This topic is locked
Hi there,
I have recently received a computer, with the aim of replacing an older model that simply couldn't handle the workload.
Unfortunately, it:
1.) Is running much slower than the older one
2.) Has plenty of adware installed that I can't seem to get rid of
3.) Has a slower start-up and shut-down time
4.) Generally seems to be infected or slowed down, due to malware and or/viruses
This poses a big problem, as my work now takes 2x as long to complete.
I am attaching both OTL logs below. Many thanks for your help!
OTL logfile created on: 3. 9. 2014 13:33:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zuzana\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,75 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 40,15% Memory free
7,49 Gb Paging File | 4,78 Gb Available in Paging File | 63,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 245,62 Gb Free Space | 52,75% Space Free | Partition Type: NTFS
Drive D: | 558,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PETERSULEK | User Name: Zuzana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/09/03 13:29:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
PRC - [2014/08/30 08:11:25 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/08/25 18:44:14 | 002,640,408 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2014/08/13 04:02:20 | 001,820,184 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
PRC - [2014/08/13 04:02:19 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
PRC - [2014/08/08 10:34:04 | 022,734,160 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014/07/18 03:39:41 | 000,389,744 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/06/19 08:44:09 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Users\Zuzana\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2013/12/12 13:49:08 | 000,114,688 | ---- | M] (fdsa) -- C:\Windows\SysWOW64\nvidiah1.exe
PRC - [2013/12/12 13:44:44 | 000,008,224 | ---- | M] () -- C:\Windows\SysWOW64\xnviewh1.exe
PRC - [2012/10/29 18:22:24 | 001,573,576 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012/09/18 05:10:08 | 000,248,704 | ---- | M] () -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/04 11:17:42 | 000,999,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
PRC - [2011/02/11 15:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
========== Modules (No Company Name) ==========
MOD - [2014/09/03 10:13:58 | 000,007,168 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\hashobjs_ext.pyd
MOD - [2014/09/03 10:13:57 | 000,805,888 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\wx._gdi_.pyd
MOD - [2014/09/03 10:13:57 | 000,027,136 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\_multiprocessing.pyd
MOD - [2014/09/03 10:13:56 | 001,160,704 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\_ssl.pyd
MOD - [2014/09/03 10:13:56 | 000,110,080 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\pywintypes27.dll
MOD - [2014/09/03 10:13:55 | 000,811,008 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\wx._windows_.pyd
MOD - [2014/09/03 10:13:55 | 000,713,216 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\_hashlib.pyd
MOD - [2014/09/03 10:13:55 | 000,070,656 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\wx._html2.pyd
MOD - [2014/09/03 10:13:54 | 000,025,600 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32pdh.pyd
MOD - [2014/09/03 10:13:54 | 000,024,064 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32pipe.pyd
MOD - [2014/09/03 10:13:52 | 001,062,400 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\wx._controls_.pyd
MOD - [2014/09/03 10:13:51 | 000,686,080 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\unicodedata.pyd
MOD - [2014/09/03 10:13:51 | 000,010,240 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\select.pyd
MOD - [2014/09/03 10:13:50 | 000,127,488 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\pyexpat.pyd
MOD - [2014/09/03 10:13:50 | 000,038,912 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32inet.pyd
MOD - [2014/09/03 10:13:50 | 000,018,432 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32event.pyd
MOD - [2014/09/03 10:13:48 | 000,017,408 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32profile.pyd
MOD - [2014/09/03 10:13:47 | 000,119,808 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32file.pyd
MOD - [2014/09/03 10:13:47 | 000,108,544 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32security.pyd
MOD - [2014/09/03 10:13:46 | 000,525,640 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\windows._lib_cacheinvalidation.pyd
MOD - [2014/09/03 10:13:43 | 000,167,936 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32gui.pyd
MOD - [2014/09/03 10:13:41 | 000,128,512 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\_elementtree.pyd
MOD - [2014/09/03 10:13:41 | 000,087,552 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\_ctypes.pyd
MOD - [2014/09/03 10:13:40 | 000,098,816 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32api.pyd
MOD - [2014/09/03 10:13:40 | 000,045,568 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\_socket.pyd
MOD - [2014/09/03 10:13:39 | 000,557,056 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\pysqlite2._sqlite.pyd
MOD - [2014/09/03 10:13:39 | 000,320,512 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32com.shell.shell.pyd
MOD - [2014/09/03 10:13:39 | 000,022,528 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32ts.pyd
MOD - [2014/09/03 10:13:38 | 001,175,040 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\wx._core_.pyd
MOD - [2014/09/03 10:13:38 | 000,364,544 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\pythoncom27.dll
MOD - [2014/09/03 10:13:37 | 000,735,232 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\wx._misc_.pyd
MOD - [2014/09/03 10:13:37 | 000,078,336 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\wx._animate.pyd
MOD - [2014/09/03 10:13:36 | 000,122,368 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\wx._wizard.pyd
MOD - [2014/09/03 10:13:36 | 000,011,264 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32crypt.pyd
MOD - [2014/09/03 10:13:34 | 000,035,840 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Temp\_MEI36962\win32process.pyd
MOD - [2014/08/30 08:11:22 | 003,715,184 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/08/25 18:44:14 | 002,640,408 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2014/08/13 04:02:23 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
MOD - [2014/07/18 03:39:32 | 000,023,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2014/07/18 03:39:30 | 000,158,832 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2014/07/18 03:39:28 | 003,338,352 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013/12/12 13:44:44 | 000,008,224 | ---- | M] () -- C:\Windows\SysWOW64\xnviewh1.exe
MOD - [2013/07/10 18:07:22 | 000,756,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2013/03/25 19:08:44 | 002,673,672 | ---- | M] () -- C:\Program Files (x86)\Nitro\Pro 8\wxmsw28u_core_vc_pro8.dll
MOD - [2013/03/25 19:08:44 | 000,481,288 | ---- | M] () -- C:\Program Files (x86)\Nitro\Pro 8\wxmsw28u_xrc_vc_pro8.dll
MOD - [2013/03/25 19:08:44 | 000,450,056 | ---- | M] () -- C:\Program Files (x86)\Nitro\Pro 8\wxmsw28u_html_vc_pro8.dll
MOD - [2013/03/25 19:08:42 | 001,145,864 | ---- | M] () -- C:\Program Files (x86)\Nitro\Pro 8\wxbase28u_vc_pro8.dll
MOD - [2013/03/25 19:08:42 | 000,682,504 | ---- | M] () -- C:\Program Files (x86)\Nitro\Pro 8\wxmsw28u_adv_vc_pro8.dll
MOD - [2013/03/25 19:08:42 | 000,123,400 | ---- | M] () -- C:\Program Files (x86)\Nitro\Pro 8\wxbase28u_xml_vc_pro8.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/11 15:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
========== Services (SafeList) ==========
SRV:64bit: - [2014/07/25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/01/24 19:08:18 | 002,647,256 | ---- | M] (Blue Coat Systems, Inc.) [Auto | Running] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (bckwfs)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/25 19:08:30 | 000,230,408 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8)
SRV:64bit: - [2012/07/04 11:18:44 | 000,190,208 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe -- (ESHASRV)
SRV:64bit: - [2012/07/04 11:18:26 | 000,035,720 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2012/07/04 11:17:42 | 000,999,704 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/04/07 15:04:24 | 000,127,800 | ---- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:64bit: - [2010/03/02 23:12:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/02 14:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2010/02/01 01:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/20 14:16:20 | 000,513,536 | ---- | M] (Vivid Document Imaging Technologies) [Auto | Stopped] -- C:\Program Files\PDF Printer for Windows 7\Win7PDFPrinting.exe -- (Win7PDFPrinting)
SRV:64bit: - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\AESTSr64.exe -- (AESTFilters)
SRV - [2014/08/30 08:11:23 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/08/13 04:02:20 | 001,820,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/07/09 08:46:32 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/18 05:10:08 | 000,248,704 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe -- (UsbClientService)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/28 04:10:34 | 000,381,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe -- (SynoDrService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/01 01:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\STacSV64.exe -- (STacSV)
SRV - [2010/01/30 01:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\AESTSr64.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/08/13 04:02:24 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/01/24 19:06:48 | 000,126,168 | ---- | M] (Blue Coat Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\bckd.sys -- (bckd)
DRV:64bit: - [2012/12/24 07:53:24 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/18 19:19:55 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/03 11:36:52 | 000,055,776 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\busenum.sys -- (busenum)
DRV:64bit: - [2012/07/10 11:16:32 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/03/29 12:03:56 | 000,140,752 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012/03/29 12:03:54 | 000,152,136 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/03/26 14:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/03/02 23:23:10 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/03/02 23:23:10 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/03/02 22:07:32 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/03/01 10:42:32 | 000,340,512 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/02 14:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2010/02/02 14:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/02/01 01:29:34 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/01/28 09:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/04 17:38:54 | 000,237,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2009/11/02 11:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/08/24 03:25:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...yE&cr=406040595
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...yE&cr=406040595
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...97DHP&dt=071613
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 54 63 E6 18 C6 B0 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={79AC0127-C88D-40FF-ADC7-67753D8282C5}&mid=422f301fcabb47d0ab2455626d66fa55-72cf034103d615c277fb9d97f476a14f28b5d367&lang=sk&ds=AVG&pr=fr&d=2013-01-21 11:30:44&v=17.1.2.1&pid=avg&sg=27&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9B44A380-BBC4-4FA5-9544-4765E5DD7815}: "URL" = http://websearch.ask...AB-FE4C26884835
IE - HKCU\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...yE&cr=406040595
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40funmoods.com:1.5.1
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.3
FF - prefs.js..extensions.enabledAddons: webmaster%40keep-tube.com:1.2
FF - prefs.js..extensions.enabledAddons: mp4downloader%40jeff.net:1.3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Zuzana\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Zuzana\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Zuzana\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zuzana\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zuzana\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET ENDPOINT ANTIVIRUS\MOZILLA THUNDERBIRD [2013/02/28 16:05:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799\ [2014/08/25 18:46:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2013/02/28 16:05:07 | 000,000,000 | ---D | M]
[2012/07/23 12:01:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\Extensions
[2014/09/02 14:08:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\Firefox\Profiles\h93azb4q.default\extensions
[2012/11/19 20:33:37 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Zuzana\AppData\Roaming\mozilla\Firefox\Profiles\h93azb4q.default\extensions\[email protected]
[2012/11/27 18:38:23 | 000,000,000 | ---D | M] (Foxit PDF Creator Toolbar) -- C:\Users\Zuzana\AppData\Roaming\mozilla\Firefox\Profiles\h93azb4q.default\extensions\[email protected]
[2014/09/02 14:08:28 | 000,201,091 | ---- | M] () (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\h93azb4q.default\extensions\[email protected]
[2013/12/03 21:24:47 | 000,066,667 | ---- | M] () (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\h93azb4q.default\extensions\[email protected]
[2013/11/20 15:30:56 | 000,619,291 | ---- | M] () (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\h93azb4q.default\extensions\[email protected]
[2013/12/03 21:19:58 | 000,031,748 | ---- | M] () (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\h93azb4q.default\extensions\[email protected]
[2014/03/17 17:25:47 | 000,353,984 | ---- | M] () (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\h93azb4q.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi
[2014/07/26 14:45:59 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\h93azb4q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/11/27 18:38:23 | 000,002,339 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\h93azb4q.default\searchplugins\askcom.xml
[2013/12/08 17:11:10 | 000,003,729 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\h93azb4q.default\searchplugins\avg-secure-search.xml
[2012/11/22 10:17:09 | 000,002,351 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\h93azb4q.default\searchplugins\Funmoods.xml
[2014/08/30 08:11:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/08/30 08:11:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.msn.com/?...97DHP&dt=071613
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Zuzana\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Zuzana\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Zuzana\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Zuzana\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Disk Google = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: HÄľadaĹĄ v Google = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\
CHR - Extension: List Progress Bar for Trello = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\klhahganeobopkelbdeljamclomlhhjg\1.91_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/03/10 21:29:30 | 000,000,820 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - Reg Error: Value error. File not found
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [MFNetworkScanUtility] C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE (CANON INC.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Nvidiah] C:\Windows\SysWOW64\nvidiah1.exe (fdsa)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe File not found
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Win7PDF] C:\Program Files\PDF Printer for Windows 7\PDF.exe (Vivid Document Imaging Technologies)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Boxoft Tools] C:\ProgramData\Boxtools\Boxofttoolbox.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [GoToMeeting] C:\Program Files (x86)\Citrix\GoToMeeting\1468\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Users\Zuzana\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.202.213 192.168.202.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{467EC41F-84EA-46CD-88AF-4CB24D1C7311}: DhcpNameServer = 192.168.202.213 192.168.202.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B32E33E4-A8D7-4E05-B179-129400BBE82C}: DhcpNameServer = 192.168.202.213 192.168.202.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB40A22C-5CA4-4CA0-98B5-0F54AE63633E}: DhcpNameServer = 195.146.128.62 195.146.132.58
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\volaro: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\vonteera: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/03/20 02:02:17 | 000,000,175 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{23ebee42-0c79-11e2-a704-842b2b8213a6}\Shell - "" = AutoRun
O33 - MountPoints2\{23ebee42-0c79-11e2-a704-842b2b8213a6}\Shell\AutoRun\command - "" = D:\setup.exe -- [2007/03/20 02:02:17 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{23ebee42-0c79-11e2-a704-842b2b8213a6}\Shell\configure\command - "" = D:\setup.exe -- [2007/03/20 02:02:17 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{23ebee42-0c79-11e2-a704-842b2b8213a6}\Shell\install\command - "" = D:\setup.exe -- [2007/03/20 02:02:17 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{23ebf1c8-0c79-11e2-a704-842b2b8213a6}\Shell - "" = AutoRun
O33 - MountPoints2\{23ebf1c8-0c79-11e2-a704-842b2b8213a6}\Shell\AutoRun\command - "" = E:\SISetup.exe
O33 - MountPoints2\{bdf9d90c-6136-11e2-bf90-842b2b8213a6}\Shell - "" = AutoRun
O33 - MountPoints2\{bdf9d90c-6136-11e2-bf90-842b2b8213a6}\Shell\AutoRun\command - "" = E:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
O33 - MountPoints2\{c229a44a-0f61-11e3-91fd-842b2b8213a6}\Shell - "" = AutoRun
O33 - MountPoints2\{c229a44a-0f61-11e3-91fd-842b2b8213a6}\Shell\AutoRun\command - "" = E:\TMCCSetup_3.57.95.14.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/09/03 13:29:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
[2014/09/01 18:18:00 | 000,000,000 | ---D | C] -- C:\!Peter Sulek
[2014/09/01 10:14:18 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\Desktop\Brooklyns Finest (2009)
[2014/08/30 08:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/08/30 07:48:49 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\Desktop\european-associ5400a055
[2014/08/29 09:07:52 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\AppData\Local\ElevatedDiagnostics
[2014/08/27 20:59:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Security Toolbar
[2014/08/27 20:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0814tb
[2014/08/26 12:59:46 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\Desktop\Personal
[2014/08/26 12:49:14 | 000,000,000 | ---D | C] -- C:\SM - Matej
[2014/08/07 20:25:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
========== Files - Modified Within 30 Days ==========
[2014/09/03 13:40:57 | 000,038,070 | ---- | M] () -- C:\Windows\SysWow64\mswhostctre.dll
[2014/09/03 13:29:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
[2014/09/03 13:20:38 | 000,134,095 | ---- | M] () -- C:\Users\Zuzana\Desktop\File.PDF
[2014/09/03 13:12:18 | 000,022,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/03 13:12:18 | 000,022,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/03 13:09:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/03 13:08:00 | 000,000,540 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2625221743-1896352500-3224387153-1000.job
[2014/09/03 12:49:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000UA.job
[2014/09/03 12:45:09 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/03 10:12:08 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/03 10:12:06 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/09/03 10:12:06 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
[2014/09/03 10:11:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/03 10:11:46 | 3018,412,032 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/02 22:04:43 | 629,905,523 | ---- | M] () -- C:\Users\Zuzana\Desktop\Best-Movies.info_Midnight.in.Paris.2011.720p.BrRip.x264.mp4
[2014/09/02 13:13:51 | 000,065,372 | ---- | M] () -- C:\Users\Zuzana\Desktop\download-02.09.2014.pdf
[2014/09/02 10:38:02 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\Synology Data Replicator 3-PC107-Zuzana.job
[2014/09/02 10:12:30 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000Core.job
[2014/09/02 07:43:53 | 000,156,133 | ---- | M] () -- C:\Users\Zuzana\Desktop\SM ISR Department Procedures_25AUG2014.pdf
[2014/08/31 23:11:41 | 892,319,955 | ---- | M] () -- C:\Users\Zuzana\Desktop\YIFY.info_-_Brooklyns.Finest.2009.rar
[2014/08/31 20:18:57 | 004,461,240 | ---- | M] () -- C:\Users\Zuzana\Desktop\Industry Review no. 5 31AUG_FINAL NOTES.pdf
[2014/08/31 17:58:26 | 004,086,704 | ---- | M] () -- C:\Users\Zuzana\Desktop\Industry Review no. 5 31AUG.pdf
[2014/08/30 20:29:44 | 838,438,839 | ---- | M] () -- C:\Users\Zuzana\Desktop\SLP.B72-SHULiBAN.rar
[2014/08/30 09:36:12 | 000,782,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/30 09:36:12 | 000,655,052 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/30 09:36:12 | 000,121,924 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/30 07:40:53 | 005,074,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/29 13:27:10 | 000,174,598 | ---- | M] () -- C:\Users\Zuzana\Desktop\RyanairBoardingPass.pdf
[2014/08/28 13:57:12 | 000,237,104 | ---- | M] () -- C:\Users\Zuzana\Desktop\O8K5HW_Benus.pdf
[2014/08/27 19:02:08 | 000,016,406 | ---- | M] () -- C:\Users\Zuzana\Desktop\Partner Specific Proposal.odt
[2014/08/27 17:14:17 | 000,011,087 | ---- | M] () -- C:\Users\Zuzana\Desktop\byt.png
[2014/08/27 16:03:22 | 000,203,679 | ---- | M] () -- C:\Users\Zuzana\Desktop\Web PRTSC Collage5_no watermark.jpg
[2014/08/26 20:40:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2014/08/26 12:41:18 | 000,002,124 | ---- | M] () -- C:\Users\Zuzana\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/08/26 12:41:18 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/08/26 11:50:21 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/08/25 20:18:56 | 827,030,184 | ---- | M] () -- C:\!Peter Sulek.part15.rar
[2014/08/25 20:17:12 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part14.rar
[2014/08/25 20:10:29 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part13.rar
[2014/08/25 20:03:59 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part12.rar
[2014/08/25 19:57:06 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part11.rar
[2014/08/25 19:51:13 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part10.rar
[2014/08/25 19:45:58 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part09.rar
[2014/08/25 19:40:46 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part08.rar
[2014/08/25 19:35:52 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part07.rar
[2014/08/25 19:31:04 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part06.rar
[2014/08/25 19:26:11 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part05.rar
[2014/08/25 19:21:21 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part04.rar
[2014/08/25 19:16:19 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part03.rar
[2014/08/25 19:09:18 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part02.rar
[2014/08/25 19:02:31 | 4293,918,720 | ---- | M] () -- C:\!Peter Sulek.part01.rar
[2014/08/13 04:02:24 | 000,050,976 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
========== Files Created - No Company Name ==========
[2014/09/03 13:20:37 | 000,134,095 | ---- | C] () -- C:\Users\Zuzana\Desktop\File.PDF
[2014/09/03 10:16:11 | 000,037,671 | ---- | C] () -- C:\Windows\SysWow64\mswhostctre.dll
[2014/09/02 21:53:06 | 629,905,523 | ---- | C] () -- C:\Users\Zuzana\Desktop\Best-Movies.info_Midnight.in.Paris.2011.720p.BrRip.x264.mp4
[2014/09/02 13:13:59 | 000,065,372 | ---- | C] () -- C:\Users\Zuzana\Desktop\download-02.09.2014.pdf
[2014/09/02 07:43:53 | 000,156,133 | ---- | C] () -- C:\Users\Zuzana\Desktop\SM ISR Department Procedures_25AUG2014.pdf
[2014/08/31 22:37:59 | 892,319,955 | ---- | C] () -- C:\Users\Zuzana\Desktop\YIFY.info_-_Brooklyns.Finest.2009.rar
[2014/08/31 20:18:55 | 004,461,240 | ---- | C] () -- C:\Users\Zuzana\Desktop\Industry Review no. 5 31AUG_FINAL NOTES.pdf
[2014/08/31 17:57:43 | 004,086,704 | ---- | C] () -- C:\Users\Zuzana\Desktop\Industry Review no. 5 31AUG.pdf
[2014/08/30 20:30:22 | 838,437,843 | ---- | C] () -- C:\Users\Zuzana\Desktop\silverlningplaybookbd72.mkv
[2014/08/30 20:20:02 | 838,438,839 | ---- | C] () -- C:\Users\Zuzana\Desktop\SLP.B72-SHULiBAN.rar
[2014/08/29 13:27:07 | 000,174,598 | ---- | C] () -- C:\Users\Zuzana\Desktop\RyanairBoardingPass.pdf
[2014/08/28 13:57:11 | 000,237,104 | ---- | C] () -- C:\Users\Zuzana\Desktop\O8K5HW_Benus.pdf
[2014/08/27 19:02:07 | 000,016,406 | ---- | C] () -- C:\Users\Zuzana\Desktop\Partner Specific Proposal.odt
[2014/08/27 17:14:17 | 000,011,087 | ---- | C] () -- C:\Users\Zuzana\Desktop\byt.png
[2014/08/27 16:03:14 | 000,203,679 | ---- | C] () -- C:\Users\Zuzana\Desktop\Web PRTSC Collage5_no watermark.jpg
[2014/08/27 08:57:36 | 005,074,648 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/26 20:40:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2014/08/26 12:41:18 | 000,002,124 | ---- | C] () -- C:\Users\Zuzana\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/08/26 12:41:18 | 000,002,112 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2014/08/26 12:41:18 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/08/26 11:50:21 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/08/25 20:17:12 | 827,030,184 | ---- | C] () -- C:\!Peter Sulek.part15.rar
[2014/08/25 20:10:29 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part14.rar
[2014/08/25 20:03:59 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part13.rar
[2014/08/25 19:57:06 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part12.rar
[2014/08/25 19:51:13 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part11.rar
[2014/08/25 19:45:59 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part10.rar
[2014/08/25 19:40:46 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part09.rar
[2014/08/25 19:35:52 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part08.rar
[2014/08/25 19:31:04 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part07.rar
[2014/08/25 19:26:11 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part06.rar
[2014/08/25 19:21:21 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part05.rar
[2014/08/25 19:16:19 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part04.rar
[2014/08/25 19:09:18 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part03.rar
[2014/08/25 19:02:31 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part02.rar
[2014/08/25 18:54:35 | 4293,918,720 | ---- | C] () -- C:\!Peter Sulek.part01.rar
[2014/03/01 10:12:49 | 000,004,096 | -H-- | C] () -- C:\Users\Zuzana\AppData\Local\keyfile3.drm
[2014/01/22 21:25:43 | 000,010,321 | ---- | C] () -- C:\Windows\zz1.dll
[2014/01/22 21:09:57 | 000,174,519 | ---- | C] () -- C:\Windows\hpoins43.dat
[2014/01/22 21:09:57 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2014/01/22 19:05:29 | 000,173,837 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2014/01/22 19:05:29 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2014/01/17 11:40:37 | 000,008,224 | ---- | C] () -- C:\Windows\SysWow64\xnviewh1.exe
[2013/09/13 14:14:15 | 000,000,130 | ---- | C] () -- C:\Users\Zuzana\AppData\Roaming\WB.CFG
[2013/07/16 09:57:04 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/05/22 22:32:42 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2013/05/22 22:32:42 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2013/05/21 08:29:17 | 000,003,729 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2013/02/21 13:32:28 | 000,003,584 | ---- | C] () -- C:\Users\Zuzana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/19 20:32:37 | 000,290,500 | ---- | C] () -- C:\Users\Zuzana\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/19 20:32:32 | 000,031,465 | ---- | C] () -- C:\Users\Zuzana\AppData\Local\funmoods.crx
[2012/11/12 12:16:02 | 000,768,750 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/12 17:25:50 | 000,027,520 | ---- | C] () -- C:\Users\Zuzana\AppData\Local\dt.dat
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/10/01 13:42:58 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\BitComet
[2014/06/02 20:39:29 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\BSplayer PRO
[2013/02/28 15:49:26 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Canon
[2014/06/14 15:24:53 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\DAEMON Tools Lite
[2013/05/27 11:49:46 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Downloaded Installations
[2014/08/24 16:34:52 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Dropbox
[2013/05/27 11:46:38 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\FileOpen
[2014/02/27 11:20:32 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Foxit Software
[2013/02/26 12:20:17 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Funmoods
[2014/02/06 05:29:12 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\FunmoodsChat
[2013/02/28 19:13:50 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\GHISLER
[2013/01/20 14:55:05 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\IrfanView
[2012/07/23 11:53:00 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\LibreOffice
[2012/09/19 18:07:33 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\LiveSoftware
[2013/05/27 11:46:38 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Nitro
[2014/08/18 15:17:14 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Nitro PDF
[2012/12/05 09:17:12 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Ofneu
[2012/12/05 09:17:55 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Ohax
[2014/04/30 17:22:47 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\PDAppFlex
[2012/11/19 20:45:42 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\PDF Writer
[2012/07/25 10:07:20 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\PeaZip
[2014/04/30 22:24:41 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/05/05 15:33:14 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Steinberg
[2012/10/15 09:45:49 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Thunderbird
[2013/02/28 15:17:45 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\TuneUp Software
[2012/12/05 09:17:33 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Unit
[2014/09/03 11:47:25 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\uTorrent
[2014/05/05 15:33:02 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Waves Audio
[2014/06/11 08:10:39 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\webex
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 3. 9. 2014 13:33:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zuzana\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,75 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 40,15% Memory free
7,49 Gb Paging File | 4,78 Gb Available in Paging File | 63,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 245,62 Gb Free Space | 52,75% Space Free | Partition Type: NTFS
Drive D: | 558,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PETERSULEK | User Name: Zuzana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DE495F1-7D66-4CC6-BCF2-84CAD68B2BA2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{13C74597-F978-4E9F-8370-DAF735D07A30}" = rport=139 | protocol=6 | dir=out | app=system |
"{157A522D-76B0-49D7-9D07-32505C28384C}" = lport=9100 | protocol=6 | dir=in | name=advanced tcp/ip printer port |
"{18281BCF-EA1F-4865-B96F-C682B772F3E6}" = lport=139 | protocol=6 | dir=in | app=system |
"{1C57E793-DD9F-4B5C-8C8E-BFA544126E17}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{21248CD2-8F55-481F-8FDA-F1E746C6C5DF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{265A3A27-F7C6-4E97-BDCB-8E83BFA97230}" = rport=138 | protocol=17 | dir=out | app=system |
"{3F1204E8-44E4-4E35-9EF1-BD71C8C9BDCE}" = lport=445 | protocol=6 | dir=in | app=system |
"{50346E0E-7ADF-4B0B-A5F6-0A5E17DECCBE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5A928FA8-F9D7-488B-818E-66F8D6D35637}" = lport=161 | protocol=6 | dir=in | name=advanced tcp/ip snmp port |
"{5E676E77-CB29-4062-95F8-CE59665F73AD}" = lport=137 | protocol=17 | dir=in | app=system |
"{69F35E0B-62E7-498F-98C8-F2A580DB634B}" = lport=24784 | protocol=6 | dir=in | name=bitcomet 24784 tcp |
"{73804CD4-89CA-47A7-B8AA-0CCBEE85E5A9}" = lport=427 | protocol=6 | dir=in | name=advanced tcp/ip slp port |
"{7FCED834-A357-40E0-9061-5ACDD65D0DA8}" = lport=24784 | protocol=17 | dir=in | name=bitcomet 24784 udp |
"{898CC424-5E69-4A3B-A148-603DBBE9585D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{AB7150A5-B662-43C8-914F-A26839069B30}" = rport=445 | protocol=6 | dir=out | app=system |
"{C94D1AB6-C459-463E-B408-D6281A33C7F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DD5B1BDA-25C2-4CAD-B71F-8BE96CAF406B}" = lport=5353 | protocol=17 | dir=in | app=c:\users\zuzana\appdata\local\google\chrome\application\chrome.exe |
"{E5DC2E19-56F8-4C60-8207-B3D2901AF35C}" = rport=137 | protocol=17 | dir=out | app=system |
"{E79C2DCD-29A6-4188-B3C7-A80D0E20E51E}" = lport=138 | protocol=17 | dir=in | app=system |
"{F6F73735-4AEF-465C-9663-38196E5BD6F7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00670563-5622-4C95-AB20-E0B08D077BA2}" = protocol=17 | dir=in | app=c:\users\zuzana\appdata\roaming\utorrent\utorrent.exe |
"{0AD9608A-662F-4835-BD38-8DE75A391FE5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{103DE2D0-53A1-4424-8230-D645F30E921B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{18BD9CDC-BFD0-49BA-92B8-04248BED2516}" = protocol=6 | dir=in | app=c:\program files\hp\hp laserjet p1100 series\wificonfig.exe |
"{2138A7C5-FB7A-447D-8C2C-736F1C712F13}" = protocol=6 | dir=in | app=c:\users\zuzana\appdata\roaming\utorrent\utorrent.exe |
"{21D3C32E-5500-42DE-9E8E-60033CC26B42}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{27DD83FB-467B-4E67-A1E5-866C43C09F0F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2CC96C87-EA1A-414D-8E17-B225C898B485}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{31B0288E-5E52-4E95-A319-DDEAE4A8E47F}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{335E23D4-D0BF-463E-968B-056EC577F846}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{363413F0-7090-44E4-A024-A3FDD612C8F8}" = protocol=6 | dir=in | app=c:\users\zuzana\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{389F0556-98A6-4DCC-9FC8-D0D911A62EDF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{510227C3-AB47-4769-B1D0-8A1A988BD1DF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{66A4CC6E-18CD-47AE-8485-20DB78453A5C}" = protocol=6 | dir=in | app=c:\windows\syswow64\nvidiah1.exe |
"{70922180-8A3D-4477-80B2-B9A7A43035DD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{77372ABF-465A-4529-9890-CD3CAF4EE665}" = protocol=6 | dir=in | app=c:\users\zuzana\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{79538464-E60A-4B2E-97A7-629676D68756}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{7A516469-4D00-468C-895A-3BF7F9052158}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9202E06E-F376-40AB-B5F3-D28A351F1AA4}" = protocol=17 | dir=in | app=c:\program files\hp\hp laserjet p1100 series\wificonfig.exe |
"{92740A84-CBD2-4ABF-833C-B7DBEB1AB321}" = protocol=1 | dir=out | [email protected],-28544 |
"{946BB42F-6730-43EF-9BBB-620D50915961}" = protocol=17 | dir=in | app=c:\users\zuzana\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{95BE7E83-06E5-437E-AAD7-1989DC6FB6E4}" = protocol=58 | dir=out | [email protected],-28546 |
"{98D8B1F7-DB15-4701-9A0F-6CA8BCBDD18B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9D04A74F-6583-4284-A894-F949A2B7399F}" = protocol=58 | dir=in | [email protected],-28545 |
"{A8194C9B-EEFA-408F-84CB-15FBC237191A}" = protocol=6 | dir=in | app=c:\users\zuzana\appdata\roaming\utorrent\utorrent.exe |
"{AECD11EC-3B64-4250-8479-C1C6D86C9FFF}" = protocol=17 | dir=in | app=c:\users\zuzana\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{AFF78BC8-D0A1-4A8B-9FF6-B6B95BD9AB27}" = protocol=1 | dir=in | [email protected],-28543 |
"{B2802BBB-D953-4EF5-A38B-0407B4DB6D5E}" = protocol=6 | dir=in | app=c:\program files (x86)\synology data replicator 3\backup.exe |
"{BEF06772-AB61-4A9C-8780-369B14671D1B}" = protocol=17 | dir=in | app=c:\windows\syswow64\nvidiah1.exe |
"{C1BEE268-D85B-4F22-B552-58270CED079F}" = protocol=17 | dir=in | app=c:\users\zuzana\appdata\roaming\utorrent\utorrent.exe |
"{C938380E-D4B1-4CA6-B49E-4BE706A9ACE9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DA3924A6-9CC4-40B5-8CBA-65294F4613A5}" = protocol=17 | dir=in | app=c:\program files (x86)\synology data replicator 3\backup.exe |
"{DE4D2F46-D7FB-4837-A16E-5434FBAC42D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F2ACFA6A-8A83-431D-8952-90A2948044A4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"TCP Query User{457A806E-E6B1-449C-854F-DC87295B3111}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"TCP Query User{80FB26E4-2669-4C16-B8D9-F38FA15D388D}C:\users\zuzana\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\zuzana\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{A3F7D7D8-3BC8-4E1C-BB8D-35C33EB5412A}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"TCP Query User{BF4AD978-E200-486B-92C6-5763C413C4C2}C:\program files (x86)\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\hl.exe |
"UDP Query User{7791B714-910B-4869-B7B7-85F42C0DF42D}C:\program files (x86)\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\hl.exe |
"UDP Query User{850C2610-4403-4DB9-9E20-476FBD5F7504}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"UDP Query User{9EA1F016-F1CD-402E-855F-F97DE804F615}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"UDP Query User{F8BD4D9E-601C-43F8-AE5D-449B8C1EEBFA}C:\users\zuzana\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\zuzana\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java™ 7 Update 5 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{47B42E7A-57E9-407B-8DBB-017B86D7B13F}" = Nitro Pro 8
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4DE2F12A-08BB-4DB7-A1CA-9661BE2172DF}" = ESET Endpoint Antivirus
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61D557D1-D0F1-A474-ED66-F0002B583A6F}" = ccc-utility64
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{7A8A100D-3ECB-311C-E7A1-4A9FEB8BB209}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{A7581B61-C9F9-4fea-B845-E7733C17EC19}" = Canon MF8000C Series
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Blue Coat K9 Web Protection" = Blue Coat K9 Web Protection
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 9.2.0.1499
"CCleaner" = CCleaner
"DW WLAN Card Utility" = DW WLAN Card Utility
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PDF Printer for Windows 7_is1" = PDF Printer for Windows 7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E03B66-52E5-C874-6503-8B35C40E301D}" = Catalyst Control Center InstallProxy
"{04A9A926-D6CD-E5E3-6E93-4A56E9AD318F}" = Catalyst Control Center Graphics Light
"{050F3B1C-E90D-FCE1-F3A2-897031747D45}" = CCC Help Greek
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2F956781-C08C-066D-BA5A-7A18FDA32546}" = CCC Help Japanese
"{34791103-F01D-74D5-6CB6-4D55D5C26AF9}" = CCC Help Czech
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{558096C5-C5E2-74A0-ADCC-EAF8BB6E8A08}" = Catalyst Control Center Core Implementation
"{56C4D1F3-32F8-4953-1C38-71EE13053C06}" = CCC Help Norwegian
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 4.6.1
"{5B7E8AD9-D380-5104-D963-02D343E88F7F}" = CCC Help Russian
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{63085BA8-EAB4-DD73-4C91-C0FC9C1934CE}" = Catalyst Control Center Graphics Full New
"{6608BE38-EB23-018E-AAEC-0F7F7B20433C}" = CCC Help Portuguese
"{6621AAC1-1DFC-5AA8-613B-F23D0793F2B4}" = Catalyst Control Center Graphics Full Existing
"{66712EEE-ECBC-4CA4-A474-dream-amr-to-mp3-converter}_is1" = Dream AMR to MP3 Converter 3.0.1.0
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf12
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding
"{76E5849B-F24B-1BF4-F923-9A0E50409A7D}" = Catalyst Control Center Localization All
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79A92AB1-6002-A186-D90C-FA9ADEF1344D}" = Catalyst Control Center Graphics Previews Common
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{7B00995A-23C4-ED76-149A-6A62A3E699F5}" = CCC Help Finnish
"{7DEDD852-9F7B-860D-CE21-ADE6183EC93D}" = CCC Help Thai
"{7F650E19-E3BC-A6DF-01EE-D3EF637B2531}" = CCC Help Turkish
"{85A90F2E-1E41-35CE-E238-F2A799352CAC}" = CCC Help Chinese Traditional
"{86BDBEB6-D01D-E80E-EB20-D7429887433A}" = CCC Help French
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator 3
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_ENTERPRISE_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_ENTERPRISE_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_ENTERPRISE_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2007
"{90120000-00BA-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC86EE3-425F-43B9-9A4F-4AA765B5A4FB}_is1" = AVI&WMV
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{ADC15292-1402-ED36-1074-3E1E35D69259}" = CCC Help Dutch
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B025BA0B-64A6-46DE-9D64-32965C83CCA9}" = Citrix Online Launcher
"{B189A570-2814-1979-04F4-7841ADFF40DA}" = ccc-core-static
"{B1F9C834-0594-4563-B344-4ED9599A5945}" = LibreOffice 3.5
"{B93EE97C-CCC6-6924-0620-9E8CBE39E393}" = Catalyst Control Center Graphics Previews Vista
"{B96C073B-C68C-DEE2-3430-5DEAA2B64CC0}" = CCC Help Danish
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1" = AMR to MP3 Converter 1.4
"{C6640705-7479-4EE5-BC86-879F05F65E74}" = Google Drive
"{CFB770D7-8D43-1014-922B-CC2715FADE3F}" = Adobe InDesign CS6
"{DA0A4EEE-0BE9-19B7-48F6-127DDC6BE659}" = CCC Help German
"{DD7F833D-F476-2A42-89F1-61409DEC915C}" = CCC Help Polish
"{DE280602-BC2C-7019-6D15-7E9158A2805F}" = CCC Help Spanish
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E429EE2E-B76C-4553-8B04-B45587F00FD1}" = Questionmark Secure Browser
"{ECFF33DA-FA29-F7DF-A97C-3FD2384BAD7C}" = CCC Help Swedish
"{EFD40425-30CF-BC15-703D-5886D43B8D2D}" = CCC Help Hungarian
"{F0BEA60C-8D9F-99C5-E7A9-3BC4A1F715C6}" = CCC Help Korean
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F39AE606-7A24-3A81-B06A-76DBDB504C04}" = CCC Help English
"{FA9B3B0A-1718-0D6A-41C2-1A6671655282}" = CCC Help Chinese Standard
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD6EB36A-1030-8423-CB14-F9E963DA7886}" = CCC Help Italian
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"AVG Secure Search" = AVG Security Toolbar
"Boxoft free AVI to WMV Converter_is1" = Boxoft free AVI to WMV Converter
"BSPlayerp" = BS.Player PRO
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit Reader_is1" = Foxit Reader
"funmoods" = Funmoods
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"IrfanView" = IrfanView (remove only)
"LameACM" = Lame ACM MP3 Codec
"Mail List Validator_is1" = Mail List Validator 2.0
"Mozilla Firefox 32.0 (x86 sk)" = Mozilla Firefox 32.0 (x86 sk)
"Mozilla Thunderbird 31.0 (x86 sk)" = Mozilla Thunderbird 31.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Synology Assistant" = Synology Assistant (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 2.1.0
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Foxit PDF Creator Toolbar Updater
"Funmoods" = MaintenanceService-Funmoods
"Funmoods Chat" = Update for Funmoods Chat
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 6.4.0.1558
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17. 1. 2014 11:33:51 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2439762
Error - 17. 1. 2014 11:33:51 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2439762
Error - 17. 1. 2014 11:33:52 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 17. 1. 2014 11:33:52 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2440932
Error - 17. 1. 2014 11:33:52 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2440932
Error - 17. 1. 2014 11:49:12 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 17. 1. 2014 11:49:12 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1482
Error - 17. 1. 2014 11:49:12 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1482
Error - 17. 1. 2014 11:49:13 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 17. 1. 2014 11:49:13 | Computer Name = PC107 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2512
[ Media Center Events ]
Error - 29. 10. 2012 4:06:07 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 9:06:01 - Failed to retrieve Broadband (Error: Unable to connect to
the remote server)
Error - 29. 10. 2012 5:07:06 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 10:07:05 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 29. 10. 2012 5:08:09 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 10:07:48 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 29. 10. 2012 5:08:55 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 10:08:30 - Failed to retrieve MCEClientUX (Error: Unable to connect
to the remote server)
Error - 29. 10. 2012 5:09:20 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 10:09:16 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 29. 10. 2012 6:10:26 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 11:10:26 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 29. 10. 2012 6:11:29 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 11:11:08 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 29. 10. 2012 6:12:11 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 11:11:50 - Failed to retrieve MCEClientUX (Error: Unable to connect
to the remote server)
Error - 29. 10. 2012 6:12:34 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 11:12:32 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 12. 12. 2012 4:11:06 | Computer Name = PC107 | Source = MCUpdate | ID = 0
Description = 9:10:54 - Error connecting to the internet. 9:10:54 - Unable to
contact server..
[ OSession Events ]
Error - 17. 7. 2013 6:27:42 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 39
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12. 8. 2013 12:54:19 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 282818
seconds with 9240 seconds of active time. This session ended with a crash.
Error - 23. 8. 2013 8:16:00 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 176097
seconds with 8160 seconds of active time. This session ended with a crash.
Error - 14. 10. 2013 0:48:19 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1471328
seconds with 31380 seconds of active time. This session ended with a crash.
Error - 14. 10. 2013 2:27:08 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5917
seconds with 3540 seconds of active time. This session ended with a crash.
Error - 18. 11. 2013 3:41:30 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 116 seconds with 60 seconds of active time. This session ended with a crash.
Error - 18. 11. 2013 3:43:50 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 68 seconds with 60 seconds of active time. This session ended with a crash.
Error - 22. 1. 2014 18:04:13 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3628
seconds with 2220 seconds of active time. This session ended with a crash.
Error - 22. 1. 2014 18:20:25 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 434
seconds with 420 seconds of active time. This session ended with a crash.
Error - 15. 2. 2014 9:43:58 | Computer Name = PC107 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 440224
seconds with 10200 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 29. 8. 2014 4:25:18 | Computer Name = PeterSulek | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:25:25 on ?29. ?8. ?2014 was unexpected.
Error - 29. 8. 2014 7:06:53 | Computer Name = PeterSulek | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.
Error - 29. 8. 2014 9:37:53 | Computer Name = PeterSulek | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.
Error - 29. 8. 2014 13:48:33 | Computer Name = PeterSulek | Source = Service Control Manager | ID = 7034
Description = The HP Network Devices Support service terminated unexpectedly. It
has done this 1 time(s).
Error - 30. 8. 2014 3:34:42 | Computer Name = PeterSulek | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.
Error - 30. 8. 2014 5:49:59 | Computer Name = PeterSulek | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 31. 8. 2014 1:48:05 | Computer Name = PeterSulek | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 31. 8. 2014 16:09:22 | Computer Name = PeterSulek | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 2. 9. 2014 13:34:00 | Computer Name = PeterSulek | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.
Error - 2. 9. 2014 13:39:16 | Computer Name = PeterSulek | Source = Service Control Manager | ID = 7022
Description = The HP Network Devices Support service hung on starting.
< End of report >
Sign In
Create Account
