friday's games
[2011.09.26 07:27:37 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\GiftBoxPlus
[2011.09.25 17:43:26 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Google
[2010.08.13 15:33:17 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Identities
[2012.05.04 12:14:44 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\inkscape
[2010.11.01 12:05:33 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Leadertech
[2011.06.22 12:53:03 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Macromedia
[2009.07.14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Media Center Programs
[2012.06.22 19:58:32 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Meridian93
[2012.06.23 10:55:10 | 000,000,000 | --SD | M] -- C:\Users\petra\AppData\Roaming\Microsoft
[2012.04.13 14:42:19 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Mozilla
[2012.05.18 21:05:04 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Oberon Media
[2012.01.29 23:07:12 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\PC Suite
[2010.12.19 12:07:39 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\ProtectDISC
[2012.01.11 12:32:20 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\runic games
[2012.08.24 21:41:18 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Samsung
[2010.08.26 21:34:40 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\SecretIslandEng
[2011.04.04 09:18:34 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\SoftGrid Client
[2010.11.24 16:55:57 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\TP
[2012.11.05 14:22:56 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\TuneUp Software
[2011.11.21 00:06:46 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Tunngle
[2011.08.08 19:50:17 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Unity
[2012.11.15 12:56:26 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\uTorrent
[2010.12.12 17:01:50 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Vivox
[2012.11.16 12:22:00 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\vlc
[2012.09.27 23:21:08 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\WeatherLord
[2012.07.15 21:44:02 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\WildTangent
[2010.09.23 09:17:29 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\WinRAR
[2012.02.29 21:24:31 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Yandex
[2012.10.21 00:00:34 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Zbani Games
[2011.08.27 00:11:53 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Zoner

< %APPDATA%\*.* >

< %APPDATA%\*.exe /s >
[2011.04.27 07:38:12 | 000,070,992 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\petra\AppData\Roaming\Asus WebStorage\EeeStorageUpdate.EXE
[2011.04.27 07:39:12 | 005,808,128 | ---- | M] () -- C:\Users\petra\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.84.161.exe
[2012.01.31 19:01:54 | 000,038,784 | ---- | M] () -- C:\Users\petra\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.08.26 00:50:09 | 000,029,184 | R--- | M] () -- C:\Users\petra\AppData\Roaming\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
[2011.01.21 11:20:52 | 000,010,134 | R--- | M] () -- C:\Users\petra\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2012.10.21 00:00:34 | 000,066,651 | ---- | M] () -- C:\Users\petra\AppData\Roaming\Zbani Games\Uninstall.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.11.16 21:03:03 | 000,000,512 | ---- | M] () MD5=0CD6AD52F5165F1AEE84DAD147DDF121 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:A3B8F70C
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:D987CB43
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:3ABC2192
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:15024E60
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:E0848D16
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:700CD00E
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:D644D3DF
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:96646EC1
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:97995ED4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:91486201
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D576A536
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D16097E4
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:9D5BB34A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:949483BD
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:5F85EE30
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:073139EC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:80E965A3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:28819F45
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:7425C891
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:DD95E6D9
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:FAB17433
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:B88E99C8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:08801FDB
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:4F96D8E6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:2EC5D66C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:CE3AADB7
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:393F7B1E
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:10D98D98
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:592D7272

< End of report >
Nahoru
seweone
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 25 srp 2012 16:24

Re: BSOD

#11 Příspěvek od seweone »

OTL Extras logfile created on: 16.11.2012 21:00:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\petra\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,69% Memory free
8,00 Gb Paging File | 6,21 Gb Available in Paging File | 77,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 54,60 Gb Free Space | 46,89% Space Free | Partition Type: NTFS
Drive D: | 334,67 Gb Total Space | 333,27 Gb Free Space | 99,58% Space Free | Partition Type: NTFS

Computer Name: PETRA-PC | User Name: petra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1426612385-867190673-3753105659-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\Office\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\Office\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01555AFA-85F4-4D00-9892-2D95520EC2FA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{03828572-BD2C-473A-B4BE-FB8299C3BF19}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0EE376DD-2BA3-4CBB-A219-77B7C8E4601C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0F7E526D-26A5-46FF-AEB6-8659EF7FAB7E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1C3C60BC-EEA4-4CF2-A3EE-94037B6A02E8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{21DDE5FA-91E2-475E-A588-87641404FA66}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2AA4A356-CABA-41C3-A56F-5C72783AE1A0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B4CCF67-F3A9-4977-9DA9-EA1C1D3C85AA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{30BBC69B-F9BD-4366-B413-E507ED288FB5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{37C5B71E-64D6-46BB-94C2-E0C2A55ADE2C}" = lport=138 | protocol=17 | dir=in | app=system |
"{3A0BB63B-7EBC-4DF1-9E0E-ADE3736A1AB8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B3E9B4F-AB62-4C85-BC6D-ED04AE780E5B}" = rport=139 | protocol=6 | dir=out | app=system |
"{3BCD5F28-F4CF-4275-9AC9-EF851CC2FE7A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{510191ED-C9F2-4B3B-B683-C1C230FFBFFF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{76072B52-9FC1-41AA-8559-534C21A7BAF2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7D3EB933-3A7D-45B6-8081-5056D0F0AD91}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{860A7CCE-AFA5-42C5-9E49-B978D441A40E}" = rport=137 | protocol=17 | dir=out | app=system |
"{8E2DFF96-DA83-49A6-AF64-C3E045DEC5BC}" = rport=138 | protocol=17 | dir=out | app=system |
"{95F35DEC-8F4D-4D0A-BCFB-FF442513FD88}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F369E56-6DCB-4C90-865E-D9C33CEFA18B}" = lport=137 | protocol=17 | dir=in | app=system |
"{A8D4A5D4-DE7D-4B60-8896-BE6615EA543E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AEB31AFB-ED04-4925-801A-47FA0AE8301B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B07F7FC3-F5C8-45FE-B889-744B0C95C880}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B4E6D328-6A00-482B-918C-ED1A06A5021B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C559A2D7-8A7E-499D-9EC0-956D64848F79}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C55EEA50-5E4D-409F-9660-9BFA52F6ECA7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF1DFA46-1F3B-419C-BE86-95386C8F812E}" = lport=445 | protocol=6 | dir=in | app=system |
"{D98B1614-F5D3-4CC6-B01E-397FB986A860}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF843E8E-CD22-4C7E-8FCE-E87BF8B13BA5}" = rport=445 | protocol=6 | dir=out | app=system |
"{E046B09D-6884-4973-8487-5A4EA80887C1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E2C1A6F5-BA4C-4C92-AE22-C5D8DD95262C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F200C4B0-D0B1-48FC-9CA3-1430FE69B23B}" = lport=6004 | protocol=17 | dir=in | app=d:\office\office12\outlook.exe |
"{FC5C38AA-27B6-4C63-B008-1D011CDC1E9B}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000FBB4C-C397-43B5-9463-C15C1D5C06AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{05F1315F-AD88-4F26-B0F9-B46F8B0502C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0876558B-9255-4699-8764-53F696CEB0F6}" = protocol=17 | dir=in | app=f:\combat arms eu\nmservice.exe |
"{09652191-371C-4401-8241-951C48D5AC22}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0DFC0682-A064-4880-8B23-CE57F39CD68F}" = protocol=6 | dir=in | app=f:\combat arms eu\nmservice.exe |
"{20D8D3C5-1631-4CEB-A81D-2566297E7D6F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{223FB145-AD96-48A1-8A15-3A237A881291}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{3050DB0B-57D5-48E2-97F6-D8403A3B7FF0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3DD57F65-B50F-45A8-A909-1C7951F05D1D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{46E89B39-B11C-4A1A-9300-8F82903F2F6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E670EBB-08FE-459E-ADDF-866DC9991202}" = protocol=6 | dir=in | app=d:\office\office12\onenote.exe |
"{507D8AB1-0FCC-400C-99B2-285D8A32D44B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C075FB9-952C-4EE7-B061-657BCF488014}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6D1474F7-2319-4038-B747-D6282662E20B}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{6F27383C-8CB3-4D8C-8AAD-2605C2826E63}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{7A930628-214B-4104-BD35-C5EB73FC46C4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7C6DEA06-30BE-4E9A-8BCF-F0D4C532114E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D5F8190-FB0E-4C46-BD98-304CDE234FBE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{841DB194-C5BB-4E4D-9B59-9A98260CF2E1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{84298131-311C-4032-B64A-B3363ADAB1EB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{8958F873-BE8A-4F79-8DD8-0848B3A6CB51}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B958221-2D70-4DC6-AAEF-2E9ADBC80C8B}" = protocol=6 | dir=in | app=d:\office\office12\groove.exe |
"{8EE8DE42-7AF6-4703-B89B-DF1EB5567701}" = protocol=6 | dir=out | app=system |
"{9FF59BD0-441D-4033-B46D-B32DCC684281}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{A0091F41-21E9-4D4A-A029-AF97681C83BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A8A38702-D964-49ED-8C89-F6BF5CA3CE27}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{A8A954F6-B28F-49C9-A7E6-9E97C190FBA9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B383D0DB-768F-422E-82FF-50E19CA83104}" = protocol=17 | dir=in | app=d:\office\office12\onenote.exe |
"{C74AB22F-C419-4B6F-BCD5-65E64D805391}" = protocol=17 | dir=in | app=d:\office\office12\groove.exe |
"{CB1B4272-2C05-45A5-B825-9B59DA3EB4F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CC57D508-D3F8-4874-A9FB-3A7CDCC4C360}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CE0C0898-5B0B-47E5-816B-FD8DF946FBB5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D5BD19E6-BFA3-4FB1-9971-933446B655C7}" = protocol=6 | dir=in | app=e:\combat arms eu\nmservice.exe |
"{DEE86194-D4E7-4C14-8936-36FD303607DE}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{FA0E005E-55AB-4758-B871-D5641550B15B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{FD43DDFD-6D07-49F9-837D-53EED9A9CAA3}" = protocol=17 | dir=in | app=e:\combat arms eu\nmservice.exe |
"{FF573409-1FBD-4B00-A14B-B41AB97671BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{4B1188EA-3959-4A14-8666-D8D3ACA61457}C:\users\petra\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\petra\appdata\local\akamai\netsession_win.exe |
"TCP Query User{4D561E0E-5E6A-4A40-B507-558716A3C3AE}G:\quake iii arena\quake3.exe" = protocol=6 | dir=in | app=g:\quake iii arena\quake3.exe |
"TCP Query User{6170BD1E-A54A-4B93-9C06-2AD2D452CF3C}C:\program files (x86)\monte cristo\crazyfactory\crazyfactory.exe" = protocol=6 | dir=in | app=c:\program files (x86)\monte cristo\crazyfactory\crazyfactory.exe |
"TCP Query User{841F0893-2A38-476F-9CAB-E455F72A1F96}F:\hry\modern jediná hra\iw3mp.exe" = protocol=6 | dir=in | app=f:\hry\modern jediná hra\iw3mp.exe |
"TCP Query User{B402D1BC-0B90-4FE5-B8EA-7607065B1399}C:\users\petra\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\petra\appdata\local\akamai\netsession_win.exe |
"TCP Query User{CA8D6138-9547-494C-9781-71E8187E3599}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"TCP Query User{E3EC8AC3-EDDF-4BB1-800F-E2F7FA6EAD5F}H:\need for speed most wanted\speed.exe" = protocol=6 | dir=in | app=h:\need for speed most wanted\speed.exe |
"TCP Query User{E562803F-FAD0-4659-B951-90079A64B74D}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{FC35BAB7-64B3-48BC-A43E-E8D3B7118D44}C:\program files (x86)\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe |
"UDP Query User{0B351AA7-ED31-4A7F-88EC-7589A0C6EC0E}F:\hry\modern jediná hra\iw3mp.exe" = protocol=17 | dir=in | app=f:\hry\modern jediná hra\iw3mp.exe |
"UDP Query User{0F5375CB-B7AB-4162-8560-ED2D7194B10F}H:\need for speed most wanted\speed.exe" = protocol=17 | dir=in | app=h:\need for speed most wanted\speed.exe |
"UDP Query User{27FAC69D-D2C6-445B-A21C-25E0BFC2345E}C:\users\petra\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\petra\appdata\local\akamai\netsession_win.exe |
"UDP Query User{7937A9C8-8D51-4683-8888-0899DB50587A}C:\program files (x86)\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe |
"UDP Query User{7D8A94D4-643C-42D8-9730-D9B229B0DF1D}C:\program files (x86)\monte cristo\crazyfactory\crazyfactory.exe" = protocol=17 | dir=in | app=c:\program files (x86)\monte cristo\crazyfactory\crazyfactory.exe |
"UDP Query User{8B23571E-CF63-45C1-8A5D-22946464C404}G:\quake iii arena\quake3.exe" = protocol=17 | dir=in | app=g:\quake iii arena\quake3.exe |
"UDP Query User{9D723A69-3539-4DCD-9B65-CEDF16328816}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{CD288E33-8F03-48FC-BB58-2333B34E650E}C:\users\petra\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\petra\appdata\local\akamai\netsession_win.exe |
"UDP Query User{E0F4BE11-4B98-405F-A289-36BE2E23380D}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{191FE572-888E-8C1E-B6A5-131DD157A769}" = ATI Catalyst Install Manager
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5550FCDE-9697-C0DC-E993-19425370648F}" = ccc-utility64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hungarian) 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90120000-002A-0418-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Romanian) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120000-002A-0424-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovenian) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B305FB9-297D-4F86-BC8B-740E7A1EF200}" = AVG 2013
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Pomocník pro přihlášení ke službě Windows Live ID
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BB0CAB96-2EDE-4DDF-B6F3-AEE02C0F1CA4}" = AVG 2013
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}" = Windows Live Zabezpečení rodiny
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASUS WebStorage" = ASUS WebStorage
"AVG" = AVG 2013
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.5_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DF229B9-6AE9-32F0-D987-7EC53ED469D0}" = CCC Help French
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13FF79F8-7385-1961-DF96-EA4995408083}" = CCC Help Norwegian
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1A0D4388-C483-6B7E-B5C9-218A6A8CC2ED}" = Catalyst Control Center Graphics Full Existing
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2F291F64-7664-6FA7-E63E-ECB96F1132D5}" = Catalyst Control Center Localization All
"{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86)
"{3119C2B0-FDC9-7E84-0AFE-99C37A120F9F}" = CCC Help English
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}" = Windows Live Essentials
"{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
"{50F89EEA-D568-663C-9D0A-62156F2909DC}" = CCC Help Chinese Standard
"{524C5088-B615-E3C0-84EC-44B1AE86480B}" = Catalyst Control Center Graphics Light
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{553B20C6-59CD-4C2F-BE37-16ABF32064BF}" = aTube Catcher 1.0
"{5ACE78D9-2859-A192-F416-1D3E93370ACA}" = Catalyst Control Center InstallProxy
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62C37D4D-0561-7281-28F6-918D1E09A7E1}" = CCC Help Hungarian
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68B52EFD-86CC-486E-A8D0-A3A1554CB5BC}" = Tab Inizia subito per Microsoft Office Word 2007
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6BBBBBE8-5B46-8BB6-27DD-F9F12A8961B3}" = ccc-core-static
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{709B5A11-1C2D-0CAA-6190-26AA341ED9C9}" = CCC Help Greek
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73D0A63E-3CF1-010A-9F5E-9FB44759E959}" = CCC Help Russian
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7CA2E36B-EE3C-F83F-CBA3-9118376162D8}" = CCC Help Polish
"{7DE2EE83-1B5B-4FC8-A9DD-AEAC58633F27}" = Catalyst Control Center Graphics Full New
"{7F79299F-AE44-27A5-480E-72BD1B65D62C}" = Catalyst Control Center Core Implementation
"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2007
"{90120000-0015-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2007
"{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2007
"{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2007
"{90120000-0019-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2007
"{90120000-001A-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2007
"{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{0E2DB3D7-94EA-4B12-A9C1-D3C52BDE07D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROHYBRIDR_{9DECF714-4963-48E2-924A-B9075485AF6B}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROHYBRIDR_{8FF4ED5D-9EA1-4EC5-8F10-767E1705310C}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040E-1000-0000000FF1CE}_PROHYBRIDR_{1E71F4A2-F832-4B10-8CA5-2B49A20AAD87}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_PROHYBRIDR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0418-1000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_PROHYBRIDR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007
Nahoru
seweone
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 25 srp 2012 16:24

Re: BSOD

#12 Příspěvek od seweone »

Service Pack 3 (SP3)
"{90120000-002A-0424-1000-0000000FF1CE}_PROHYBRIDR_{455248D4-FBA8-4C55-AB56-3F209028D7B5}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_PROHYBRIDR_{1E71F4A2-F832-4B10-8CA5-2B49A20AAD87}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2007
"{90120000-006E-0424-0000-0000000FF1CE}_PROHYBRIDR_{455248D4-FBA8-4C55-AB56-3F209028D7B5}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A0B3637D-BDD9-7882-E8B3-8A3387463D10}" = CCC Help Danish
"{A13DE9CB-8C84-4889-B114-C5A9661F844E}" = Windows Live Fotogalerie
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A89EFC7E-4469-5F69-1CDE-C2D02B961B20}" = CCC Help Thai
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.2 MUI
"{AF1926EF-7640-A7A2-1908-B665869C705B}" = CCC Help German
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B61F1ADD-F7FA-772C-ABFB-526C953CBD30}" = CCC Help Spanish
"{BB981E40-9F71-6EF2-50B3-69761683AA40}" = CCC Help Japanese
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4500D96-FDB3-5EE0-D460-1349823879A6}" = CCC Help Czech
"{C462542C-359F-6867-D44B-46F839A8B0A5}" = CCC Help Swedish
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5C450C4-886B-3B83-DE91-CEC809049DF5}" = CCC Help Korean
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB649148-BF0E-2244-FD5C-3CFCD75FBD00}" = CCC Help Italian
"{DB865E3E-E7FC-A4A2-84FA-545AD61BC3F7}" = CCC Help Portuguese
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFC6DCD2-033C-D834-23ED-77636EDCAE84}" = CCC Help Dutch
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E8EE2011-D936-42B6-9A68-3B388BE5F3E7}" = CCC Help Chinese Traditional
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EECFF7F2-3A6D-F071-2D58-993A3A6018BA}" = CCC Help Finnish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F3A46425-5D0A-31C5-35A8-BE02EC5FE4E7}" = Catalyst Control Center Graphics Previews Vista
"{F3ED01FE-B62F-4CA4-BACA-822369BC0FB7}" = TuneUp Utilities Language Pack (en-GB)
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F9E11402-22F4-22AD-D484-8ECCB29E461D}" = CCC Help Turkish
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FB03A941-815E-42F2-B604-FCE5636DB90B}" = AVG PC TuneUp Language Pack (en-US)
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ASUS AP Bank_is1" = ASUS AP Bank
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"aTube Catcher" = aTube Catcher
"AVG Secure Search" = AVG Security Toolbar
"Avisynth" = AviSynth 2.5
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IL Download Manager" = IL Download Manager
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"PROHYBRIDR" = 2007 Microsoft Office system
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PS3 Media Server" = PS3 Media Server
"SpeedFan" = SpeedFan (remove only)
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xvid_is1" = Xvid 1.3.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1426612385-867190673-3753105659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16.11.2012 16:33:21 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 16.11.2012 16:33:22 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 16.11.2012 16:33:22 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 16.11.2012 16:33:23 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 16.11.2012 16:34:10 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 16.11.2012 16:34:11 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 16.11.2012 16:34:11 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 16.11.2012 16:34:12 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 16.11.2012 16:35:00 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 16.11.2012 16:35:01 | Computer Name = petra-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

[ Media Center Events ]
Error - 19.7.2011 12:36:21 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 18:36:18 - Chyba při připojování k Internetu 18:36:18 - Nelze kontaktovat
server..

Error - 19.7.2011 13:37:02 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 19:37:02 - Chyba při připojování k Internetu 19:37:02 - Nelze kontaktovat
server..

Error - 19.7.2011 13:37:33 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 19:37:31 - Chyba při připojování k Internetu 19:37:31 - Nelze kontaktovat
server..

Error - 19.7.2011 14:38:22 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 20:38:22 - Chyba při připojování k Internetu 20:38:22 - Nelze kontaktovat
server..

Error - 19.7.2011 14:39:12 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 20:39:09 - Chyba při připojování k Internetu 20:39:09 - Nelze kontaktovat
server..

Error - 20.7.2011 11:43:04 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 17:43:04 - Chyba při připojování k Internetu 17:43:04 - Nelze kontaktovat
server..

Error - 20.7.2011 11:43:58 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 17:43:52 - Chyba při připojování k Internetu 17:43:52 - Nelze kontaktovat
server..

Error - 22.7.2011 9:23:59 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 15:23:59 - Chyba při připojování k Internetu 15:23:59 - Nelze kontaktovat
server..

Error - 22.7.2011 9:24:53 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 15:24:47 - Chyba při připojování k Internetu 15:24:47 - Nelze kontaktovat
server..

Error - 29.7.2011 2:52:43 | Computer Name = petra-PC | Source = MCUpdate | ID = 0
Description = 8:52:36 - Chyba při připojování k Internetu 8:52:36 - Nelze kontaktovat
server..

[ OSession Events ]
Error - 1.11.2010 14:07:40 | Computer Name = petra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2.6.2011 4:26:28 | Computer Name = petra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 181 seconds with 120 seconds of active time. This session ended with a crash.

Error - 19.1.2012 6:15:41 | Computer Name = petra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1209
seconds with 780 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 16.11.2012 7:07:43 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 16.11.2012 7:59:36 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 16.11.2012 8:19:31 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 16.11.2012 8:19:38 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 16.11.2012 8:20:56 | Computer Name = petra-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 16.11.2012 8:25:46 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 16.11.2012 8:37:00 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 16.11.2012 8:37:10 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 16.11.2012 8:37:58 | Computer Name = petra-PC | Source = DCOM | ID = 10010
Description =

Error - 16.11.2012 13:09:01 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).


< End of report >
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: BSOD

#13 Příspěvek od motji »

Něco tam bude. Poprosím o log z combofixu.
http://www.bleepingcomputer.com/combofi ... t-combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
seweone
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 25 srp 2012 16:24

Re: BSOD

#14 Příspěvek od seweone »

ComboFix 12-11-16.02 - petra 17.11.2012 17:57:04.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2699 [GMT 1:00]
Spuštěný z: c:\users\petra\Downloads\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-17 do 2012-11-17 )))))))))))))))))))))))))))))))
.
.
2012-11-17 17:03 . 2012-11-17 17:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-16 20:03 . 2012-11-16 20:03 512 ----a-w- C:\PhysicalMBR.bin
2012-11-16 11:39 . 2012-11-16 13:43 -------- d-----w- c:\program files (x86)\SpeedFan
2012-11-16 00:26 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-16 00:26 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 00:26 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 00:26 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 00:13 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 00:13 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 00:13 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 00:13 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 00:13 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-16 00:13 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 00:13 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 20:56 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 20:56 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-08 19:09 . 2012-11-08 19:09 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2012-11-07 21:47 . 2012-11-07 21:47 -------- d-----w- c:\users\petra\AppData\Local\MPlayer
2012-11-07 21:35 . 2012-11-07 21:42 -------- d-----w- c:\programdata\PMS
2012-11-07 21:33 . 2012-11-13 06:42 -------- d-----w- c:\program files (x86)\PS3 Media Server
2012-11-06 20:06 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-11-06 20:06 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-11-06 20:06 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-06 20:06 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-06 20:06 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-06 20:06 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-06 20:06 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-06 20:06 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-06 20:06 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-06 20:06 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-11-06 20:06 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-05 13:36 . 2012-11-05 13:36 -------- d-----w- c:\users\petra\AppData\Roaming\AVG2013
2012-11-05 13:15 . 2012-11-05 16:13 -------- d-----w- c:\users\petra\AppData\Local\Avg2013
2012-11-05 13:15 . 2012-11-05 13:15 -------- d-----w- c:\users\petra\AppData\Local\MFAData
2012-11-02 23:33 . 2012-11-05 13:22 -------- d-----w- c:\users\petra\AppData\Roaming\TuneUp Software
2012-11-02 23:33 . 2012-11-17 07:55 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2013
2012-11-02 23:33 . 2012-11-02 23:33 -------- d-----w- c:\programdata\TuneUp Software
2012-11-02 23:32 . 2012-11-03 00:14 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2012-10-29 10:11 . 2012-10-29 10:11 -------- d-----w- c:\users\petra\AppData\Roaming\dvdcss
2012-10-25 07:34 . 2012-10-26 05:46 -------- d-----w- c:\programdata\AVG
2012-10-25 07:34 . 2012-11-03 00:14 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2012-10-22 14:47 . 2012-09-24 21:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2012-10-20 23:00 . 2012-10-20 23:00 -------- d-----w- c:\users\petra\AppData\Roaming\Zbani Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 13:41 . 2011-04-09 19:47 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-11-16 00:14 . 2010-09-01 05:02 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-11 15:29 . 2012-04-13 13:49 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-11 15:29 . 2011-07-24 08:07 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-08 12:55 . 2012-08-30 20:48 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-11-07 21:25 . 2011-04-07 07:59 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-09-21 02:46 . 2012-09-21 02:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2012-09-21 02:46 . 2012-09-21 02:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys
2012-09-14 19:19 . 2012-10-10 05:15 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 05:15 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-14 02:05 . 2012-09-14 02:05 40800 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2012-09-04 09:39 . 2012-09-04 09:39 50296 ----a-w- c:\windows\system32\drivers\avgfwd6a.sys
2012-09-04 06:41 . 2012-09-04 06:42 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-04 06:41 . 2010-10-15 11:14 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-31 18:19 . 2012-10-10 05:48 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 05:16 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 05:16 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 05:16 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-25 23:50 . 2012-08-25 23:50 29184 ----a-r- c:\users\petra\AppData\Roaming\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
2012-08-24 18:05 . 2012-10-10 05:16 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 05:16 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 16:57 . 2012-11-06 20:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-08-22 18:12 . 2012-09-12 05:40 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 05:40 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 05:40 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-25 20:55 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-10 05:16 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 05:16 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 05:16 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 05:16 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 05:16 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 05:16 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 05:16 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 05:16 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 05:16 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 05:16 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 05:16 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 05:16 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 05:16 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 05:16 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 05:16 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 15:38 . 2012-10-10 05:16 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2012-08-20 15:38 . 2012-10-10 05:16 2048 ----a-w- c:\windows\SysWow64\user.exe
2012-08-20 15:33 . 2012-10-10 05:16 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33 . 2012-10-10 05:16 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33 . 2012-10-10 05:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33 . 2012-10-10 05:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-11-08 12:55 1796552 ----a-w- c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll" [2012-11-08 1796552]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\petra\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-10-02 98304]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"GrooveMonitor"="d:\office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-11-08 997320]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"ROC_ROC_JULY_P1"="c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-08-30 1022048]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2012-11-01 1340976]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 27776]
R3 dump_wmimmc;dump_wmimmc;c:\aeriagames\WolfTeam\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Messenger\Room\safedrv.sys [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 30344]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-14 1255736]
R3 X6va005;X6va005;c:\users\petra\AppData\Local\Temp\005C094.tmp [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 23304]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-08 30568]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-28 279616]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-10-02 202752]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-08 711112]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-06-05 34872]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - TuneUpUtilitiesDrv
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 15:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home2.zbani.com/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google&q={searchTerms}
uInternet Settings,ProxyOverride = <local>
mSearchAssistant = hxxp://start.facemoods.com/?a=bfus&s={searchTerms}&f=4
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\p3npbjwz.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7B3854a00c-211a-4307-8a3a-ef4ccf70a6e2%7D&mid=e7dc2fbbd27d47d187da318208bf0b66-aacd94718f4d44f287c640e3cc530386aadf4b29&ds=AVG&v=12.2.5.32&lang=cs&pr=fr&d=2012-02-05%2014%3A06%3A20&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-25 12:49; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\p3npbjwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
Toolbar-{90b49673-5506-483e-b92b-ca0265bd9ca8} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2729449 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2737019 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\petra\AppData\Local\Temp\005C094.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-11-17 18:06:07
ComboFix-quarantined-files.txt 2012-11-17 17:06
ComboFix2.txt 2012-11-17 15:00
.
Před spuštěním: Volných bajtů: 59 876 864 000
Po spuštění: Volných bajtů: 59 806 343 168
.
- - End Of File - - 2D835B8E9D2CE4EFCE9120CE052221BC
Nahoru
seweone
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 25 srp 2012 16:24

Re: BSOD

#15 Příspěvek od seweone »

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/11/17 18:16:00

-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- ST950032 5AS SATA Disk Device
- Slimtype DVD A DS8A3S SATA CdRom Device
- A81FK2UO IDE Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST9500325AS : 500,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9500325AS
----------------------------------------------------------------------------
Model : ST9500325AS
Firmware : 0002SDM1
Serial Number : 6VE4PEVP
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 8811 hod.
Power On Count : 5574 krát
Temparature : 39 C (102 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _99 __6 00000860512A Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _95 _95 _20 0000000015F3 Počet spuštění/zastavení
05 100 100 _36 00000000000A Počet přemapovaných sektorů
07 _80 _60 _30 00020C915F3A Počet chybných hledání
09 _90 _90 __0 00000000226B Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _95 _37 _20 0000000015C6 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB _97 _97 __0 000000000003 Ohlášeno neopravitelných chyb
BC 100 _98 __0 000A000A0020 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _61 _48 _45 000028250027 Teplota toku vzduchu
BF 100 100 __0 0000000000D8 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000135 Počet vypnutí disku
C1 _47 _47 __0 000000019E1E Počet cyklů načítání/vymazání
C2 _39 _52 __0 000A00000027 Teplota
C3 _52 _43 __0 00000860512A Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000028 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3656 3656 4534 5045 5650
020: 0000 4000 0004 3030 3032 4D31 4D31 5354 3935 3030
030: 3332 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 407F 0044
090: 0044 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500
110: 1EE5 3D28 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 06A5
Nahoru
Zamčeno

Zpět na „Modrá smrt - BSOD“