Prosím o kontrolu logu.

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Reklama]

[DarkKnight]

Zde je OTL.txt

OTL logfile created on: 19.10.2012 13:05:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DarkKnight\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 71,38% Memory free
8,00 Gb Paging File | 6,72 Gb Available in Paging File | 84,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,00 Gb Total Space | 13,12 Gb Free Space | 13,12% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 204,53 Gb Free Space | 43,91% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 7,73 Gb Free Space | 1,66% Space Free | Partition Type: NTFS
Drive F: | 30,00 Gb Total Space | 14,11 Gb Free Space | 47,04% Space Free | Partition Type: NTFS
Drive G: | 335,66 Gb Total Space | 76,21 Gb Free Space | 22,70% Space Free | Partition Type: NTFS

Computer Name: DARKKNIGHT-PC | User Name: DarkKnight | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\DarkKnight\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (mitsijm2011) -- F:\Inventor\NAINSTALOVANÝ INVENTOR\Inventor\Moldflow\bin\mitsijm.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=quicksearch_6826
IE - HKCU\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&sourceid=quicksearch_6826
IE - HKCU\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=quicksearch_6826
IE - HKCU\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: 4fd656afc4d07@4fd656afc4d41.info:5.1
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:16.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: F:\Java 64 bit\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.13 15:48:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011.12.10 16:07:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DarkKnight\AppData\Roaming\Mozilla\Extensions
[2012.08.21 12:30:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions
[2012.08.21 12:30:57 | 000,000,000 | ---D | M] (BitLord Security Bar Community Toolbar) -- C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}
[2012.06.11 22:38:09 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\4fd656afc4d07@4fd656afc4d41.info
[2012.10.13 15:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.13 15:48:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.13 15:48:16 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.09.09 19:06:58 | 000,003,581 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012.08.16 16:44:10 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.16 16:44:10 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.08.16 16:44:10 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.16 16:44:10 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.16 16:44:10 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Java 64 bit\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Java 64 bit\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] "F:\DAEMON Tools Lite\DTLite.exe" -autorun File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - F:\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - F:\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66E5E117-643C-4EC1-BA08-E5D35143168E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F012B314-4504-4FCD-95FB-4619B05C0B80}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.05.26 20:30:45 | 3670,016,000 | ---- | M] () - C:\AutoCAD_Inventor_Suite_2011_Czech_Win_64bit.part1.exe -- [ NTFS ]
O32 - AutoRun File - [2010.05.26 20:05:28 | 3670,016,000 | ---- | M] () - C:\AutoCAD_Inventor_Suite_2011_Czech_Win_64bit.part2.rar -- [ NTFS ]
O32 - Unable to obtain root file information for disk C:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.10.19 13:00:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DarkKnight\Desktop\OTL.exe
[2012.10.19 12:56:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.10.17 11:00:30 | 000,000,000 | ---D | C] -- C:\Users\DarkKnight\Desktop\rkill
[2012.10.14 10:47:05 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\DarkKnight\Desktop\TDSSKiller.exe
[2012.10.14 00:18:13 | 000,000,000 | ---D | C] -- C:\Users\DarkKnight\AppData\Roaming\Malwarebytes
[2012.10.14 00:16:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.13 15:48:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.10 08:55:33 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 08:55:32 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 08:55:32 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 08:55:25 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 08:55:11 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 08:55:11 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.06 21:33:42 | 000,000,000 | ---D | C] -- C:\Users\DarkKnight\AppData\Local\Ironclad Games
[2012.10.06 21:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
[2012.10.04 14:38:12 | 000,000,000 | ---D | C] -- C:\Users\DarkKnight\Desktop\Patch_Borderlands_1.4.1
[2012.10.04 14:37:55 | 000,000,000 | ---D | C] -- C:\Users\DarkKnight\Desktop\Nová složka (2)
[2012.09.25 20:30:55 | 000,000,000 | ---D | C] -- C:\Users\DarkKnight\AppData\Local\WB Games
[2012.09.25 20:11:32 | 000,000,000 | ---D | C] -- C:\Users\DarkKnight\Desktop\Bonus
[2012.09.25 18:40:46 | 000,000,000 | ---D | C] -- C:\Users\DarkKnight\Documents\ALI213
[2012.09.25 18:40:13 | 000,000,000 | ---D | C] -- C:\Users\DarkKnight\Desktop\Lord of the Rings War in the North CRACK by Heckerfcb
[2012.09.25 18:28:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snowblind Studios
[2012.09.24 10:52:46 | 000,000,000 | ---D | C] -- C:\Nová složka
[2012.09.24 10:17:48 | 000,000,000 | ---D | C] -- C:\BDS
[2012.09.22 20:01:05 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.22 20:01:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.22 20:01:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.22 20:01:03 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.22 20:01:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.22 20:01:03 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.22 20:01:03 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.22 20:01:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.22 20:01:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.22 20:01:03 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.22 20:01:02 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.22 20:01:02 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.22 20:01:01 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.22 20:01:01 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.22 20:01:00 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.10.19 13:00:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DarkKnight\Desktop\OTL.exe
[2012.10.19 09:41:02 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.19 09:41:02 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.19 09:32:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.19 09:32:24 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.18 15:44:20 | 001,586,006 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.18 15:44:20 | 000,669,676 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.10.18 15:44:20 | 000,655,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.18 15:44:20 | 000,141,308 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.10.18 15:44:20 | 000,121,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.14 10:45:50 | 002,193,278 | ---- | M] () -- C:\Users\DarkKnight\Desktop\tdsskiller.zip
[2012.10.10 23:05:28 | 000,687,375 | ---- | M] () -- C:\Users\DarkKnight\Desktop\ScannedImage-4.jpg
[2012.10.10 23:05:22 | 000,707,941 | ---- | M] () -- C:\Users\DarkKnight\Desktop\ScannedImage-3.jpg
[2012.10.10 23:05:18 | 000,398,544 | ---- | M] () -- C:\Users\DarkKnight\Desktop\ScannedImage-2.jpg
[2012.10.10 23:05:13 | 000,399,237 | ---- | M] () -- C:\Users\DarkKnight\Desktop\ScannedImage.jpg
[2012.10.06 21:29:30 | 000,000,872 | ---- | M] () -- C:\Users\DarkKnight\Desktop\Sins of a Solar Empire.lnk
[2012.09.25 22:46:59 | 000,001,539 | ---- | M] () -- C:\Users\DarkKnight\Desktop\witn.exe – zástupce.lnk
[2012.09.24 13:39:17 | 000,001,057 | ---- | M] () -- C:\Users\DarkKnight\Desktop\Borderlands.exe – zástupce.lnk
[2012.09.24 10:48:23 | 214,378,189 | ---- | M] () -- C:\Borderlands.Patch.1.4.1-RELOADED.rar
[2012.09.23 19:21:51 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.09.23 19:21:51 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.10.17 17:24:22 | 014,720,512 | ---- | C] () -- C:\Users\DarkKnight\Desktop\ingame_voice.fsb
[2012.10.17 17:24:22 | 000,038,972 | ---- | C] () -- C:\Users\DarkKnight\Desktop\ingame_voice.fev
[2012.10.14 10:45:46 | 002,193,278 | ---- | C] () -- C:\Users\DarkKnight\Desktop\tdsskiller.zip
[2012.10.10 23:05:28 | 000,687,375 | ---- | C] () -- C:\Users\DarkKnight\Desktop\ScannedImage-4.jpg
[2012.10.10 23:05:21 | 000,707,941 | ---- | C] () -- C:\Users\DarkKnight\Desktop\ScannedImage-3.jpg
[2012.10.10 23:05:17 | 000,398,544 | ---- | C] () -- C:\Users\DarkKnight\Desktop\ScannedImage-2.jpg
[2012.10.10 23:05:11 | 000,399,237 | ---- | C] () -- C:\Users\DarkKnight\Desktop\ScannedImage.jpg
[2012.10.06 21:29:30 | 000,000,872 | ---- | C] () -- C:\Users\DarkKnight\Desktop\Sins of a Solar Empire.lnk
[2012.10.05 10:41:44 | 236,429,521 | ---- | C] () -- C:\Users\DarkKnight\Desktop\setup.exe
[2012.09.25 22:46:59 | 000,001,539 | ---- | C] () -- C:\Users\DarkKnight\Desktop\witn.exe – zástupce.lnk
[2012.09.25 20:11:33 | 881,841,357 | ---- | C] () -- C:\Users\DarkKnight\Desktop\LOTR_WITN_CZ_NONSTEAM.exe
[2012.09.24 13:39:17 | 000,001,057 | ---- | C] () -- C:\Users\DarkKnight\Desktop\Borderlands.exe – zástupce.lnk
[2012.09.24 10:36:18 | 214,378,189 | ---- | C] () -- C:\Borderlands.Patch.1.4.1-RELOADED.rar
[2012.07.29 18:49:08 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.29 18:48:51 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.07.29 18:48:50 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini
[2012.06.30 18:11:34 | 000,003,584 | ---- | C] () -- C:\Users\DarkKnight\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.01.18 22:13:15 | 000,000,619 | ---- | C] () -- C:\Windows\eReg.dat
[2012.01.17 18:40:55 | 000,047,329 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.12.28 00:30:49 | 001,564,292 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.10 18:08:37 | 000,000,047 | ---- | C] () -- C:\Windows\NeroDigital.ini

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.05.13 20:54:38 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\.minecraft
[2012.04.18 17:58:27 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\Autodesk
[2012.03.02 15:11:12 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\BitLord
[2012.02.04 02:49:12 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\Command & Conquer 3 Kane's Wrath
[2012.02.02 23:10:41 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2012.01.07 16:25:55 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\DAEMON Tools Lite
[2012.01.31 21:31:59 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\GameRanger
[2012.07.29 21:07:47 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\HLSW
[2012.10.19 11:30:31 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\ICQ
[2012.09.26 13:05:01 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2012.06.27 19:59:03 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
[2012.02.25 10:06:03 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\PunkBuster
[2012.03.02 15:09:55 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\Python-Eggs
[2012.01.26 19:36:17 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\Ubisoft
[2012.08.15 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\DarkKnight\AppData\Roaming\wargaming.net

========== Purity Check ==========



< End of report >

[DarkKnight]

A zde je Extras.txt

OTL Extras logfile created on: 19.10.2012 13:05:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DarkKnight\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 71,38% Memory free
8,00 Gb Paging File | 6,72 Gb Available in Paging File | 84,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,00 Gb Total Space | 13,12 Gb Free Space | 13,12% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 204,53 Gb Free Space | 43,91% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 7,73 Gb Free Space | 1,66% Space Free | Partition Type: NTFS
Drive F: | 30,00 Gb Total Space | 14,11 Gb Free Space | 47,04% Space Free | Partition Type: NTFS
Drive G: | 335,66 Gb Total Space | 76,21 Gb Free Space | 22,70% Space Free | Partition Type: NTFS

Computer Name: DARKKNIGHT-PC | User Name: DarkKnight | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03AB5177-C1A2-40CC-AB9C-614777AB788A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{04F5B9DB-C6C1-4840-A71D-016D27C01C39}" = lport=139 | protocol=6 | dir=in | app=system |
"{2020BC75-8A3B-4187-A329-E87B5A6A24AC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{20800730-A7FB-48D7-848D-B4E1E45B64E0}" = lport=137 | protocol=17 | dir=in | app=system |
"{252AC4BE-36B3-4346-AF54-34C3A5ECAC61}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27A41861-41C3-405C-A1FE-CB55D5DB4897}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3A6BE4E1-B702-4772-A400-EDA9B026AB1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3F606522-9106-47A1-A457-0CD0F8D5EC26}" = rport=445 | protocol=6 | dir=out | app=system |
"{537261D9-B584-4C72-9D92-16C8DFB4D474}" = rport=137 | protocol=17 | dir=out | app=system |
"{56B10E23-D81A-4B77-9BB7-FCA05B063ED2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5793C9BA-7A2C-40D1-AC67-A1E058FD8BCE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A026A72-D738-4E15-A507-4E7510489525}" = rport=139 | protocol=6 | dir=out | app=system |
"{7AF722BA-68D3-4240-991D-48A00B6A26E8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7FB7089B-69A7-490C-B8E9-8F35112677FA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{80887A23-EB2A-484B-9864-45C77D32CECC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{81A81B55-95A5-430B-9AB0-ED17005263B9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{87E6EB8A-24D9-475D-ABA9-E797B6360B57}" = lport=445 | protocol=6 | dir=in | app=system |
"{99A99169-E084-4D16-ACB3-33B5DDA473C7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA9E2FFF-050F-452B-B8A4-6C7981DC3837}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C1C07685-E099-4474-AF82-A96F5AD3840B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D8C8E642-F91E-4365-BD8D-B219892DA6ED}" = rport=138 | protocol=17 | dir=out | app=system |
"{DDC8289C-12FC-4EE7-9192-4A1EDF19BD44}" = lport=138 | protocol=17 | dir=in | app=system |
"{E0509B07-3C67-4864-8176-101BA27B13ED}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7CE3137-3FC8-4F76-B99D-F4520BF74B68}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01593CDE-D6AF-47FA-923B-B4B7732536E1}" = protocol=6 | dir=in | app=g:\the battle for middle-earth ii\game.dat |
"{079C5241-70E7-4AE6-BA3D-0070D8F7ADB8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{09ADDE0E-451A-4678-829E-1E82357F8F57}" = protocol=6 | dir=in | app=g:\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe |
"{0AE721C3-6B9C-49B1-80B3-CF28E6C13692}" = protocol=6 | dir=in | app=e:\games_2\call of duty modern warfare 3 by skillgrow\call of duty modern warfare 3\iw5mp.exe |
"{10791074-6176-46A0-924F-4DDE15C47540}" = protocol=17 | dir=in | app=g:\call of duty 6_modern warfire 2\iw4mp.dat |
"{11CB6FA7-6FC6-435F-B92F-464176199D2B}" = protocol=6 | dir=in | app=g:\left 4 dead 2\left4dead2.exe |
"{186AEF2C-2EC3-40C0-AF35-62B3F35E95E9}" = protocol=17 | dir=in | app=g:\need for speed hot pursuit\launcher.exe |
"{19ECE2D0-B3EA-4E21-9CBA-FB4304FC2673}" = protocol=6 | dir=in | app=g:\civilization v\civilizationv_dx11.exe |
"{1A48777D-05FC-4733-8117-9F5B3FF19F5C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1B4E0D3E-136F-41AA-B0C8-2B2EC038777A}" = protocol=17 | dir=in | app=g:\assassin's creed revelations\acrmp.exe |
"{1E16E5B8-D2DB-44C6-9F25-D8284D1DC443}" = protocol=6 | dir=in | app=g:\world_of_tanks\worldoftanks.exe |
"{1F306C7C-9D0E-44F7-8196-809A11BCADAB}" = protocol=6 | dir=in | app=g:\dune 2000\dune2000.dat |
"{1F41E47E-2E31-4829-979C-7EEA43ADBD8D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{2996907B-5F4E-4503-A045-0A04C5C1B61E}" = protocol=6 | dir=in | app=g:\call of duty 6_modern warfire 2\iw4mp.dat |
"{29FD99F3-2E15-44F1-80F7-0954C1B623A9}" = protocol=6 | dir=in | app=g:\mass effect 2\masseffect2launcher.exe |
"{2A89761E-DC96-4980-8EEC-29BAB8D55359}" = protocol=6 | dir=in | app=g:\borderlands\binaries\borderlands.exe |
"{2E110F65-7884-4450-A2EC-AE998AB1CE8A}" = protocol=6 | dir=in | app=g:\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat |
"{2F22CC21-79D2-457F-B5F8-A1BD1A5FDBF2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{2FF1E75A-11E0-477E-B5E0-3DA6F29F1D5F}" = protocol=1 | dir=in | name=hlsw icmp |
"{30128DF2-00C6-45D5-848A-EA63C1017300}" = protocol=17 | dir=in | app=g:\anno 2070\initengine.exe |
"{32FDABFF-5739-4BA4-93A7-3A0C24FBA270}" = protocol=58 | dir=in | app=system |
"{3B0D8AD5-2996-4F32-940D-78CC4988933D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3B286142-9ECC-441A-ACCE-CE475695BC03}" = protocol=17 | dir=in | app=g:\call of duty 4 - modern warfare\iw3mp.exe |
"{3BF7A9FD-5214-458E-83DB-72B8E6101D46}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3CE589BB-0CE5-44EB-A030-4179DDF21AFC}" = protocol=17 | dir=in | app=g:\mass effect\binaries\masseffect.exe |
"{46F563FB-CF8B-419F-8AC7-E4B0B3B9A993}" = protocol=6 | dir=in | app=g:\assassin's creed revelations\acrmp.exe |
"{48637BC2-8DC9-4453-907A-18D95EC06B31}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{48BE6F76-3A29-4AAB-B46B-30FCD02BBDAA}" = protocol=6 | dir=in | app=g:\anno 1404\tools\addonweb.exe |
"{48E56025-5137-415C-A3A7-7928147049B0}" = protocol=6 | dir=in | app=f:\icq7.7\icq.exe |
"{49230486-A49B-4D1B-9B52-44A17CF96049}" = protocol=17 | dir=in | app=c:\users\darkknight\appdata\roaming\gameranger\gameranger\gameranger.exe |
"{49C0C530-2821-44C3-9660-9FEF247BCBA4}" = protocol=17 | dir=in | app=f:\icq7.7\icq.exe |
"{4F077518-3B01-4336-989B-4718065AD6CE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4F3629E2-5AE3-4E25-A59D-87E7B12C766C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4F890C22-D59F-459F-9B25-4B37796C2F94}" = protocol=17 | dir=in | app=g:\civilization v\civilizationv_dx11.exe |
"{5177F6FB-1D4C-43C8-B6AB-AEA4EAA6FFF8}" = protocol=17 | dir=in | app=g:\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe |
"{53758387-7738-46C8-97DE-6499E7250E13}" = protocol=17 | dir=in | app=g:\anno 1404\anno4.exe |
"{55A42A17-1717-4FD0-8D44-F1D9C40504D2}" = protocol=17 | dir=in | app=g:\mass effect 2\binaries\masseffect2.exe |
"{57EF36F3-77BB-48A4-A7B2-C7CC24E9F24D}" = protocol=17 | dir=in | app=g:\call of duty 6_modern warfire 2\iw4mp.exe |
"{5C54E4CD-C6DB-4C4A-8B8E-EC79709C753F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D0E88A7-00E0-4B8A-8A99-7722A1098614}" = protocol=6 | dir=in | app=g:\anno 1404\tools\benchmark.exe |
"{5F155AE8-1F68-42B6-A476-122AF4A6A8E5}" = protocol=6 | dir=in | app=g:\sins of solar empire\sins of a solar empire\sins of a solar empire.exe |
"{6649833E-BC86-4822-A7A8-F87DE72AB156}" = protocol=17 | dir=in | app=g:\stronghold crusader\stronghold crusader.exe |
"{674F9791-8C9B-400A-B314-4DC243358D94}" = protocol=17 | dir=in | app=g:\assassin's creed revelations\acrsp.exe |
"{67DACED5-7403-41AD-A3CC-905EC3F6C219}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{68412D56-0099-4DF1-B9B4-16B31B8F1998}" = protocol=6 | dir=in | app=g:\mass effect 2\binaries\masseffect2.exe |
"{6A8C5756-ABE0-48D8-A6F0-551F4A6EC7A7}" = protocol=17 | dir=in | app=g:\world_of_tanks\worldoftanks.exe |
"{6C6C266B-E33D-49E4-BA1D-6D1C0DB1DF72}" = protocol=17 | dir=in | app=g:\battlefield 3\battlefield 3™\bf3.exe |
"{6C7CA0F9-DDED-42FB-8E69-1E7B681106D7}" = protocol=6 | dir=in | app=g:\armed assault 2\bohemia interactive\arma2.exe |
"{6D1CE02B-2414-4C4F-8091-C9828B4701CC}" = protocol=17 | dir=in | app=g:\anno 1404\addon.exe |
"{6F59795F-FB03-4B96-B5BD-1FCD0C0A59EE}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{6F9F27E8-4B11-4B6C-AB86-8652B7DF787A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{7054DB01-4FB4-410E-9C7E-C81B20B49A0F}" = protocol=6 | dir=in | app=g:\stronghold 3\bin\win32_release\stronghold3.exe |
"{70B87207-BA48-4ADA-BB14-197BA9DD0256}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{70FA67B0-BCF6-4D6C-B7CC-37B1562B5A65}" = protocol=17 | dir=in | app=g:\assassin's creed revelations\assassinscreedrevelations.exe |
"{736B54BE-4DC1-4DF9-89B4-E6A6A14389A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{73F5793A-966B-4F21-9C9D-515BD4DF879B}" = protocol=17 | dir=in | app=g:\borderlands\binaries\borderlands.exe |
"{7BCC34C3-9927-49EF-AE05-604D8A30CCB2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D7D4236-9C4E-424B-A592-214EB26BF246}" = protocol=6 | dir=in | app=g:\anno 1404\addon.exe |
"{8818E625-03DB-4A52-ACAD-23988D1E13BF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8EBCD473-2E9D-43E8-94CF-3414918DCCA8}" = protocol=6 | dir=in | app=g:\stronghold crusader\stronghold crusader.exe |
"{90A23093-75C9-4ECE-8BEF-E21FFBE9B8DC}" = protocol=6 | dir=in | app=g:\call of duty 6_modern warfire 2\iw4mp.exe |
"{9162C689-B452-4923-8F80-42F952632C02}" = protocol=6 | dir=in | app=g:\warcraft iii\war3.exe |
"{91AA2730-E708-4572-8AFA-BFEF80921845}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{96C15ED9-AE2F-43AD-84DD-72FED90C5FF0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{979D550B-E43E-4A59-B994-D54BDC9ABE5F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9E753A10-E83A-4AE0-ADAB-8B3574720680}" = protocol=17 | dir=in | app=g:\anno 2070\anno5.exe |
"{A00EE0B5-CC78-4137-BBDC-17A2D604A442}" = protocol=6 | dir=in | app=f:\steam\steam\steam.exe |
"{A0FD05F2-AC82-4BB6-A1F2-6F0DAFF61195}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A4911466-0B68-44EB-9F2A-1409A19D07C5}" = protocol=17 | dir=in | app=g:\the lord of the rings, the rise of the witch-king\patchget.dat |
"{A5913587-7B95-474F-949C-FC4499E2C2D2}" = protocol=6 | dir=in | app=g:\call of duty 4 - modern warfare\iw3mp.exe |
"{A8AC9917-9D84-4137-A112-5A50B22842EB}" = protocol=6 | dir=in | app=g:\anno 2070\initengine.exe |
"{AB3BCB4D-3EBD-4483-B16A-E0750DA1930F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AB4EA524-3627-4F97-B0D6-FD0843B979E5}" = protocol=17 | dir=in | app=g:\mass effect 2\masseffect2launcher.exe |
"{ACA0AE59-4B30-4DF5-AFE5-361CD756BEA5}" = protocol=6 | dir=in | app=g:\age of empires iii\age3.exe |
"{AD07BD5D-73D1-4618-A61E-57450E01A61F}" = protocol=17 | dir=in | app=e:\games_2\call of duty modern warfare 3 by skillgrow\call of duty modern warfare 3\iw5mp.exe |
"{B05444A8-B105-4C7E-B439-4FCF34559A27}" = protocol=17 | dir=in | app=f:\icq7.7\icq.exe |
"{B2B0A897-34B1-44D2-886F-99FB502921F2}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{B3015A2F-C788-44A4-8CBB-62D307613FA8}" = protocol=17 | dir=in | app=g:\the battle for middle-earth ii\game.dat |
"{B3A40906-FFC7-4D75-BE47-783E0CCA9DEF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B60C514F-EAE0-4585-988B-EE2D18C01569}" = protocol=17 | dir=in | app=f:\steam\steam\steam.exe |
"{B706FCC7-DC91-431F-8D78-63949B11DDB5}" = protocol=6 | dir=in | app=g:\battlefield 3\battlefield 3™\bf3.exe |
"{B77FE18B-1CB7-4BDB-B700-8E531CA3DAF3}" = protocol=17 | dir=in | app=g:\warcraft iii\war3.exe |
"{B99E14B0-CBE5-42D3-A59C-4C9CCE0EA10C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B9FC9CA9-4D04-45FA-BBFF-E685E6D1E826}" = protocol=17 | dir=in | app=g:\anno 2070\autopatcher.exe |
"{BEE0A66B-48DD-49CC-8CA6-E34938C74BD4}" = protocol=17 | dir=in | app=g:\anno 1404\tools\addonweb.exe |
"{BF885D1C-186A-4C72-89A4-8DFF5F49BA34}" = protocol=6 | dir=in | app=g:\anno 1404\tools\anno4web.exe |
"{C2771730-6F44-4C66-92A9-E87FD5241244}" = protocol=6 | dir=in | app=g:\anno 2070\autopatcher.exe |
"{C394DAE6-D674-40C9-95D6-0B85B632AD95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C4A3937A-A180-43F5-BA5B-4BDF5C54FFE5}" = protocol=6 | dir=in | app=g:\the lord of the rings, the rise of the witch-king\game.dat |
"{C55C2D70-2EE7-4DB6-91A1-1EB3A72769DA}" = protocol=17 | dir=in | app=g:\mass effect\masseffectlauncher.exe |
"{C6BFEC68-DE3E-4B81-86A2-22B5A1769A9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C8235D8D-1C3A-4B00-A835-FE04F232318B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C87073DF-8B69-4D80-8176-A0D7BF94DAA1}" = protocol=6 | dir=in | app=g:\assassin's creed revelations\acrsp.exe |
"{CAAC1840-B55B-4913-B4A5-7B3D11C57379}" = protocol=6 | dir=out | app=system |
"{CC8C6CC9-62C7-4F85-A03F-44DF218B2A7B}" = protocol=17 | dir=in | app=g:\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat |
"{CF2096C0-C581-40A4-A648-3F5670720C57}" = protocol=6 | dir=in | app=g:\mass effect\binaries\masseffect.exe |
"{D06F369B-CFC3-4551-80EF-0D7B5BDA4737}" = protocol=17 | dir=in | app=g:\dune 2000\dune2000.dat |
"{D1ED791D-1328-40F3-9AB2-107B91F8904E}" = protocol=6 | dir=in | app=g:\anno 1404\anno4.exe |
"{D29F69C5-95DE-4839-81A5-704F565F4432}" = protocol=6 | dir=in | app=g:\the lord of the rings, the rise of the witch-king\patchget.dat |
"{D4F0A3F3-CD6B-41F5-BDEC-D0C6A43D9C06}" = protocol=6 | dir=in | app=g:\anno 2070\anno5.exe |
"{D9DCAB35-D7F8-40D3-861E-F2E0BC4408BD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DD5C3DA2-4D97-4F82-8E06-416A8C7D93CB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DD8153CE-46BF-40AF-B471-9ABA3D4652EC}" = protocol=17 | dir=in | app=g:\age of empires iii\age3.exe |
"{DE5C764B-8038-495F-A64C-B480F1546368}" = protocol=6 | dir=in | app=c:\users\darkknight\appdata\roaming\gameranger\gameranger\gameranger.exe |
"{DE76541D-5EE3-4DB0-BE41-DFB3AE211E43}" = protocol=6 | dir=in | app=g:\need for speed hot pursuit\launcher.exe |
"{E2074A6C-8FAE-40A8-83E2-4C4A8A677640}" = protocol=17 | dir=in | app=g:\left 4 dead 2\left4dead2.exe |
"{E4381315-8231-491A-84C4-2EDB2018CAA2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E79F239F-552C-4A29-B927-62454909BC0B}" = protocol=17 | dir=in | app=g:\armed assault 2\bohemia interactive\arma2.exe |
"{EAAF5F69-D7AB-45D0-94A1-3718722E68E6}" = protocol=17 | dir=in | app=g:\anno 1404\tools\benchmark.exe |
"{F0D7DC4D-F223-4B87-9EBF-7AB41E9E2F68}" = protocol=17 | dir=in | app=g:\stronghold 3\bin\win32_release\stronghold3.exe |
"{F15463CF-2D6D-4EB6-98E5-16E65F7267C0}" = protocol=17 | dir=in | app=g:\anno 1404\tools\anno4web.exe |
"{F59E13D9-37A6-48A8-BFDB-8AF6A42DBC74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F7C0FA2E-2CAD-4E81-A8E4-6688614A6504}" = protocol=6 | dir=in | app=f:\icq7.7\icq.exe |
"{F8DF87E5-4C0C-4C45-A1D6-E9893348202E}" = protocol=17 | dir=in | app=g:\the lord of the rings, the rise of the witch-king\game.dat |
"{FAC310C8-F910-43A9-B7B6-FAABDE4EC8B6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{FB60E23D-7CDD-4B5C-BD28-B95099DC8CDF}" = protocol=6 | dir=in | app=g:\assassin's creed revelations\assassinscreedrevelations.exe |
"{FC259529-B088-4E59-A30B-B9DC1508586E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FE5EB164-9B05-4659-B82F-3332D462D64C}" = protocol=17 | dir=in | app=g:\sins of solar empire\sins of a solar empire\sins of a solar empire.exe |
"{FF9A1207-8513-4017-8D5C-58141874D3EB}" = protocol=6 | dir=in | app=g:\mass effect\masseffectlauncher.exe |
"TCP Query User{038FBF67-5E90-4F8E-B8C1-04CB62221632}F:\hamachi\hamachi.exe" = protocol=6 | dir=in | app=f:\hamachi\hamachi.exe |
"TCP Query User{04A538C4-BBFF-471A-92A0-7E52DE85BE37}G:\the lord of the rings, the rise of the witch-king\patchget.dat" = protocol=6 | dir=in | app=g:\the lord of the rings, the rise of the witch-king\patchget.dat |
"TCP Query User{0B1E4205-F82A-474B-B827-63985AA5D802}G:\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe" = protocol=6 | dir=in | app=g:\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe |
"TCP Query User{28367423-F27B-4462-A2C2-B143C8F96A90}G:\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat" = protocol=6 | dir=in | app=g:\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat |
"TCP Query User{2FACDFD6-57B9-4F3D-96C4-DC985E163A11}G:\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=g:\world_of_tanks\wotlauncher.exe |
"TCP Query User{2FE01F0C-5715-4E8B-9EED-E4D8C576150C}G:\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=g:\borderlands\binaries\borderlands.exe |
"TCP Query User{40B33F8D-1CC6-47C6-B7BF-BBE6CD118C35}G:\activision\modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=g:\activision\modern warfare 2\iw4sp.exe |
"TCP Query User{5A3356C0-8D38-4377-A992-26DF62B0DEDE}G:\activision\modern warfare 2\iw4mp.dat" = protocol=6 | dir=in | app=g:\activision\modern warfare 2\iw4mp.dat |
"TCP Query User{5BF57E81-24AE-4F5E-9E92-E67DDF63E2FB}G:\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=g:\stronghold crusader\stronghold crusader.exe |
"TCP Query User{5F75B54A-A5A6-48E5-A699-8EEE3EF72877}G:\hlsw\hlsw.exe" = protocol=6 | dir=in | app=g:\hlsw\hlsw.exe |
"TCP Query User{6204249C-FC07-4F01-BF0B-05A77733A45E}C:\users\darkknight\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\darkknight\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{6C6051F8-CF2B-43AF-8E38-723461AAB377}G:\armed assault 2\bohemia interactive\arma2.exe" = protocol=6 | dir=in | app=g:\armed assault 2\bohemia interactive\arma2.exe |
"TCP Query User{6EBEB300-C502-4A6C-8AA3-CCCF3B3565C2}G:\civilization v\civilizationv_dx11.exe" = protocol=6 | dir=in | app=g:\civilization v\civilizationv_dx11.exe |
"TCP Query User{783CD4A2-819B-4FDD-8605-F9DF3AEE8D9A}E:\games_2\call of duty modern warfare 3 by skillgrow\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=e:\games_2\call of duty modern warfare 3 by skillgrow\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{8945D573-4A7A-44B2-B8A5-51D7A1355138}G:\fire captain\fire.exe" = protocol=6 | dir=in | app=g:\fire captain\fire.exe |
"TCP Query User{8AF0B132-1544-415B-ADB2-0230B89987F1}G:\red alert 2\game.exe" = protocol=6 | dir=in | app=g:\red alert 2\game.exe |
"TCP Query User{9E540F11-35A6-498F-AFFB-633CB9D47B6C}G:\call of duty 6_modern warfire 2\iw4mp.dat" = protocol=6 | dir=in | app=g:\call of duty 6_modern warfire 2\iw4mp.dat |
"TCP Query User{A0E3CAE4-4F5E-4318-AE42-C06BABE2910A}G:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=g:\warcraft iii\war3.exe |
"TCP Query User{A98EF7FF-B974-47E1-871F-A124B07F4135}G:\call of duty modern warfare 3\iw5sp.exe" = protocol=6 | dir=in | app=g:\call of duty modern warfare 3\iw5sp.exe |
"TCP Query User{AB67841A-B691-4D6E-9FCE-F18C7A51969F}G:\activision\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=g:\activision\modern warfare 2\iw4mp.exe |
"TCP Query User{D1741649-7FCE-4EB4-AB64-4396E7BE1DAC}G:\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=g:\stronghold 3\bin\win32_release\stronghold3.exe |
"TCP Query User{D44BA028-7AA5-4A66-BD17-D18167637668}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{D6A2159C-399E-4154-AC00-9E6922EA9452}G:\call of duty 6_modern warfire 2\iw4mp.exe" = protocol=6 | dir=in | app=g:\call of duty 6_modern warfire 2\iw4mp.exe |
"TCP Query User{EF4225B5-CD90-4825-BA29-A81DE0869621}G:\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=g:\left 4 dead 2\left4dead2.exe |
"TCP Query User{EFBBF1A2-D73E-48E7-8397-3FE037A593E0}G:\kam - the peasants rebellion\km_tpr.exe" = protocol=6 | dir=in | app=g:\kam - the peasants rebellion\km_tpr.exe |
"TCP Query User{FDFB97AD-CB4C-47A9-9551-88ED42688554}G:\dune 2000\dune2000.dat" = protocol=6 | dir=in | app=g:\dune 2000\dune2000.dat |
"TCP Query User{FF1484A5-1659-4390-A2E8-3FA536C2E226}G:\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=g:\world_of_tanks\worldoftanks.exe |
"UDP Query User{09DF8590-56C5-4FEF-88EA-939C9A01D089}G:\red alert 2\game.exe" = protocol=17 | dir=in | app=g:\red alert 2\game.exe |
"UDP Query User{0E4E877E-9C3D-4E09-B69C-6D0282F86888}E:\games_2\call of duty modern warfare 3 by skillgrow\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=e:\games_2\call of duty modern warfare 3 by skillgrow\call of duty modern warfare 3\iw5mp.exe |
"UDP Query User{2D04840F-4099-4872-B355-4147E1E82E60}G:\the lord of the rings, the rise of the witch-king\patchget.dat" = protocol=17 | dir=in | app=g:\the lord of the rings, the rise of the witch-king\patchget.dat |
"UDP Query User{3CAA8BE3-A0BC-4829-A9BB-12FD2F30A6C3}G:\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=g:\stronghold crusader\stronghold crusader.exe |
"UDP Query User{3F6E625F-EC2A-498D-8368-F7CDCE47F887}G:\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=g:\world_of_tanks\worldoftanks.exe |
"UDP Query User{413773F0-9C98-4994-824B-7722B5CF81A1}G:\activision\modern warfare 2\iw4mp.dat" = protocol=17 | dir=in | app=g:\activision\modern warfare 2\iw4mp.dat |
"UDP Query User{454D9C37-5A96-4523-A626-02D4B77149D3}G:\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat" = protocol=17 | dir=in | app=g:\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat |
"UDP Query User{45DCBCD7-1C6D-4ECC-963E-CC818DABBB36}G:\call of duty 6_modern warfire 2\iw4mp.dat" = protocol=17 | dir=in | app=g:\call of duty 6_modern warfire 2\iw4mp.dat |
"UDP Query User{469483D8-3CCC-44B8-B6D5-5CE4DE79813C}G:\hlsw\hlsw.exe" = protocol=17 | dir=in | app=g:\hlsw\hlsw.exe |
"UDP Query User{59F1D39B-8EEA-4795-963D-1683E5EC5A91}G:\call of duty modern warfare 3\iw5sp.exe" = protocol=17 | dir=in | app=g:\call of duty modern warfare 3\iw5sp.exe |
"UDP Query User{5BF5C4EE-4695-4CB4-A551-B4FED17DA457}G:\fire captain\fire.exe" = protocol=17 | dir=in | app=g:\fire captain\fire.exe |
"UDP Query User{5E7E3DBB-61E6-4CB6-A597-D47A07DD4FDA}G:\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe" = protocol=17 | dir=in | app=g:\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe |
"UDP Query User{7C6EF065-EFA9-4313-9F77-E33EA19BF33B}G:\dune 2000\dune2000.dat" = protocol=17 | dir=in | app=g:\dune 2000\dune2000.dat |
"UDP Query User{7F41989E-4389-43DF-BE59-C6C8AE1A3F51}C:\users\darkknight\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\darkknight\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{A883A3A6-8493-42D5-9E83-632A84AAF93D}G:\activision\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=g:\activision\modern warfare 2\iw4mp.exe |
"UDP Query User{A8EAD0A5-6010-412B-A006-A859B2410C02}G:\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=g:\left 4 dead 2\left4dead2.exe |
"UDP Query User{B13BE4A0-6166-440E-B894-22279507953E}G:\armed assault 2\bohemia interactive\arma2.exe" = protocol=17 | dir=in | app=g:\armed assault 2\bohemia interactive\arma2.exe |
"UDP Query User{B9B57743-8DA1-405F-8069-47A99A375C41}F:\hamachi\hamachi.exe" = protocol=17 | dir=in | app=f:\hamachi\hamachi.exe |
"UDP Query User{D1A66C9F-6134-4F8E-BAA9-40DF4319342A}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{D7196596-5E73-4F58-803B-0C09FE2A24F9}G:\civilization v\civilizationv_dx11.exe" = protocol=17 | dir=in | app=g:\civilization v\civilizationv_dx11.exe |
"UDP Query User{DA24F2C1-387B-414F-B900-00C58C42C8C7}G:\activision\modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=g:\activision\modern warfare 2\iw4sp.exe |
"UDP Query User{EF372F91-1D90-4E0F-BBE5-F5562939CE9F}G:\kam - the peasants rebellion\km_tpr.exe" = protocol=17 | dir=in | app=g:\kam - the peasants rebellion\km_tpr.exe |
"UDP Query User{F23201C4-6863-4652-95EC-2CAB81178A38}G:\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=g:\borderlands\binaries\borderlands.exe |
"UDP Query User{F32F1B7D-1850-45CF-85CF-D932AEC25D97}G:\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=g:\world_of_tanks\wotlauncher.exe |
"UDP Query User{F5379DDD-75CA-4EA5-BD10-A0ED50CA35C7}G:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=g:\warcraft iii\war3.exe |
"UDP Query User{F58AB428-F68D-4292-A2C1-77EF63B6CEFA}G:\call of duty 6_modern warfire 2\iw4mp.exe" = protocol=17 | dir=in | app=g:\call of duty 6_modern warfire 2\iw4mp.exe |
"UDP Query User{FB15D23C-3BDC-4790-A24A-1470C1FB9F5D}G:\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=g:\stronghold 3\bin\win32_release\stronghold3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416031FF}" = Java(TM) 6 Update 31 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-9005-0405-0102-0060B0CE6BBA}" = AutoCAD Mechanical 2011
"{5783F2D7-9005-0405-1102-0060B0CE6BBA}" = AutoCAD Mechanical 2011 Language Pack – Čeština
"{5783F2D7-9028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2011
"{7244B345-B413-408B-9D04-F55BE1CC93FA}" = Autodesk Inventor Content Center Libraries 2011 (Desktop Content)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7F4DD591-1564-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2011
"{7F4DD591-1564-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 2011 Jazykový balíček – čeština
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{ACF9459F-3585-487A-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client)
"{ACF9459F-3585-487F-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client) Czech Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AutoCAD Mechanical 2011" = AutoCAD Mechanical 2011
"Autodesk Inventor Professional 2011" = Autodesk Inventor Professional 2011 Čeština
"DWG TrueView 2011" = DWG TrueView 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{518A54AE-002F-406F-BB48-620676AB9960}" = Anno 1404
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5E152D08-572A-3375-8FDE-DAD1EFB379BA}" = Microsoft Report Viewer Redistributable 2008
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Benátky
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = The Lord of the Rings, The Rise of the Witch-king
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C3533E6A-5C16-489A-9CB1-F190439F071B}_is1" = Sins of a Solar Empire
"{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}" = FlatOut2
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kane's Wrath
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires" = Microsoft Age of Empires
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II - The Age of Kings CZ" = Age of Empires II - The Age of Kings CZ
"ArmA2" = ArmA2 Uninstall
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk Vault 2011 (Client)" = Autodesk Vault 2011 (Client)
"Avira AntiVir Desktop" = Avira Free Antivirus
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner (remove only)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fallout New Vegas_is1" = Fallout New Vegas
"Fire Captain" = Fire Captain
"GameParkClient_is1" = GamePark
"Hamachi" = Hamachi 1.0.3.0
"HLSW_is1" = HLSW v1.4.0.5
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"KaM - The Peasants Rebellion" = KaM - The Peasants Rebellion
"Lord of the Rings - War in the North_is1" = Lord of the Rings - War in the North
"Microsoft Report Viewer Redistributable 2008" = Microsoft Report Viewer Redistributable 2005
"Mozilla Firefox 16.0.1 (x86 cs)" = Mozilla Firefox 16.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Operation Flashpoint" = Operation Flashpoint uninstall
"Red Alert 2" = Command & Conquer Red Alert 2
"Risen 2 Dark Waters_is1" = Risen 2 Dark Waters
"Steamland" = Steamland
"Stronghold 3_is1" = Stronghold 3
"The KMPlayer" = The KMPlayer (remove only)
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR
"WOLAPI" = Westwood Shared Internet Components
"X3TerranConflict_is1" = X3 Terran Conflict v3.1.1

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.9.2012 16:40:34 | Computer Name = DarkKnight-PC | Source = .NET Runtime | ID = 1026
Description =

Error - 14.9.2012 16:40:35 | Computer Name = DarkKnight-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Terraria.exe, verze: 1.0.4.0, časové razítko:
0x4ed6a77f Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17651, časové
razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc ID chybujícího
procesu: 0x12ec Čas spuštění chybující aplikace: 0x01cd92b930d46b3e Cesta k chybující
aplikaci: C:\Users\DarkKnight\Desktop\Terraria 1.1\Terraria.exe Cesta k chybujícímu
modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 6e88f525-feac-11e1-8223-74ea3a828bb1

Error - 16.9.2012 9:44:32 | Computer Name = DarkKnight-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 15.0.1.4631, časové
razítko: 0x5047f9c5 Název chybujícího modulu: xul.dll, verze: 15.0.1.4631, časové
razítko: 0x5047f93b Kód výjimky: 0xc0000005 Posun chyby: 0x0010e567 ID chybujícího
procesu: 0x934 Čas spuštění chybující aplikace: 0x01cd9407489a56a6 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: a45a2824-0004-11e2-b27e-74ea3a828bb1

Error - 16.9.2012 16:50:16 | Computer Name = DarkKnight-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: worldoftanks.exe, verze: 0.7.4.0, časové
razítko: 0x4fce070c Název chybujícího modulu: d3dx9_31.dll, verze: 9.15.779.0, časové
razítko: 0x451c48f1 Kód výjimky: 0xc0000005 Posun chyby: 0x000fc0ad ID chybujícího
procesu: 0x14c Čas spuštění chybující aplikace: 0x01cd9425a66c6e3b Cesta k chybující
aplikaci: G:\World_of_Tanks\worldoftanks.exe Cesta k chybujícímu modulu: C:\Windows\system32\d3dx9_31.dll
ID
zprávy: 1ddbcfea-0040-11e2-aa76-74ea3a828bb1

Error - 24.9.2012 4:03:23 | Computer Name = DarkKnight-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 24.9.2012 4:04:12 | Computer Name = DarkKnight-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 24.9.2012 4:21:49 | Computer Name = DarkKnight-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 3.10.2012 17:25:15 | Computer Name = DarkKnight-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 15.0.1.4631, časové
razítko: 0x5047f9c5 Název chybujícího modulu: xul.dll, verze: 15.0.1.4631, časové
razítko: 0x5047f93b Kód výjimky: 0xc0000005 Posun chyby: 0x0010e567 ID chybujícího
procesu: 0x106c Čas spuštění chybující aplikace: 0x01cda14445e26eb1 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: d258ebf2-0da0-11e2-9c0a-74ea3a828bb1

Error - 5.10.2012 8:14:16 | Computer Name = DarkKnight-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CivilizationV_DX11.exe, verze: 1.0.0.62,
časové razítko: 0x4cc59ecb Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17651,
časové razítko: 0x4e211319 Kód výjimky: 0x0000087a Posun chyby: 0x0000b9bc ID chybujícího
procesu: 0x111c Čas spuštění chybující aplikace: 0x01cda2d557bab7d5 Cesta k chybující
aplikaci: G:\Civilization V\CivilizationV_DX11.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID
zprávy: 2e4d2679-0ee6-11e2-9155-74ea3a828bb1

Error - 10.10.2012 7:56:30 | Computer Name = DarkKnight-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WSCommCntr2.exe, verze: 3.0.267.0, časové
razítko: 0x4b71796a Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec4aa8e Kód výjimky: 0xc0000005 Posun chyby: 0x000000000004e4b4
ID
chybujícího procesu: 0xbec Čas spuštění chybující aplikace: 0x01cda6de47c980e5 Cesta
k chybující aplikaci: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\WSCommCntr2.exe
Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 87006515-12d1-11e2-8d1a-74ea3a828bb1

[ System Events ]
Error - 16.10.2012 15:34:53 | Computer Name = DarkKnight-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 16.10.2012 15:36:05 | Computer Name = DarkKnight-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (21:35:09, ?16.?10.?2012) bylo neočekávané.

Error - 16.10.2012 15:50:17 | Computer Name = DarkKnight-PC | Source = BROWSER | ID = 8032
Description =

Error - 17.10.2012 5:06:51 | Computer Name = DarkKnight-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 17.10.2012 5:16:28 | Computer Name = DarkKnight-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 17.10.2012 5:17:41 | Computer Name = DarkKnight-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (11:16:44, ?17.?10.?2012) bylo neočekávané.

Error - 18.10.2012 11:44:39 | Computer Name = DarkKnight-PC | Source = BROWSER | ID = 8032
Description =

Error - 18.10.2012 14:27:01 | Computer Name = DarkKnight-PC | Source = BROWSER | ID = 8032
Description =

Error - 18.10.2012 15:31:09 | Computer Name = DarkKnight-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (21:28:46, ?18.?10.?2012) bylo neočekávané.

Error - 19.10.2012 3:40:14 | Computer Name = DarkKnight-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80070643): Definition Update for Windows Defender - KB915597
(Definition 1.139.124.0).


< End of report >

[jaro3]

Jaké jsou problémy??

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=quicksearch_6826
IE - HKCU\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&sourceid=quicksearch_6826
IE - HKCU\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=quicksearch_6826
IE - HKCU\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:16.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2011.12.10 16:07:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DarkKnight\AppData\Roaming\Mozilla\Extensions
[2012.08.21 12:30:57 | 000,000,000 | ---D | M] (BitLord Security Bar Community Toolbar) -- C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}
[2012.06.11 22:38:09 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\4fd656afc4d07@4fd656afc4d41.info
[2012.10.13 15:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] "F:\DAEMON Tools Lite\DTLite.exe" -autorun File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - Unable to obtain root file information for disk C:\
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2012.10.18 15:44:20 | 000,669,676 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.10.18 15:44:20 | 000,655,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.18 15:44:20 | 000,141,308 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.10.18 15:44:20 | 000,121,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Users\DarkKnight\Desktop\tdsskiller.zip
C:\Users\DarkKnight\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Drive C: | 100,00 Gb Total Space | 13,12 Gb Free Space | 13,12% Space Free | Partition Type: NTFS

Málo volného místa na syst. disku!! Potřebuješ nejméně 15% volného místa pro windows. Něco odinstaluj , smaž!

[DarkKnight]

Tady to je:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8172f457-818d-46db-941f-2bbe53e156af}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ not found.
Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:16.0.1 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}\searchplugin folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}\Plugins folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}\modules folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}\META-INF folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}\defaults folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}\components folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}\chrome folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44} folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\4fd656afc4d07@4fd656afc4d41.info\content folder moved successfully.
C:\Users\DarkKnight\AppData\Roaming\Mozilla\Firefox\Profiles\xtty1vj2.default\extensions\4fd656afc4d07@4fd656afc4d41.info folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File not found.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder deleted successfully.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
C:\Users\DarkKnight\Desktop\tdsskiller.zip moved successfully.
C:\Users\DarkKnight\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*"64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\\"" | C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) /E :invalid edit format. Invalid data type.
Unable to set value : HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\\"ThreadingModel" | Apartment /E!
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\\"" | %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) /E :invalid edit format. Invalid data type.
Unable to set value : HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\\"ThreadingModel" | Apartment /E!
HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32\\"" | C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) /E :invalid edit format. Invalid data type.
Unable to set value : HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32\\"ThreadingModel" | Free /E!
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32\\"" | %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) /E :invalid edit format. Invalid data type.
Unable to set value : HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32\\"ThreadingModel" | Free /E!
HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32\\"" | C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32\\"ThreadingModel" | Both /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: DarkKnight
->Temp folder emptied: 36229 bytes
->Temporary Internet Files folder emptied: 122321240 bytes
->Java cache emptied: 32134 bytes
->FireFox cache emptied: 71834228 bytes
->Flash cache emptied: 11810 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 737 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 185,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10222012_092148

Files\Folders moved on Reboot...
C:\Users\DarkKnight\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Orcus]

Jaké jsou problémy??

[DarkKnight]

Za poslení dva měsíce (asi) mě PC spadnul 3x do modré smrti. No a jak jsem ještě teď zjistil u CF tak mě nenaběhne nouzový režim. To mě moc neva, spíš mám obavu s těma modrejma obrazovkama.

[Orcus]

Co se týče BSOD, upni soubory ze složky Windows\Minidump na http://www.leteckaposta.cz a kontaktuj uživatele MiliNess, jestli by se na ně nepodíval.