kontrola LOGU diky

[crash40]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:07:11, on 20.2.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [BitComet] "C:\Program Files (x86)\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: FIFA 09 Registration.lnk = C:\Program Files (x86)\EA Sports\FIFA 09\Support\EAregister.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10312 bytes

[Reklama]

[pitimir]

Nazdar, HJT uz nestaci...
Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users" -> "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.

+Odinstaluj Daemon/Alcohol, oba dva na systeme nerobia dobrotu.

[crash40]

OTL Extras logfile created on: 30.8.2009 17:06:51 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Šimon\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 68,47% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 43,96 Gb Free Space | 14,75% Space Free | Partition Type: NTFS
Drive D: | 3,34 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POKOJÍK-PC
Current User Name: Šimon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe ()
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe ()
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe ()
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe ()
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe ()
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe ()
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ABF8FFF-EC26-491F-8DA7-25D895821A72}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0AD5EC50-D9B7-4233-8403-A2E8DA09667E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3FE51E5E-8C0C-4179-B17C-DF1BC3095986}" = rport=445 | protocol=6 | dir=out | app=system |
"{4D786157-8637-4EAF-BCEC-24DFBB37DC4B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{56E2602C-B88D-4589-95A1-1D041EC64618}" = rport=138 | protocol=17 | dir=out | app=system |
"{58814012-7E0A-4499-BC4D-80439D67E2F8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5C53DD26-B742-4883-91CC-7C852FCEE908}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6B12996F-D304-46A7-B6FA-21237E517780}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6F91A5B4-B192-4FDD-9927-E71CFAAC4911}" = lport=137 | protocol=17 | dir=in | app=system |
"{7241D9B1-9A05-492B-B3E1-DA4DE222DCF9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7E3DBDE3-6A94-463C-B026-50A9107BBD1E}" = rport=137 | protocol=17 | dir=out | app=system |
"{95FEE612-76BA-4D35-A359-55FDCF1825E3}" = lport=138 | protocol=17 | dir=in | app=system |
"{A40EEDA7-79CE-4867-9647-AC6C7C969D9C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9936609-DA38-47DB-877C-B15C3311ECB0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B4A78FAD-5FF7-42C8-9719-E72675353B1D}" = rport=139 | protocol=6 | dir=out | app=system |
"{D095808E-600F-4124-ACCC-7C4CC48E0907}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{DBAFEFA9-D48C-4038-A281-F1522D08FED6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F01FEEE2-B1F1-430A-BF2A-014B97122D67}" = lport=445 | protocol=6 | dir=in | app=system |
"{FD7FA5A2-C9EE-4D5C-BCCD-C6011FAA4142}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{048D8887-C194-46A2-862C-D5FB3302340E}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{0AF8B0F3-D9F4-4853-A837-057CCA3205F6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{0C021A08-66AE-40CA-A3CD-C8000BA8FBD4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |
"{120170C2-E2D5-48BD-A030-86555071B3B6}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{1778FE84-4E80-4724-ABD4-E80D0D8CF21F}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{1AED25BE-2171-4D35-8F1D-B362E033C160}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{202834D4-814A-435E-B477-7B5212622C29}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2376AF85-9BF5-473B-928A-863F802B01CE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{24BBE959-DF0F-4D2A-95DC-47C431EDC458}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2FB62A51-BBA9-41C0-A16B-2E80212684CB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{39F26C78-2DED-4954-A652-CDCB9C84A2C2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3C84592D-9375-44EA-AF23-5E6248FD3ABD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3E1C0718-F6F4-4EB3-B27C-62A944004C42}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3EB673EF-159E-4646-843A-462805C237FF}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{429B2ED7-3562-46BA-AF73-5A82EE950E4A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{478A98FF-321A-41B1-82E6-06D8ECDDDD46}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{4DED2383-5C2D-4BD9-9130-09E58277D06B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4E1A4A99-FE31-4443-8F40-EB0B91F67528}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{514984D4-3B6F-432F-B908-DB03D4960B45}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5939E494-80F9-4BD2-BC35-0A4061D6CEA2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{615F69F7-312B-4A66-A90C-E316551B361C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6482C0C7-DE99-4211-83BD-773491E960DA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{66A7BBC9-5154-4D54-8D0B-BF328BE2CAED}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{66F0E2C9-FF4C-4480-A35C-314EF1969F0F}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{68F8D168-B983-4BCE-AFB3-2F1E4AB45806}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{6B0BB77F-538C-4F8D-97AE-D575145A1A22}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{6C9D535A-E9BD-4D1C-9252-40CBD7569350}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{718EDB42-1794-4EA1-88B6-49DCC115539E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{71BEF185-1350-48F5-9FC2-DD765CB2514D}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{7EC6E412-4FCE-4921-A76B-2715EFBC1116}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8840C09F-FDAF-4E5E-BF87-E71079D9DA58}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{8966F031-64AB-4CAC-BA8A-5379AF82A5C9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{8B669B13-5FCA-4D93-941E-6D1B7E6E4BDC}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{8BE58334-DB6A-48CC-809E-08DE2B2D38D8}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{92D2D26C-9DEF-41AC-8915-E47E72AB073D}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{9303A2D3-B838-4037-BC76-41A7ECD4C819}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{950164F1-1C69-44E5-B2DA-5B695F0593CD}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{95C6FE8F-BD8D-4CBB-B483-8824324FCD8A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{96284D10-177D-4D90-B2C3-0A9452D0F791}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{99148D3B-4342-42D7-A5C0-24F8B1AC383B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{9C2068F1-1F81-4476-8E01-E4A8672AFBB1}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{9DB117C5-2B94-404A-9C75-259C25DF60A3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{9DD40B63-64A6-4A8C-ABEF-CDF0A4E06388}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{9F2CAA07-E681-420B-B14E-17B2D8DFA9A7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A5DBF8DA-D8DA-4720-86E7-16413C8C9DEB}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mp.exe |
"{AA402581-90F1-4CA6-94D0-55FF9DE67FA3}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mplite.exe |
"{AA75D17D-3DBB-48D7-97CA-6F3A7CCB758E}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{AE2782BF-78C0-49B4-A94C-D25DD25AF4B9}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{B0115267-E63C-4119-8903-C6DC43C72CB0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B1F88EEF-3060-439E-A829-5450EC1C5546}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{B58EAD64-3B45-4F9E-9707-9285C68B252B}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{BB1703D0-1259-4B56-B44D-1BF42D5F8944}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{BC64AA81-842E-4B45-AFD0-5E269E80A316}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{BF0BF124-A1CD-4AB0-8DBA-A866431AFF43}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{C3873A93-FBAB-4749-9C7D-7A1D30B6B864}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mp.exe |
"{C75126BC-BFF8-4A42-9EC9-0FE393A9E020}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CB6ED1EB-547F-4906-B9AC-FD09348B9CBF}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{CDB9BFDC-BF7A-4C43-A1C7-FE8EA04C79D2}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mplite.exe |
"{CE6C808C-2E1B-44D1-802F-9E594B0CE99F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D2036D81-DF07-470C-BA6B-3F45196A8BA4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D8C09B53-CED6-40A5-B320-3B4121A5982E}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{DAE7712C-72F9-4BF5-9A98-15FB9CFD1B1B}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{DC82EC0B-7DBB-4C8B-AA67-67AD8695B157}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{DE84F466-696F-45C9-9E76-DAD089761BDC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |
"{E7D256FB-916D-4305-AECF-0C04FCB7A369}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{F1B3FB54-A54E-458E-B00C-9C5C7E953763}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F79020B1-F459-434E-8A06-AD1300364186}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{F7968B6C-E584-46E4-B0D1-FCA9FA3868D5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"TCP Query User{09779C16-E108-4166-8EB3-B154F3D05B1C}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"TCP Query User{1AC538B0-BEE0-4450-9C09-A86EE46FFCD6}C:\program files (x86)\left4dead\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\left4dead\hl2.exe |
"TCP Query User{1B9B4F8B-51EC-4209-90F0-ECB4BF6254CA}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{251C27D8-BA68-428C-888D-974A0B43A552}C:\users\šimon\appdata\local\temp\rar$ex00.937\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\users\šimon\appdata\local\temp\rar$ex00.937\tdu\testdriveunlimited.exe |
"TCP Query User{390908D9-5D2F-45FC-9CB3-1386159495D7}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"TCP Query User{4B54ACB0-2CFB-4249-9230-0929247D08B7}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{5156B44D-93B6-46FF-B6F9-41F29590CFE3}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{5663D38D-AB6E-4445-B7BE-CF63AFA3686C}C:\program files (x86)\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tdu\testdriveunlimited.exe |
"TCP Query User{61612263-4614-4909-8BC9-EB995A780DA0}C:\users\šimon\desktop\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\users\šimon\desktop\tdu\testdriveunlimited.exe |
"TCP Query User{7243192C-9A4F-450C-BD79-2C29615091C6}C:\program files (x86)\counter-strike 1.6\cstrike.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6\cstrike.exe |
"TCP Query User{801CDEE3-DBCC-4B0E-A307-EA5C50426C11}C:\program files (x86)\yaho's miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yaho's miranda im\miranda32.exe |
"TCP Query User{80AC6AE2-A3C4-4F0D-9349-542A2461861E}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{925AED03-221E-410E-B305-2343FD324288}C:\users\šimon\appdata\local\temp\rar$ex63.116\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\users\šimon\appdata\local\temp\rar$ex63.116\tdu\testdriveunlimited.exe |
"TCP Query User{9532D7C1-2273-4DA5-BC63-156A806DB398}C:\program files (x86)\age of empires 2 & the conquerors expansion - full game\age2_x1.exe" = protocol=6 | dir=in | app=c:\program files (x86)\age of empires 2 & the conquerors expansion - full game\age2_x1.exe |
"TCP Query User{A1B6342A-1AD0-4510-9B80-18DBE713AA04}C:\users\šimon\desktop\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\users\šimon\desktop\miranda im\miranda32.exe |
"TCP Query User{AA366382-6533-401E-8C23-9DFD21126F02}C:\users\šimon\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\users\šimon\miranda im\miranda32.exe |
"TCP Query User{AB9DE897-2581-4E77-9830-5CCB75970D25}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{ABC6EA32-7A35-459D-8018-7EE469514ECB}C:\program files (x86)\yaho's miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yaho's miranda im\miranda32.exe |
"TCP Query User{BB484DC2-965D-4A67-83F1-CCEAA132084A}C:\program files (x86)\age of empires 2 & the conquerors expansion - full game\age2_x1.exe" = protocol=6 | dir=in | app=c:\program files (x86)\age of empires 2 & the conquerors expansion - full game\age2_x1.exe |
"TCP Query User{BDC76464-1DE2-4DED-B8DC-A4244598FD6B}C:\program files (x86)\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"TCP Query User{BFD0C1E5-9E73-42B4-9496-B279331BE59D}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{C5C6D8CA-8EF1-4100-8FEA-8921A0986C03}C:\program files (x86)\left4dead\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\left4dead\hl2.exe |
"TCP Query User{CD43236F-0E14-41FC-8EBF-A0F6A5FA2CF3}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{CDC4A2EB-9CB5-48DF-AC41-559606F81652}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{D19A6D67-7C53-45AB-90E9-733BD2F9BC61}C:\users\šimon\desktop\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\users\šimon\desktop\miranda im\miranda32.exe |
"TCP Query User{D4F29BF2-96EB-4594-A562-DE6871AC9D51}C:\program files (x86)\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"TCP Query User{E242B22C-1E3A-476D-B1DD-16FB8649927B}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"TCP Query User{E610BEA7-F2E8-49D5-8094-FAE411B55FDA}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{E9C5F39F-64A6-4B46-9D97-6B86F785B333}C:\program files (x86)\counter-strike 1.6\cstrike.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6\cstrike.exe |
"TCP Query User{F5EE43F1-A818-42F1-BF5A-611D302E9476}C:\users\šimon\appdata\local\temp\rar$ex00.209\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\users\šimon\appdata\local\temp\rar$ex00.209\tdu\testdriveunlimited.exe |
"TCP Query User{FB8C24D3-2347-4841-B961-85F77DE74E51}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"UDP Query User{022ABA53-0D40-448B-BF08-33952BEB8DE4}C:\program files (x86)\age of empires 2 & the conquerors expansion - full game\age2_x1.exe" = protocol=17 | dir=in | app=c:\program files (x86)\age of empires 2 & the conquerors expansion - full game\age2_x1.exe |
"UDP Query User{164EA174-E04E-45FC-AD18-E56384BD8A4E}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"UDP Query User{1C527806-1EBF-4412-BBB8-E11CDDFF0A1D}C:\users\šimon\desktop\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\users\šimon\desktop\tdu\testdriveunlimited.exe |
"UDP Query User{37B8BFC1-F685-4CA4-8E75-F4BFEF827355}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"UDP Query User{3844EE82-7DE3-4087-B188-9FE0C4C75023}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{3AEAF23F-F7F6-40F2-9137-907B0490BB47}C:\program files (x86)\yaho's miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yaho's miranda im\miranda32.exe |
"UDP Query User{3BBA634D-6BF3-44B8-ADB5-F0FAE5310EFD}C:\users\šimon\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\users\šimon\miranda im\miranda32.exe |
"UDP Query User{45680DEC-57FF-41DB-89E6-BB262586B6BB}C:\users\šimon\appdata\local\temp\rar$ex00.209\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\users\šimon\appdata\local\temp\rar$ex00.209\tdu\testdriveunlimited.exe |
"UDP Query User{5301AAB9-0F32-4BEB-AB1B-92E52260BAE8}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{639EC9F5-B942-4381-A3D5-532386C448C4}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"UDP Query User{678538C1-DDF8-47E4-8198-71F8F15E1B78}C:\users\šimon\appdata\local\temp\rar$ex00.937\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\users\šimon\appdata\local\temp\rar$ex00.937\tdu\testdriveunlimited.exe |
"UDP Query User{67E694D3-E987-4A46-80A5-7ADA05D865C4}C:\program files (x86)\left4dead\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\left4dead\hl2.exe |
"UDP Query User{68601698-48B3-4FCD-A7A1-29B1B8AC5423}C:\users\šimon\desktop\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\users\šimon\desktop\miranda im\miranda32.exe |
"UDP Query User{6F15AA92-C38D-4E8D-9AAF-DCC7FA1FA810}C:\program files (x86)\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tdu\testdriveunlimited.exe |
"UDP Query User{74210B88-E9C6-4812-AE04-A839DA53E3F4}C:\program files (x86)\counter-strike 1.6\cstrike.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6\cstrike.exe |
"UDP Query User{8CFF047E-7A0D-459B-8758-F602D3E646EE}C:\program files (x86)\counter-strike 1.6\cstrike.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6\cstrike.exe |
"UDP Query User{91EE8020-1AAA-4E82-A3E2-E024A423D8BE}C:\program files (x86)\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"UDP Query User{98E7E50F-2FFD-458D-A32D-28B00FA23548}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{B0F228B3-7FE4-4946-8338-9A89428F9F7F}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{B413110E-6709-4346-806B-B79CC66F5D6E}C:\users\šimon\desktop\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\users\šimon\desktop\miranda im\miranda32.exe |
"UDP Query User{B41E0045-908D-483F-A450-6815BDD7A99D}C:\program files (x86)\yaho's miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yaho's miranda im\miranda32.exe |
"UDP Query User{BCD8CECB-6CDE-4423-9A7B-1A8EC0797316}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"UDP Query User{BFFE4E35-1545-4AD4-A5B4-6A8BB954398A}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"UDP Query User{C3F47A22-4C97-4959-9DB9-077EF96C6059}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{C5AFFE44-E507-4444-83EB-E0C4F5D194BF}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"UDP Query User{E65BF9E7-8DC7-4719-848E-095024FF51C2}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{EFD46986-DFB8-4904-9CC1-FDA18FAFBDE1}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{F02FBAA5-8297-4269-960B-A3B2C1300E56}C:\program files (x86)\left4dead\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\left4dead\hl2.exe |
"UDP Query User{F23893C5-CCD1-4BDF-BF76-C2D7C23BEB97}C:\program files (x86)\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"UDP Query User{F5334EBB-16F5-4C2B-9FA8-317A69C693E3}C:\program files (x86)\age of empires 2 & the conquerors expansion - full game\age2_x1.exe" = protocol=17 | dir=in | app=c:\program files (x86)\age of empires 2 & the conquerors expansion - full game\age2_x1.exe |
"UDP Query User{F87FC8F7-B762-4E19-864A-B626937CF0FA}C:\users\šimon\appdata\local\temp\rar$ex63.116\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\users\šimon\appdata\local\temp\rar$ex63.116\tdu\testdriveunlimited.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{88EB92AB-ABD3-E13C-3AEE-B7518354B55A}" = ATI Catalyst Install Manager
"{8AB5E15C-BDCB-7A93-9DBF-19C2DF39D0C7}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1EF69B7-7A97-40FC-9AF1-6D6656FF874F}" = ATI AVIVO64 Codecs
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{FEF49196-641D-4105-A885-65020FCC73BE}" = Motorola Driver Installation 3.5.0
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Lazarus_is1" = Lazarus 0.9.22
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07043840-8EBE-4287-85D8-8EC76D88B906}" = Microsoft Math 3.0
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19DDEE14-1A97-196F-B33B-5F069C929ACA}" = HydraVision
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 13
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3EA5D881-A648-B489-F113-3A7D99EC936F}" = Catalyst Control Center InstallProxy
"{3FE799B6-6493-AD47-A5FA-F3FE144C7EF0}" = Catalyst Control Center HydraVision Full
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6384375D-0F30-4208-9867-C54AE67F82E0}" = Gothic 3
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7D21905A-5DB7-2F4C-4E97-80F352D2C3A9}" = Catalyst Control Center Graphics Previews Vista
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8214D5AF-8BA8-3551-A859-5EBDBD30D2FA}" = Catalyst Control Center Core Implementation
"{85693740-CB33-8E46-D05A-22EEAC2C14C3}" = Catalyst Control Center Graphics Full New
"{8A0D9C6B-ACB8-738E-2D1A-B437E2CF36B6}" = Catalyst Control Center Graphics Full Existing
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}" = Nero 8
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92510C2A-30E3-4F8D-AE8A-93AB7B63EE8F}" = Gothic II Gold
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{97EA42A5-3FAB-4948-B74D-F3C44B13F5CE}" = Crysis WARHEAD(R) Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B3131F98-FC4B-4931-9D01-723C61F1AFBD}_is1" = Yaho's Miranda Pack - Dark 4.3
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE
"{B471481F-8743-85EF-B551-45ED91BEEE76}" = Catalyst Control Center Graphics Previews Common
"{B578C85A-A84C-4230-A177-C5B2AF565B8C}" = Microsoft Games for Windows - LIVE Redistributable
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF10B37-4ED3-11D5-A818-00500435FC18}" = Gothic
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C874DC88-F5E2-D566-2880-22A2FDA0C69C}" = CCC Help English
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}" = Command & Conquer™ Red Alert™ 3 Uprising
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E848C9C0-E6FF-4A3F-9D67-AE53AC3628FE}" = SweetIM for Messenger 2.7
"{E96A2C11-1139-7A34-C529-4D21832A34F6}" = Catalyst Control Center Graphics Light
"{EB2340D4-21DF-54B3-4C52-6C4F4B19F46D}" = ccc-core-static
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"3GP Video Converter 3" = 3GP Video Converter 3
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Age Of Empires 2 & The Conquerors Expansion - Full Game" = Age Of Empires 2 & The Conquerors Expansion - Full Game
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"avast!" = avast! Antivirus
"BitComet" = BitComet 1.06
"BS_Player Toolbar" = BS_Player Toolbar
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner (remove only)
"Counter-Strike 1.6" = Counter-Strike 1.6
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Crysis WARHEAD(R) Patch" = Crysis WARHEAD(R) Patch
"Diablo II" = Diablo II
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.50
"GameParkClient_is1" = GamePark
"Hamachi" = Hamachi 1.0.3.0
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.2
"HLSW_is1" = HLSW v1.3.1
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5 SE
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.4.5
"Left 4 Dead_is1" = Left 4 Dead v1.0.0.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"mv61xxDriver" = marvell 61xx
"PunkBusterSvc" = PunkBuster Services
"Scorpions WinCheater 1.10_is1" = Scorpions WinCheater 1.10
"Scorpions WinCheater 2.07 (s databází 96)_is1" = Scorpions WinCheater
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Hero Editor V0.96
"Totalcmd" = Total Commander (Remove or Repair)
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Winamp" = Winamp
"WinRAR archiver" = WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 4.8.2009 16:39:27 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Local\Temp\~DF7019.tmp failed, 00000005.

Error - 5.8.2009 9:21:38 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Local\Temp\~DF475F.tmp failed, 00000005.

Error - 5.8.2009 16:12:42 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Local\Temp\~DF39DF.tmp failed, 00000005.

Error - 6.8.2009 3:28:27 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Local\Temp\~DFF8.tmp failed, 00000005.

Error - 6.8.2009 12:32:29 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Roaming\ICQ\Application.mdb failed, 00000005.

Error - 14.8.2009 6:34:57 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012009081420090815\index.dat
failed, 00000005.

Error - 22.8.2009 4:46:31 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012009082120090822\index.dat
failed, 00000005.

Error - 27.8.2009 17:01:20 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Roaming\ICQ\Application.mdb failed, 00000005.

Error - 27.8.2009 17:01:23 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012009082720090828\index.dat
failed, 00000005.

Error - 29.8.2009 17:57:13 | Computer Name = Pokojík-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Šimon\AppData\Roaming\ICQ\Application.mdb failed, 00000005.

[ Application Events ]
Error - 30.8.2009 3:23:20 | Computer Name = Pokojík-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze
součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již
aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.

Error - 30.8.2009 3:23:21 | Computer Name = Pokojík-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti
požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní
součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 30.8.2009 3:23:21 | Computer Name = Pokojík-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti
požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní
součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 30.8.2009 9:47:37 | Computer Name = Pokojík-PC | Source = WinMgmt | ID = 10
Description =

Error - 30.8.2009 9:50:53 | Computer Name = Pokojík-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 30.8.2009 9:50:57 | Computer Name = Pokojík-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze
součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již
aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.

Error - 30.8.2009 9:50:57 | Computer Name = Pokojík-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze
součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již
aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.

Error - 30.8.2009 9:50:57 | Computer Name = Pokojík-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze
součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již
aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.

Error - 30.8.2009 9:50:57 | Computer Name = Pokojík-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze
součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již
aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.

Error - 30.8.2009 9:50:57 | Computer Name = Pokojík-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti
požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní
součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

[ System Events ]
Error - 5.4.2009 3:06:31 | Computer Name = Pokojík-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 5.4.2009 3:06:34 | Computer Name = Pokojík-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 5.4.2009 3:06:49 | Computer Name = Pokojík-PC | Source = HTTP | ID = 15016
Description =

Error - 5.4.2009 3:08:14 | Computer Name = Pokojík-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 6.4.2009 0:47:27 | Computer Name = Pokojík-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 6.4.2009 0:47:30 | Computer Name = Pokojík-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 6.4.2009 0:47:46 | Computer Name = Pokojík-PC | Source = HTTP | ID = 15016
Description =

Error - 6.4.2009 0:49:11 | Computer Name = Pokojík-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 6.4.2009 11:14:11 | Computer Name = Pokojík-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 6.4.2009 11:14:14 | Computer Name = Pokojík-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.


< End of report >

[crash40]

OTL logfile created on: 30.8.2009 17:06:51 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Šimon\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 68,47% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 43,96 Gb Free Space | 14,75% Space Free | Partition Type: NTFS
Drive D: | 3,34 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POKOJÍK-PC
Current User Name: Šimon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2008.09.10 14:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2009.08.17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.08.17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2006.02.28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2007.08.08 10:25:08 | 00,836,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2009.08.26 22:19:11 | 00,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2007.05.28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.08.17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.08.17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008.06.03 02:06:34 | 05,964,800 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2008.11.12 11:30:06 | 02,511,672 | ---- | M] (www.BitComet.com) -- C:\Program Files (x86)\BitComet\BitComet.exe
PRC - [2008.12.29 12:40:30 | 00,687,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2007.08.03 13:51:06 | 00,202,024 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2009.08.17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008.08.04 01:02:20 | 00,036,352 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2008.03.20 21:23:22 | 00,083,240 | ---- | M] (Cyberlink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2009.03.09 06:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009.05.20 15:11:40 | 00,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2007.08.03 13:51:18 | 00,382,248 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2007.08.03 13:51:18 | 01,422,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2009.03.08 13:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe
PRC - [2009.08.30 17:06:10 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Šimon\Downloads\OTL.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.05.16 05:24:09 | 00,203,264 | ---- | M] () -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility [Auto | Running])
SRV:64bit: - [2009.08.17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV:64bit: - [2009.08.17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV:64bit: - [2009.08.17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV:64bit: - [2009.08.17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV:64bit: - [2008.01.21 04:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV:64bit: - [2008.01.21 04:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2008.09.10 14:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2006.02.28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008.07.27 20:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008.07.27 20:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2008.01.21 04:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008.01.21 04:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006.11.02 17:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009.02.24 12:13:23 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008.06.20 03:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Running])
SRV - [2005.04.04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008.06.20 03:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2006.11.02 11:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Stopped])
SRV - [2006.10.27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2006.11.02 15:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2007.08.08 10:25:08 | 00,836,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
SRV - [2008.01.21 04:48:28 | 00,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2007.08.03 13:51:18 | 00,382,248 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2006.10.26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006.10.26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009.08.26 22:19:11 | 00,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2007.05.28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running])
SRV - [2006.11.02 08:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006.11.02 08:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2009.08.17 18:05:43 | 00,022,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV:64bit: - [2009.08.17 18:05:31 | 00,065,616 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
DRV:64bit: - [2009.08.17 18:04:32 | 00,027,216 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr [System | Running])
DRV:64bit: - [2009.08.17 18:06:05 | 00,089,680 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP [System | Running])
DRV:64bit: - [2009.08.17 18:04:43 | 00,058,448 | ---- | M] () -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV:64bit: - [2009.04.24 07:43:18 | 00,110,904 | ---- | M] () -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Running])
DRV:64bit: - [2009.05.16 06:02:02 | 05,957,632 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV:64bit: - [2008.04.22 09:53:36 | 00,012,744 | R--- | M] () -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64 [On_Demand | Stopped])
DRV:64bit: - [2009.08.29 21:19:53 | 00,033,344 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running])
DRV:64bit: - [2006.11.02 07:28:10 | 00,273,920 | ---- | M] () -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
DRV:64bit: - [2008.06.30 19:28:00 | 00,056,320 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys -- (L1E [On_Demand | Running])
DRV:64bit: - [2006.11.01 01:23:42 | 00,015,680 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV:64bit: - [2008.06.24 00:21:32 | 00,173,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx [Boot | Running])
DRV:64bit: - [2008.05.10 03:58:09 | 00,140,288 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\RMCAST.sys -- (RMCAST [Auto | Running])
DRV:64bit: - [2008.12.18 18:27:57 | 00,868,848 | ---- | M] () -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007.12.17 11:14:14 | 00,014,392 | R--- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys -- (AsIO [System | Running])
DRV - [2004.06.22 16:44:50 | 00,005,632 | ---- | M] (EnTech Taiwan) -- C:\Windows\SysWow64\DRIVERS\ENTECH64.sys -- (ENTECH64 [On_Demand | Stopped])
DRV - [2006.09.18 23:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2007.02.07 20:27:46 | 00,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan [Boot | Running])
DRV - [2006.09.18 23:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])
DRV - [2004.12.23 05:47:10 | 00,027,392 | R--- | M] (Ulead Systems, Inc.) -- C:\Windows\SysWow64\Drivers\ULCDRHlp.sys -- (ULCDRHlp [On_Demand | Stopped])
DRV - [2008.05.15 13:07:02 | 00,032,240 | ---- | M] (Cyberlink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "BS Player Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT1750559&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.1.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "free-downloads.net Customized Web Search"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=2&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.21 19:58:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.08.05 13:49:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009.08.05 13:49:13 | 00,000,000 | ---D | M]

[2008.11.29 21:13:22 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Extensions
[2008.11.29 21:13:22 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.08.30 10:46:22 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions
[2009.08.21 21:08:04 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.01.06 21:33:42 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2009.08.15 22:08:30 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.08.19 21:16:10 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009.07.01 14:22:12 | 00,000,880 | ---- | M] () -- C:\Users\Šimon\AppData\Roaming\Mozilla\FireFox\Profiles\8p87cx02.default\searchplugins\conduit.xml
[2009.08.15 22:08:24 | 00,003,915 | ---- | M] () -- C:\Users\Šimon\AppData\Roaming\Mozilla\FireFox\Profiles\8p87cx02.default\searchplugins\sweetim.xml
[2008.11.29 22:16:03 | 00,001,196 | ---- | M] () -- C:\Users\Šimon\AppData\Roaming\Mozilla\FireFox\Profiles\8p87cx02.default\searchplugins\winamp-search.xml
[2009.03.26 18:21:30 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.08.05 13:49:13 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008.11.29 21:24:23 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2008.12.09 20:13:20 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.03.26 18:21:30 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.08.05 13:49:08 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009.08.05 13:49:08 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2007.04.10 18:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2008.11.11 09:38:54 | 00,663,552 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2009.03.09 06:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009.02.06 13:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009.08.05 13:49:10 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2008.10.14 21:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2008.09.10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll
[2008.09.10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll
[2009.08.05 13:49:11 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009.08.05 13:49:11 | 00,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.08.05 13:49:11 | 00,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2009.08.05 13:49:11 | 00,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2009.08.05 13:49:11 | 00,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.08.05 13:49:11 | 00,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll (BitComet)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [BitComet] C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\Šimon\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation)
O4 - Startup: C:\Users\Šimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.09 01:50:45 | 00,410,888 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.09.09 01:50:45 | 00,410,888 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.09.09 01:50:43 | 09,193,984 | R--- | M] () - D:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2008.09.09 01:35:58 | 00,000,136 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{41178932-dc03-11dd-97ce-0023541c274e}\Shell - "" = AutoRun
O33 - MountPoints2\{41178932-dc03-11dd-97ce-0023541c274e}\Shell\AutoRun\command - "" = E:\setup\rsrc\Autorun.exe -- File not found
O33 - MountPoints2\{41178932-dc03-11dd-97ce-0023541c274e}\Shell\dinstall\command - "" = E:\Directx\dxsetup.exe -- File not found
O33 - MountPoints2\{c1394f47-be36-11dd-bd3c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c1394f47-be36-11dd-bd3c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2008.09.09 01:50:45 | 00,410,888 | R--- | M] (Electronic Arts)
O33 - MountPoints2\{dbc7ec4a-be4a-11dd-93f5-0023541c274e}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.08.29 21:20:32 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Roaming\Hamachi
[2009.08.29 21:19:53 | 00,033,344 | ---- | C] () -- C:\Windows\SysNative\drivers\hamachi.sys
[2009.08.29 21:19:53 | 00,000,820 | ---- | C] () -- C:\Users\Šimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
[2009.08.29 21:19:53 | 00,000,784 | ---- | C] () -- C:\Users\Public\Desktop\hamachi.lnk
[2009.08.29 21:19:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Hamachi
[2009.08.27 12:42:01 | 00,001,068 | ---- | C] () -- C:\Users\Šimon\Desktop\Wolf2 – zástupce.lnk
[2009.08.27 07:26:18 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Local\id Software
[2009.08.27 07:24:48 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzres.dll
[2009.08.27 07:24:48 | 00,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2009.08.26 22:21:08 | 02,605,920 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_40.dll
[2009.08.26 22:21:08 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2009.08.26 22:21:08 | 00,519,000 | ---- | C] () -- C:\Windows\SysNative\d3dx10_40.dll
[2009.08.26 22:21:08 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2009.08.26 22:21:06 | 05,631,312 | ---- | C] () -- C:\Windows\SysNative\D3DX9_40.dll
[2009.08.26 22:21:06 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2009.08.26 13:00:13 | 00,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2009.08.26 13:00:13 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2009.08.26 13:00:12 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2009.08.26 13:00:11 | 04,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2009.08.21 19:56:42 | 01,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll
[2009.08.21 19:56:42 | 00,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll
[2009.08.21 19:56:42 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kerberos.dll
[2009.08.21 19:56:42 | 00,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll
[2009.08.21 19:56:41 | 00,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys
[2009.08.21 19:56:41 | 00,338,944 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2009.08.21 19:56:41 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schannel.dll
[2009.08.21 19:56:41 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009.08.21 19:56:41 | 00,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll
[2009.08.21 19:56:41 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdigest.dll
[2009.08.21 19:56:40 | 00,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll
[2009.08.21 19:56:40 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secur32.dll
[2009.08.21 19:56:40 | 00,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe
[2009.08.19 21:19:10 | 00,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.08.19 21:16:42 | 00,000,957 | ---- | C] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2009.08.19 21:16:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\BS_Player
[2009.08.19 21:16:09 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Roaming\BSplayer Pro
[2009.08.19 21:16:09 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Roaming\BSplayer
[2009.08.19 21:16:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Webteh
[2009.08.15 22:08:12 | 00,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2009.08.15 22:08:12 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2009.08.14 12:00:26 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Roaming\Media Player Classic
[2009.08.13 08:33:52 | 02,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll
[2009.08.13 08:33:52 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2009.08.13 08:33:46 | 00,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll
[2009.08.13 08:33:46 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl.dll
[2009.08.13 08:33:44 | 00,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll
[2009.08.13 08:33:43 | 00,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll
[2009.08.13 08:33:43 | 00,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll
[2009.08.13 08:33:43 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2009.08.13 08:33:43 | 00,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll
[2009.08.13 08:33:37 | 13,426,176 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2009.08.13 08:33:33 | 10,624,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009.08.13 08:33:33 | 00,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll
[2009.08.13 08:33:33 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2009.08.13 08:33:32 | 00,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll
[2009.08.13 08:33:32 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2009.08.13 08:33:31 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009.08.13 08:33:31 | 00,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx
[2009.08.13 08:33:31 | 00,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll
[2009.08.13 08:33:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2009.08.13 08:33:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2009.08.13 08:33:30 | 08,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2009.08.13 08:33:30 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2009.08.13 08:33:30 | 00,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb
[2009.08.13 08:33:30 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2009.08.13 08:33:30 | 00,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb
[2009.08.09 17:25:53 | 00,000,968 | ---- | C] () -- C:\Users\Šimon\Desktop\Titan Quest – zástupce.lnk
[2009.08.09 17:13:21 | 00,040,960 | ---- | C] () -- C:\Windows\SysWow64\psfind.dll
[2009.08.09 17:07:10 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2009.08.02 15:52:11 | 00,000,000 | ---D | C] -- C:\Users\Šimon\Documents\Moje Spore výtvory
[2009.07.14 17:15:00 | 00,178,432 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.03.01 18:25:01 | 00,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2009.03.01 18:25:01 | 00,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2009.03.01 18:25:01 | 00,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2009.02.25 16:32:09 | 00,002,623 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.01.15 19:43:57 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009.01.10 21:08:58 | 00,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.01.10 21:08:57 | 00,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.01.10 21:08:57 | 00,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.01.10 21:08:56 | 00,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.01.10 21:08:56 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.12.29 22:51:13 | 01,491,824 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008.12.25 00:18:28 | 00,000,049 | ---- | C] () -- C:\Windows\wincheater.ini
[2008.12.16 16:01:22 | 00,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2008.12.01 17:19:12 | 00,000,331 | ---- | C] () -- C:\Windows\game.ini
[2008.11.29 19:21:39 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008.11.29 19:21:39 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008.11.29 19:21:37 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008.11.29 19:21:37 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008.11.29 19:09:21 | 00,033,068 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008.11.29 19:09:11 | 00,032,674 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.01.21 04:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 04:49:49 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007.12.28 17:22:02 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.07.23 10:03:32 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007.07.23 10:03:32 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007.07.23 10:03:32 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2006.11.02 14:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006.11.02 14:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini

========== Files - Modified Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009.08.30 17:05:46 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7B187FD1-9D81-446E-A1DE-1972DDEE41BE}.job
[2009.08.30 16:48:00 | 00,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4217620012-77691116-1275949338-1000UA.job
[2009.08.30 15:46:13 | 00,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.08.30 15:46:13 | 00,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.08.30 15:46:11 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.08.30 15:46:06 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.08.30 14:13:58 | 04,948,078 | -H-- | M] () -- C:\Users\Šimon\AppData\Local\IconCache.db
[2009.08.30 14:10:49 | 00,019,968 | ---- | M] () -- C:\Users\Šimon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.30 09:48:00 | 00,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4217620012-77691116-1275949338-1000Core.job
[2009.08.29 21:19:53 | 00,033,344 | ---- | M] () -- C:\Windows\SysNative\drivers\hamachi.sys
[2009.08.29 21:19:53 | 00,000,820 | ---- | M] () -- C:\Users\Šimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
[2009.08.29 21:19:53 | 00,000,784 | ---- | M] () -- C:\Users\Public\Desktop\hamachi.lnk
[2009.08.27 12:42:01 | 00,001,068 | ---- | M] () -- C:\Users\Šimon\Desktop\Wolf2 – zástupce.lnk
[2009.08.26 22:19:41 | 00,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009.08.26 22:19:11 | 00,794,408 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2009.08.26 22:19:11 | 00,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009.08.20 09:34:22 | 00,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2009.08.19 21:19:10 | 00,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009.08.19 21:16:42 | 00,000,957 | ---- | M] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2009.08.17 18:10:20 | 01,279,456 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\aswBoot.exe
[2009.08.17 18:06:05 | 00,089,680 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys
[2009.08.17 18:05:43 | 00,022,096 | ---- | M] () -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2009.08.17 18:05:31 | 00,065,616 | ---- | M] () -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2009.08.17 18:04:43 | 00,058,448 | ---- | M] () -- C:\Windows\SysNative\drivers\aswTdi.sys
[2009.08.17 18:04:32 | 00,027,216 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRdr.sys
[2009.08.17 18:02:50 | 00,097,480 | ---- | M] () -- C:\Windows\SysNative\AvastSS.scr
[2009.08.09 20:53:17 | 01,595,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.08.09 20:53:17 | 00,664,224 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2009.08.09 20:53:17 | 00,655,020 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.08.09 20:53:17 | 00,149,426 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2009.08.09 20:53:17 | 00,128,814 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.08.09 17:25:53 | 00,000,968 | ---- | M] () -- C:\Users\Šimon\Desktop\Titan Quest – zástupce.lnk
[2009.08.09 16:53:57 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2009.08.09 16:53:56 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
< End of report >

[pitimir]

1) Skopiruj do policka pod nazvom "Custom Scans/Fixes":

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "BS Player Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT1750559&SearchSource=13"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "free-downloads.net Customized Web Search"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=2&q="
C:\Users\Šimon\AppData\Roaming\Mozilla\FireFox\Profiles\8p87cx02.default\searchplugins\conduit.xml
C:\Users\Šimon\AppData\Roaming\Mozilla\FireFox\Profiles\8p87cx02.default\searchplugins\sweetim.xml
C:\Users\Šimon\AppData\Roaming\Mozilla\FireFox\Profiles\8p87cx02.default\searchplugins\winamp-search.xml
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O33 - MountPoints2\{41178932-dc03-11dd-97ce-0023541c274e}\Shell\AutoRun\command - "" = E:\setup\rsrc\Autorun.exe -- File not found
O33 - MountPoints2\{41178932-dc03-11dd-97ce-0023541c274e}\Shell\dinstall\command - "" = E:\Directx\dxsetup.exe -- File not found
O33 - MountPoints2\{dbc7ec4a-be4a-11dd-93f5-0023541c274e}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe

:files
C:\Program Files (x86)\SweetIM\Toolbars
C:\Program Files (x86)\BS_Player\tbBS_P.dll
C:\Program Files (x86)\DAEMON Tools Toolbar
C:\Program Files (x86)\free-downloads.net\tbfree.dll

:commands
[emptytemp]
[reboot]

Klikni na "Run Fix". Program zacne pracovat, mozny je restart PC. Po nom by sa ti mal objavit log, ten by som rad videl.


2) Napichaj do PC vsetky USB kluce, flash disky a podobne a pouzi Flash Desinfector.

[crash40]

OTL logfile created on: 31.8.2009 19:48:39 - Run 2
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Šimon\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,76 Gb Available Physical Memory | 69,02% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 62,04 Gb Free Space | 20,81% Space Free | Partition Type: NTFS
Drive D: | 3,34 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POKOJÍK-PC
Current User Name: Šimon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009.08.17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.08.17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.08.17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.08.17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.08.17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.08.30 17:06:10 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Šimon\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.05.16 05:24:09 | 00,203,264 | ---- | M] () -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility [Auto | Running])
SRV:64bit: - [2009.08.17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV:64bit: - [2009.08.17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV:64bit: - [2009.08.17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV:64bit: - [2009.08.17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV:64bit: - [2008.01.21 04:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV:64bit: - [2008.01.21 04:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2008.09.10 14:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Stopped])
SRV - [2006.02.28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Stopped])
SRV - [2008.07.27 20:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008.07.27 20:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2008.01.21 04:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008.01.21 04:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006.11.02 17:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009.02.24 12:13:23 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008.06.20 03:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Running])
SRV - [2005.04.04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008.06.20 03:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2006.11.02 11:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Stopped])
SRV - [2006.10.27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2006.11.02 15:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2007.08.08 10:25:08 | 00,836,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Stopped])
SRV - [2008.01.21 04:48:28 | 00,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2007.08.03 13:51:18 | 00,382,248 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2006.10.26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006.10.26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009.08.26 22:19:11 | 00,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe -- (PnkBstrA [Auto | Stopped])
SRV - [2006.11.02 08:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006.11.02 08:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2009.08.17 18:05:43 | 00,022,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV:64bit: - [2009.08.17 18:05:31 | 00,065,616 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
DRV:64bit: - [2009.08.17 18:04:32 | 00,027,216 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr [System | Running])
DRV:64bit: - [2009.08.17 18:06:05 | 00,089,680 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP [System | Running])
DRV:64bit: - [2009.08.17 18:04:43 | 00,058,448 | ---- | M] () -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV:64bit: - [2009.04.24 07:43:18 | 00,110,904 | ---- | M] () -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Running])
DRV:64bit: - [2009.05.16 06:02:02 | 05,957,632 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV:64bit: - [2008.04.22 09:53:36 | 00,012,744 | R--- | M] () -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64 [On_Demand | Stopped])
DRV:64bit: - [2009.08.29 21:19:53 | 00,033,344 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running])
DRV:64bit: - [2006.11.02 07:28:10 | 00,273,920 | ---- | M] () -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
DRV:64bit: - [2008.06.30 19:28:00 | 00,056,320 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys -- (L1E [On_Demand | Running])
DRV:64bit: - [2006.11.01 01:23:42 | 00,015,680 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV:64bit: - [2008.06.24 00:21:32 | 00,173,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx [Boot | Running])
DRV:64bit: - [2008.05.10 03:58:09 | 00,140,288 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\RMCAST.sys -- (RMCAST [Auto | Running])
DRV:64bit: - [2008.12.18 18:27:57 | 00,868,848 | ---- | M] () -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007.12.17 11:14:14 | 00,014,392 | R--- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys -- (AsIO [System | Running])
DRV - [2004.06.22 16:44:50 | 00,005,632 | ---- | M] (EnTech Taiwan) -- C:\Windows\SysWow64\DRIVERS\ENTECH64.sys -- (ENTECH64 [On_Demand | Stopped])
DRV - [2006.09.18 23:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2007.02.07 20:27:46 | 00,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan [Boot | Running])
DRV - [2006.09.18 23:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])
DRV - [2004.12.23 05:47:10 | 00,027,392 | R--- | M] (Ulead Systems, Inc.) -- C:\Windows\SysWow64\Drivers\ULCDRHlp.sys -- (ULCDRHlp [On_Demand | Stopped])
DRV - [2008.05.15 13:07:02 | 00,032,240 | ---- | M] (Cyberlink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.1.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.21 19:58:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.08.05 13:49:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009.08.05 13:49:13 | 00,000,000 | ---D | M]

[2008.11.29 21:13:22 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Extensions
[2008.11.29 21:13:22 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.08.30 10:46:22 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions
[2009.08.21 21:08:04 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.01.06 21:33:42 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2009.08.15 22:08:30 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.08.19 21:16:10 | 00,000,000 | ---D | M] -- C:\Users\Šimon\AppData\Roaming\mozilla\Firefox\Profiles\8p87cx02.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009.07.01 14:22:12 | 00,000,880 | ---- | M] () -- C:\Users\Šimon\AppData\Roaming\Mozilla\FireFox\Profiles\8p87cx02.default\searchplugins\conduit.xml
[2009.08.15 22:08:24 | 00,003,915 | ---- | M] () -- C:\Users\Šimon\AppData\Roaming\Mozilla\FireFox\Profiles\8p87cx02.default\searchplugins\sweetim.xml
[2008.11.29 22:16:03 | 00,001,196 | ---- | M] () -- C:\Users\Šimon\AppData\Roaming\Mozilla\FireFox\Profiles\8p87cx02.default\searchplugins\winamp-search.xml
[2009.03.26 18:21:30 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.08.05 13:49:13 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008.11.29 21:24:23 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2008.12.09 20:13:20 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.03.26 18:21:30 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.08.05 13:49:08 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009.08.05 13:49:08 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2007.04.10 18:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2008.11.11 09:38:54 | 00,663,552 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2009.03.09 06:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009.02.06 13:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009.08.05 13:49:10 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2008.10.14 21:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2008.09.10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll
[2008.09.10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll
[2009.08.05 13:49:11 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009.08.05 13:49:11 | 00,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.08.05 13:49:11 | 00,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2009.08.05 13:49:11 | 00,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2009.08.05 13:49:11 | 00,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.08.05 13:49:11 | 00,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll (BitComet)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [BitComet] C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\Šimon\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation)
O4 - Startup: C:\Users\Šimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.09 01:50:45 | 00,410,888 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.09.09 01:50:45 | 00,410,888 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.09.09 01:50:43 | 09,193,984 | R--- | M] () - D:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2008.09.09 01:35:58 | 00,000,136 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{c1394f47-be36-11dd-bd3c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c1394f47-be36-11dd-bd3c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2008.09.09 01:50:45 | 00,410,888 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.08.31 19:39:43 | 00,000,000 | ---D | C] -- C:\_OTL
[2009.08.30 17:06:09 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\Šimon\Desktop\OTL.exe
[2009.08.29 21:20:32 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Roaming\Hamachi
[2009.08.29 21:19:53 | 00,033,344 | ---- | C] () -- C:\Windows\SysNative\drivers\hamachi.sys
[2009.08.29 21:19:53 | 00,000,820 | ---- | C] () -- C:\Users\Šimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
[2009.08.29 21:19:53 | 00,000,784 | ---- | C] () -- C:\Users\Public\Desktop\hamachi.lnk
[2009.08.29 21:19:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Hamachi
[2009.08.27 12:42:01 | 00,001,068 | ---- | C] () -- C:\Users\Šimon\Desktop\Wolf2 – zástupce.lnk
[2009.08.27 07:26:18 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Local\id Software
[2009.08.27 07:24:48 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzres.dll
[2009.08.27 07:24:48 | 00,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2009.08.26 22:21:08 | 02,605,920 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_40.dll
[2009.08.26 22:21:08 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2009.08.26 22:21:08 | 00,519,000 | ---- | C] () -- C:\Windows\SysNative\d3dx10_40.dll
[2009.08.26 22:21:08 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2009.08.26 22:21:06 | 05,631,312 | ---- | C] () -- C:\Windows\SysNative\D3DX9_40.dll
[2009.08.26 22:21:06 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2009.08.26 13:00:13 | 00,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2009.08.26 13:00:13 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2009.08.26 13:00:12 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2009.08.26 13:00:11 | 04,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2009.08.21 19:56:42 | 01,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll
[2009.08.21 19:56:42 | 00,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll
[2009.08.21 19:56:42 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kerberos.dll
[2009.08.21 19:56:42 | 00,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll
[2009.08.21 19:56:41 | 00,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys
[2009.08.21 19:56:41 | 00,338,944 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2009.08.21 19:56:41 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schannel.dll
[2009.08.21 19:56:41 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009.08.21 19:56:41 | 00,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll
[2009.08.21 19:56:41 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdigest.dll
[2009.08.21 19:56:40 | 00,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll
[2009.08.21 19:56:40 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secur32.dll
[2009.08.21 19:56:40 | 00,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe
[2009.08.19 21:19:10 | 00,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.08.19 21:16:42 | 00,000,957 | ---- | C] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2009.08.19 21:16:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\BS_Player
[2009.08.19 21:16:09 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Roaming\BSplayer Pro
[2009.08.19 21:16:09 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Roaming\BSplayer
[2009.08.19 21:16:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Webteh
[2009.08.15 22:08:12 | 00,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2009.08.15 22:08:12 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2009.08.14 12:00:26 | 00,000,000 | ---D | C] -- C:\Users\Šimon\AppData\Roaming\Media Player Classic
[2009.08.13 08:33:52 | 02,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll
[2009.08.13 08:33:52 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2009.08.13 08:33:46 | 00,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll
[2009.08.13 08:33:46 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl.dll
[2009.08.13 08:33:44 | 00,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll
[2009.08.13 08:33:43 | 00,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll
[2009.08.13 08:33:43 | 00,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll
[2009.08.13 08:33:43 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2009.08.13 08:33:43 | 00,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll
[2009.08.13 08:33:37 | 13,426,176 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2009.08.13 08:33:33 | 10,624,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009.08.13 08:33:33 | 00,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll
[2009.08.13 08:33:33 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2009.08.13 08:33:32 | 00,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll
[2009.08.13 08:33:32 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2009.08.13 08:33:31 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009.08.13 08:33:31 | 00,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx
[2009.08.13 08:33:31 | 00,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll
[2009.08.13 08:33:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2009.08.13 08:33:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2009.08.13 08:33:30 | 08,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2009.08.13 08:33:30 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2009.08.13 08:33:30 | 00,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb
[2009.08.13 08:33:30 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2009.08.13 08:33:30 | 00,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb
[2009.08.02 15:52:11 | 00,000,000 | ---D | C] -- C:\Users\Šimon\Documents\Moje Spore výtvory
[2009.07.14 17:15:00 | 00,178,432 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.03.01 18:25:01 | 00,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2009.03.01 18:25:01 | 00,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2009.03.01 18:25:01 | 00,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2009.02.25 16:32:09 | 00,002,623 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.01.15 19:43:57 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009.01.10 21:08:58 | 00,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.01.10 21:08:57 | 00,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.01.10 21:08:57 | 00,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.01.10 21:08:56 | 00,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.01.10 21:08:56 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.12.29 22:51:13 | 01,491,824 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008.12.25 00:18:28 | 00,000,049 | ---- | C] () -- C:\Windows\wincheater.ini
[2008.12.16 16:01:22 | 00,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2008.12.01 17:19:12 | 00,000,331 | ---- | C] () -- C:\Windows\game.ini
[2008.11.29 19:21:39 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008.11.29 19:21:39 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008.11.29 19:21:37 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008.11.29 19:21:37 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008.11.29 19:09:21 | 00,033,068 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008.11.29 19:09:11 | 00,032,674 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.01.21 04:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 04:49:49 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007.12.28 17:22:02 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.07.23 10:03:32 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007.07.23 10:03:32 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007.07.23 10:03:32 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007.07.23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2006.11.02 14:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006.11.02 14:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini

========== Files - Modified Within 30 Days ==========

[2009.08.31 19:50:30 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7B187FD1-9D81-446E-A1DE-1972DDEE41BE}.job
[2009.08.31 19:48:00 | 00,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4217620012-77691116-1275949338-1000UA.job
[2009.08.31 19:46:13 | 00,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.08.31 19:46:13 | 00,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.08.31 19:46:12 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.08.31 19:46:05 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.08.31 19:44:17 | 04,877,207 | -H-- | M] () -- C:\Users\Šimon\AppData\Local\IconCache.db
[2009.08.30 17:06:10 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Šimon\Desktop\OTL.exe
[2009.08.30 14:10:49 | 00,019,968 | ---- | M] () -- C:\Users\Šimon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.30 09:48:00 | 00,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4217620012-77691116-1275949338-1000Core.job
[2009.08.29 21:19:53 | 00,033,344 | ---- | M] () -- C:\Windows\SysNative\drivers\hamachi.sys
[2009.08.29 21:19:53 | 00,000,820 | ---- | M] () -- C:\Users\Šimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
[2009.08.29 21:19:53 | 00,000,784 | ---- | M] () -- C:\Users\Public\Desktop\hamachi.lnk
[2009.08.27 12:42:01 | 00,001,068 | ---- | M] () -- C:\Users\Šimon\Desktop\Wolf2 – zástupce.lnk
[2009.08.26 22:19:41 | 00,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009.08.26 22:19:11 | 00,794,408 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2009.08.26 22:19:11 | 00,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009.08.20 09:34:22 | 00,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2009.08.19 21:19:10 | 00,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009.08.19 21:16:42 | 00,000,957 | ---- | M] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2009.08.17 18:10:20 | 01,279,456 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\aswBoot.exe
[2009.08.17 18:06:05 | 00,089,680 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys
[2009.08.17 18:05:43 | 00,022,096 | ---- | M] () -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2009.08.17 18:05:31 | 00,065,616 | ---- | M] () -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2009.08.17 18:04:43 | 00,058,448 | ---- | M] () -- C:\Windows\SysNative\drivers\aswTdi.sys
[2009.08.17 18:04:32 | 00,027,216 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRdr.sys
[2009.08.17 18:02:50 | 00,097,480 | ---- | M] () -- C:\Windows\SysNative\AvastSS.scr
[2009.08.09 20:53:17 | 01,595,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.08.09 20:53:17 | 00,664,224 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2009.08.09 20:53:17 | 00,655,020 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.08.09 20:53:17 | 00,149,426 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2009.08.09 20:53:17 | 00,128,814 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.08.09 16:53:57 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2009.08.09 16:53:56 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
< End of report >

[crash40]

Cau tak když si mi napsal co mám fixnout tak sem to udělal ale když skončil fix tak ptom zatížení CPU nekleslo pod 50% (Core 2 duo 2.66GHz) a vsude mozne po disku se mi objevili soubory většinou systémové např. http://www.zippyshare.com/v/28224789/file.html

[pitimir]

:(

Chcel som vidiet log priamo po skripte, tento este nie...co uz. Ten FD bol pouzity?

Skopiruj do policka pod nazvom "Custom Scans/Fixes":

Kód: Vybrat vše

:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
IE - URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - Reg Error: Key error. File not found
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

:commands
[emptytemp]
[reboot]

Klikni na "Run Fix". Program zacne pracovat, mozny je restart PC. Po nom by sa ti mal objavit log, ten by som rad videl.


Btw, tie subory nebabrat, ide o systemove veci, ktore sme len odkryli. Su tam stale, avsak su skryte.

[crash40]

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Šimon
File delete failed. C:\Users\Šimon\AppData\Local\Temp\~DF4099.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Šimon\AppData\Local\Temp\~DF40BA.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Šimon\AppData\Local\Temp\~DFC283.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Šimon\AppData\Local\Temp\~DFC28E.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Šimon\AppData\Local\Temp\~DFC29D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Šimon\AppData\Local\Temp\~DFCE57.tmp scheduled to be deleted on reboot.
->Temp folder emptied: 2476954 bytes
File delete failed. C:\Users\Šimon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 4669925 bytes
->Java cache emptied: 14006492 bytes
->FireFox cache emptied: 56698153 bytes
->Google Chrome cache emptied: 40612123 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
Windows Temp folder emptied: 8382 bytes
RecycleBin emptied: 517780 bytes

Total Files Cleaned = 113,48 mb


OTL by OldTimer - Version 3.0.10.7 log created on 09012009_163210

Files\Folders moved on Reboot...
File\Folder C:\Users\Šimon\AppData\Local\Temp\~DF4099.tmp not found!
File\Folder C:\Users\Šimon\AppData\Local\Temp\~DF40BA.tmp not found!
File\Folder C:\Users\Šimon\AppData\Local\Temp\~DFC283.tmp not found!
File\Folder C:\Users\Šimon\AppData\Local\Temp\~DFC28E.tmp not found!
File\Folder C:\Users\Šimon\AppData\Local\Temp\~DFC29D.tmp not found!
File\Folder C:\Users\Šimon\AppData\Local\Temp\~DFCE57.tmp not found!
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[pitimir]

Omnoho lepsie
Docistime to:

• Stiahni OTC. Spust, klik na "CleanUp", potvrd okna a restart.

• Precisti PC CCleanerom (vratane registrov).

• Pouzi TFC (spust program a klikni na "Start". Pozor, PC moze byt restartovane).

A pokial nemas problemy, mame hotovo.

[crash40]

A dá se něco dělat s tima systémovejma souborama aby nebylo rozházený všude po systému?

[pitimir]

Otvor Tento PC -> hore klik na Nastroje -> Moznosti -> Zobrazenie -> zafajkni Skryt chranene subory OS -> OK.

Takto by to malo byt u mna, u teba to je podobne, avsak rozdiel je v jazyku. Snad preklad nebude problem :)