Ahoj jakožto zarytý ajťák sem školácky skočil na FB vir, prosím o pomoc děkuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by JamET at 2011-07-26 15:54:13
Microsoft Windows 7 Ultimate
System drive C: has 91 GB (63%) free of 146 GB
Total RAM: 3067 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:54:14, on 26.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
D:\programy\ASHAMP~1\bin\DEFRAG~3.EXE
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
D:\programy\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
D:\programy\ASHAMP~1\bin\defragActivityMonitor.exe
C:\Windows\update.tray-7-0\svchost.exe
C:\Windows\sysdriver32.exe
C:\Windows\sysdriver32_.exe
C:\Windows\l1rezerv.exe
C:\Users\JamET\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\JamET.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DefragTaskBar] "D:\programy\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [5568682.exe] "C:\Windows\Temp\5568682.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [7414788.exe] "C:\Users\JamET\AppData\Local\Temp\7414788.exe"
O4 - HKLM\..\Run: [5233007.exe] "C:\Windows\Temp\5233007.exe"
O4 - HKLM\..\Run: [3820728.exe] "C:\Windows\Temp\3820728.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\Windows\l1rezerv.exe"
O4 - HKLM\..\Run: [84901546-loader2.exe] "C:\Windows\Temp\84901546-loader2.exe"
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AshampooDefragService - - D:\programy\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\programy\Spyware Terminator\sp_rsser.exe
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe
O23 - Service: tvMobiliService - Unknown owner - C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: wxpdrivers - Unknown owner - C:\Windows\update.1\svchost.exe
--
End of file - 9495 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3343315272-3904119132-4205976823-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3343315272-3904119132-4205976823-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-14 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"DefragTaskBar"=D:\programy\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe [2007-02-12 168120]
"wxpdrv"=C:\Windows\services32.exe [2011-07-26 1183232]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-7-0\svchost.exe [2011-07-26 1183232]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"5568682.exe"=C:\Windows\Temp\5568682.exe [2011-07-26 256000]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-07-26 256000]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-07-26 256000]
"7414788.exe"=C:\Users\JamET\AppData\Local\Temp\7414788.exe [2011-07-26 256000]
"5233007.exe"=C:\Windows\Temp\5233007.exe [2011-07-26 256000]
"3820728.exe"=C:\Windows\Temp\3820728.exe [2011-07-26 495616]
"l1rezerv.exe"=C:\Windows\l1rezerv.exe [2011-07-26 232960]
"84901546-loader2.exe"=C:\Windows\Temp\84901546-loader2.exe [2011-07-26 256000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2010-06-24 2625536]
C:\Users\JamET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-07-26 15:53:47 ----D---- C:\Windows\ufa
2011-07-26 15:53:47 ----D---- C:\Windows\rpcminer
2011-07-26 15:53:47 ----D---- C:\Windows\phoenix
2011-07-26 15:52:17 ----D---- C:\rsit
2011-07-26 15:48:07 ----A---- C:\Windows\btc_client_iplist.txt
2011-07-26 15:47:14 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-26 15:46:44 ----A---- C:\Windows\l1rezerv.exe
2011-07-26 15:46:11 ----HD---- C:\Windows\update.2
2011-07-26 15:45:14 ----HD---- C:\Windows\update.5.0
2011-07-26 15:35:11 ----A---- C:\Windows\unrar.exe
2011-07-26 15:34:50 ----A---- C:\Windows\iplist.txt
2011-07-26 15:34:44 ----A---- C:\Windows\sysdriver32_.exe
2011-07-26 15:34:30 ----A---- C:\Windows\sysdriver32.exe
2011-07-26 15:34:10 ----A---- C:\Windows\front_ip_list.txt
2011-07-26 15:33:54 ----D---- C:\Windows\av_ico
2011-07-26 15:32:01 ----HD---- C:\Windows\update.1
2011-07-26 15:31:56 ----HD---- C:\Windows\update.tray-7-0-lnk
2011-07-26 15:31:56 ----HD---- C:\Windows\update.tray-7-0
2011-07-26 15:20:18 ----A---- C:\Windows\winlog-ids.txt
2011-07-26 15:20:18 ----A---- C:\Windows\winlog-dirs.txt
2011-07-26 15:20:13 ----A---- C:\Windows\services32.exe
2011-07-04 14:59:59 ----D---- C:\ProgramData\Skype
2011-06-27 19:17:55 ----D---- C:\Windows\pss
======List of files/folders modified in the last 1 month======
2011-07-26 15:54:14 ----D---- C:\Windows\Temp
2011-07-26 15:54:14 ----D---- C:\Program Files (x86)\trend micro
2011-07-26 15:54:09 ----D---- C:\Windows\Prefetch
2011-07-26 15:53:47 ----D---- C:\Windows
2011-07-26 15:42:05 ----D---- C:\ProgramData\Spyware Terminator
2011-07-26 15:42:00 ----SHD---- C:\System Volume Information
2011-07-26 15:39:02 ----D---- C:\Users\JamET\AppData\Roaming\Spyware Terminator
2011-07-26 15:32:01 ----HD---- C:\ProgramData
2011-07-26 15:32:00 ----RD---- C:\Program Files
2011-07-25 16:38:15 ----D---- C:\Program Files (x86)\Garena
2011-07-21 09:48:53 ----D---- C:\ProgramData\ashampoo
2011-07-21 09:48:15 ----D---- C:\Windows\SysWOW64
2011-07-21 09:44:37 ----D---- C:\Program Files (x86)\Ashampoo
2011-07-18 23:00:48 ----D---- C:\Program Files (x86)\StepMania
2011-07-17 19:57:08 ----D---- C:\Windows\System32
2011-07-17 19:57:08 ----D---- C:\Windows\inf
2011-07-14 21:56:09 ----D---- C:\Users\JamET\AppData\Roaming\uTorrent
2011-07-05 03:34:40 ----D---- C:\Users\JamET\AppData\Roaming\Skype
2011-07-04 15:00:16 ----SHD---- C:\Windows\Installer
2011-07-04 13:43:51 ----A---- C:\Windows\SysWOW64\aswBoot.exe
2011-06-28 07:54:03 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 Ltn_stk7070P;PCTV LITEON based TV tuner device; C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys []
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
S3 a1hjpewv;a1hjpewv; C:\Windows\SysWOW64\drivers\a1hjpewv.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AshampooDefragService;AshampooDefragService; D:\programy\Ashampoo Magical Defrag 2\bin\aDefragService.exe [2007-02-12 749752]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-04-01 75136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\programy\Spyware Terminator\sp_rsser.exe [2011-04-24 948775]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-07-26 348672]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-07-26 495616]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-07-26 256000]
R2 tvMobiliService;tvMobiliService; C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe [2010-11-12 819291]
R2 WDDMService;WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-11-08 288256]
R2 WDFME;WD File Management Engine; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2010-11-08 1060352]
R2 WDSC;WD File Management Shadow Engine; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2010-11-08 485376]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 wxpdrivers;wxpdrivers; C:\Windows\update.1\svchost.exe [2011-07-26 1183232]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 934176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
,Děkuji Petr
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
fcb vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: fcb vir
Stáhněte http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe a spusťte. Poté stiskněte 2 a poté Enter. Log RKreport.txt mi sem vložte. Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5 - Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: fcb vir
díky moc za snahu 
tady je log
RogueKiller V5.2.8 [07/23/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: JamET [Admin rights]
Mode: Remove -- Date : 07/26/2011 16:33:58
Bad processes: 0
Registry Entries: 2
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
HOSTS File:
127.0.0.1 localhost
Finished : << RKreport[1].txt >>
RKreport[1].txt
tady je log RogueKiller V5.2.8 [07/23/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: JamET [Admin rights]
Mode: Remove -- Date : 07/26/2011 16:33:58
Bad processes: 0
Registry Entries: 2
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
HOSTS File:
127.0.0.1 localhost
Finished : << RKreport[1].txt >>
RKreport[1].txt
Re: fcb vir
a druhej
OTL Extras logfile created on: 26.7.2011 16:36:25 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\JamET\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,06% Memory free
5,99 Gb Paging File | 4,16 Gb Available in Paging File | 69,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142,65 Gb Total Space | 89,26 Gb Free Space | 62,57% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 61,97 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Computer Name: JAMET-PC | User Name: JamET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99A5569D-9F86-4f32-A227-1538B731DA42}" = Canon MF4320-4350
"{B6FD23F0-1047-4088-94BF-B137D4D17CD8}" = WD SmartWare
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 25
"{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = OSCAR Editor
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf07
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1" = Leawo AVI Converter version 4.0.0.0
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCB3527-C033-415C-88B6-27173B5E3592}" = Tron: Evolution
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D48AFFA2-E0DD-445E-B52C-7B7255BFAB8D}" = Splash Lite
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"001FFFFFFF12FF00FF1101F03F02F000-R1" = ArchiCAD 12 CZE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALZip_is1" = ALZip
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Ashampoo Magical Defrag 2" = Ashampoo Magical Defrag 2
"Ashampoo Photo Optimizer 2_is1" = Ashampoo Photo Optimizer 2.02
"Assassins Creed Brotherhood (Cestina) 32bit 1.00" = Assassins Creed Brotherhood (Cestina) 32bit 1.00
"avast" = avast! Free Antivirus
"Digsby" = Digsby
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fotostar Offline client4" = Fotostar Offline client4
"Garena" = Garena 2010
"InstallShield_{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = X7 Oscar Editor
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Popisovač CD/DVD 3.20_is1" = Popisovač CD/DVD 3.20
"PunkBusterSvc" = PunkBuster Services
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"tvMobili" = tvMobili
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio 4.2.16.1
"Word to PDF Converter_is1" = Word to PDF Converter 3.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3343315272-3904119132-4205976823-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.7.2011 8:27:16 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLaSfBuSwI.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1164 Čas spuštění chybující aplikace: 0x01cc46d859d46619 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLaSfBuSwI.dll
ID
zprávy: 9a3afaba-b2cb-11e0-adbe-001d72c8118e
Error - 22.7.2011 16:30:50 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1374 Čas spuštění chybující aplikace: 0x01cc48ae3b1b35d0 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 7cd7e993-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:31:00 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1478 Čas spuštění chybující aplikace: 0x01cc48ae4186d411 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 827b79f7-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:43 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1b80 Čas spuštění chybující aplikace: 0x01cc48ae7f9a3d81 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: bfb80841-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:54 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x167c Čas spuštění chybující aplikace: 0x01cc48ae854261d5 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: c6717986-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:35:04 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1bc4 Čas spuštění chybující aplikace: 0x01cc48aed387b10a Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 1411d3c0-b4a2-11e0-8d5b-001d72c8118e
Error - 23.7.2011 17:51:57 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: main.exe, verze: 1.5.48.0, časové razítko:
0x49dc5510 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x00317fff ID chybujícího
procesu: 0x1120 Čas spuštění chybující aplikace: 0x01cc497830770ee1 Cesta k chybující
aplikaci: D:\hry\cismu3\main.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll ID zprávy:
fc25fb46-b575-11e0-add5-001d72c8118e
Error - 23.7.2011 17:52:01 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0xb18 Čas spuštění chybující aplikace: 0x01cc49782ec2057b Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll
ID
zprávy: fe4e3a86-b575-11e0-add5-001d72c8118e
Error - 25.7.2011 14:51:49 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program war3.exe verze 1.26.0.6401 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
13bc Čas spuštění: 01cc4ad8a2114eb3 Čas ukončení: 279 Cesta k aplikaci: D:\hry\Warcraft
III\war3.exe ID hlášení:
Error - 26.7.2011 10:30:18 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program mbam-setup-1.51.1.1800.tmp verze 51.52.0.0 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 15bc Čas spuštění: 01cc4b9f7da98dc4 Čas ukončení: 3 Cesta k aplikaci: C:\Users\JamET\AppData\Local\Temp\is-SKCIN.tmp\mbam-setup-1.51.1.1800.tmp
ID
hlášení:
[ Media Center Events ]
Error - 18.2.2011 22:56:09 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:09 - Chyba při připojování k Internetu 3:56:09 - Nelze kontaktovat
server..
Error - 18.2.2011 22:56:15 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:14 - Chyba při připojování k Internetu 3:56:14 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:20 - Chyba při připojování k Internetu 4:56:20 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:27 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:26 - Chyba při připojování k Internetu 4:56:26 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:33 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:33 - Chyba při připojování k Internetu 5:56:33 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:40 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:38 - Chyba při připojování k Internetu 5:56:38 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:21 - Chyba při připojování k Internetu 8:47:21 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:36 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:26 - Chyba při připojování k Internetu 8:47:26 - Nelze kontaktovat
server..
Error - 16.6.2011 11:05:14 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
Error - 16.6.2011 11:25:34 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
[ OSession Events ]
Error - 26.4.2011 3:46:54 | Computer Name = JamET-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Obálka a jádro minipřesměrovačů SMB závisí na službě Podsystém
přesměrovaného ukládání do vyrovnávací paměti, která neuspěla při spuštění v důsledku
následující chyby: %%31
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 1.x závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 2.0 závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Síťová připojení závisí na službě Služba rozhraní síťového
úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Sledování umístění v síti (NLA) závisí na službě Služba rozhraní
síťového úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD aswRdr aswSnx aswSP aswTdi CSC DfsC discache NetBIOS NetBT nsiproxy Psched
rdbss
spldr
sptd
tdx
Wanarpv6
WfpLwf
Error - 26.7.2011 9:31:57 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:32:02 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 10:20:17 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvsysdriver32 byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
OTL Extras logfile created on: 26.7.2011 16:36:25 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\JamET\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,06% Memory free
5,99 Gb Paging File | 4,16 Gb Available in Paging File | 69,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142,65 Gb Total Space | 89,26 Gb Free Space | 62,57% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 61,97 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Computer Name: JAMET-PC | User Name: JamET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99A5569D-9F86-4f32-A227-1538B731DA42}" = Canon MF4320-4350
"{B6FD23F0-1047-4088-94BF-B137D4D17CD8}" = WD SmartWare
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 25
"{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = OSCAR Editor
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf07
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1" = Leawo AVI Converter version 4.0.0.0
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCB3527-C033-415C-88B6-27173B5E3592}" = Tron: Evolution
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D48AFFA2-E0DD-445E-B52C-7B7255BFAB8D}" = Splash Lite
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"001FFFFFFF12FF00FF1101F03F02F000-R1" = ArchiCAD 12 CZE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALZip_is1" = ALZip
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Ashampoo Magical Defrag 2" = Ashampoo Magical Defrag 2
"Ashampoo Photo Optimizer 2_is1" = Ashampoo Photo Optimizer 2.02
"Assassins Creed Brotherhood (Cestina) 32bit 1.00" = Assassins Creed Brotherhood (Cestina) 32bit 1.00
"avast" = avast! Free Antivirus
"Digsby" = Digsby
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fotostar Offline client4" = Fotostar Offline client4
"Garena" = Garena 2010
"InstallShield_{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = X7 Oscar Editor
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Popisovač CD/DVD 3.20_is1" = Popisovač CD/DVD 3.20
"PunkBusterSvc" = PunkBuster Services
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"tvMobili" = tvMobili
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio 4.2.16.1
"Word to PDF Converter_is1" = Word to PDF Converter 3.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3343315272-3904119132-4205976823-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.7.2011 8:27:16 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLaSfBuSwI.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1164 Čas spuštění chybující aplikace: 0x01cc46d859d46619 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLaSfBuSwI.dll
ID
zprávy: 9a3afaba-b2cb-11e0-adbe-001d72c8118e
Error - 22.7.2011 16:30:50 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1374 Čas spuštění chybující aplikace: 0x01cc48ae3b1b35d0 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 7cd7e993-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:31:00 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1478 Čas spuštění chybující aplikace: 0x01cc48ae4186d411 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 827b79f7-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:43 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1b80 Čas spuštění chybující aplikace: 0x01cc48ae7f9a3d81 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: bfb80841-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:54 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x167c Čas spuštění chybující aplikace: 0x01cc48ae854261d5 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: c6717986-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:35:04 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1bc4 Čas spuštění chybující aplikace: 0x01cc48aed387b10a Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 1411d3c0-b4a2-11e0-8d5b-001d72c8118e
Error - 23.7.2011 17:51:57 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: main.exe, verze: 1.5.48.0, časové razítko:
0x49dc5510 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x00317fff ID chybujícího
procesu: 0x1120 Čas spuštění chybující aplikace: 0x01cc497830770ee1 Cesta k chybující
aplikaci: D:\hry\cismu3\main.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll ID zprávy:
fc25fb46-b575-11e0-add5-001d72c8118e
Error - 23.7.2011 17:52:01 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0xb18 Čas spuštění chybující aplikace: 0x01cc49782ec2057b Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll
ID
zprávy: fe4e3a86-b575-11e0-add5-001d72c8118e
Error - 25.7.2011 14:51:49 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program war3.exe verze 1.26.0.6401 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
13bc Čas spuštění: 01cc4ad8a2114eb3 Čas ukončení: 279 Cesta k aplikaci: D:\hry\Warcraft
III\war3.exe ID hlášení:
Error - 26.7.2011 10:30:18 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program mbam-setup-1.51.1.1800.tmp verze 51.52.0.0 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 15bc Čas spuštění: 01cc4b9f7da98dc4 Čas ukončení: 3 Cesta k aplikaci: C:\Users\JamET\AppData\Local\Temp\is-SKCIN.tmp\mbam-setup-1.51.1.1800.tmp
ID
hlášení:
[ Media Center Events ]
Error - 18.2.2011 22:56:09 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:09 - Chyba při připojování k Internetu 3:56:09 - Nelze kontaktovat
server..
Error - 18.2.2011 22:56:15 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:14 - Chyba při připojování k Internetu 3:56:14 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:20 - Chyba při připojování k Internetu 4:56:20 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:27 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:26 - Chyba při připojování k Internetu 4:56:26 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:33 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:33 - Chyba při připojování k Internetu 5:56:33 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:40 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:38 - Chyba při připojování k Internetu 5:56:38 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:21 - Chyba při připojování k Internetu 8:47:21 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:36 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:26 - Chyba při připojování k Internetu 8:47:26 - Nelze kontaktovat
server..
Error - 16.6.2011 11:05:14 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
Error - 16.6.2011 11:25:34 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
[ OSession Events ]
Error - 26.4.2011 3:46:54 | Computer Name = JamET-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Obálka a jádro minipřesměrovačů SMB závisí na službě Podsystém
přesměrovaného ukládání do vyrovnávací paměti, která neuspěla při spuštění v důsledku
následující chyby: %%31
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 1.x závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 2.0 závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Síťová připojení závisí na službě Služba rozhraní síťového
úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Sledování umístění v síti (NLA) závisí na službě Služba rozhraní
síťového úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD aswRdr aswSnx aswSP aswTdi CSC DfsC discache NetBIOS NetBT nsiproxy Psched
rdbss
spldr
sptd
tdx
Wanarpv6
WfpLwf
Error - 26.7.2011 9:31:57 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:32:02 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 10:20:17 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvsysdriver32 byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
Re: fcb vir
a druhej
OTL Extras logfile created on: 26.7.2011 16:36:25 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\JamET\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,06% Memory free
5,99 Gb Paging File | 4,16 Gb Available in Paging File | 69,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142,65 Gb Total Space | 89,26 Gb Free Space | 62,57% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 61,97 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Computer Name: JAMET-PC | User Name: JamET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99A5569D-9F86-4f32-A227-1538B731DA42}" = Canon MF4320-4350
"{B6FD23F0-1047-4088-94BF-B137D4D17CD8}" = WD SmartWare
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 25
"{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = OSCAR Editor
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf07
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1" = Leawo AVI Converter version 4.0.0.0
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCB3527-C033-415C-88B6-27173B5E3592}" = Tron: Evolution
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D48AFFA2-E0DD-445E-B52C-7B7255BFAB8D}" = Splash Lite
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"001FFFFFFF12FF00FF1101F03F02F000-R1" = ArchiCAD 12 CZE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALZip_is1" = ALZip
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Ashampoo Magical Defrag 2" = Ashampoo Magical Defrag 2
"Ashampoo Photo Optimizer 2_is1" = Ashampoo Photo Optimizer 2.02
"Assassins Creed Brotherhood (Cestina) 32bit 1.00" = Assassins Creed Brotherhood (Cestina) 32bit 1.00
"avast" = avast! Free Antivirus
"Digsby" = Digsby
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fotostar Offline client4" = Fotostar Offline client4
"Garena" = Garena 2010
"InstallShield_{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = X7 Oscar Editor
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Popisovač CD/DVD 3.20_is1" = Popisovač CD/DVD 3.20
"PunkBusterSvc" = PunkBuster Services
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"tvMobili" = tvMobili
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio 4.2.16.1
"Word to PDF Converter_is1" = Word to PDF Converter 3.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3343315272-3904119132-4205976823-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.7.2011 8:27:16 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLaSfBuSwI.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1164 Čas spuštění chybující aplikace: 0x01cc46d859d46619 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLaSfBuSwI.dll
ID
zprávy: 9a3afaba-b2cb-11e0-adbe-001d72c8118e
Error - 22.7.2011 16:30:50 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1374 Čas spuštění chybující aplikace: 0x01cc48ae3b1b35d0 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 7cd7e993-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:31:00 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1478 Čas spuštění chybující aplikace: 0x01cc48ae4186d411 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 827b79f7-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:43 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1b80 Čas spuštění chybující aplikace: 0x01cc48ae7f9a3d81 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: bfb80841-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:54 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x167c Čas spuštění chybující aplikace: 0x01cc48ae854261d5 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: c6717986-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:35:04 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1bc4 Čas spuštění chybující aplikace: 0x01cc48aed387b10a Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 1411d3c0-b4a2-11e0-8d5b-001d72c8118e
Error - 23.7.2011 17:51:57 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: main.exe, verze: 1.5.48.0, časové razítko:
0x49dc5510 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x00317fff ID chybujícího
procesu: 0x1120 Čas spuštění chybující aplikace: 0x01cc497830770ee1 Cesta k chybující
aplikaci: D:\hry\cismu3\main.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll ID zprávy:
fc25fb46-b575-11e0-add5-001d72c8118e
Error - 23.7.2011 17:52:01 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0xb18 Čas spuštění chybující aplikace: 0x01cc49782ec2057b Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll
ID
zprávy: fe4e3a86-b575-11e0-add5-001d72c8118e
Error - 25.7.2011 14:51:49 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program war3.exe verze 1.26.0.6401 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
13bc Čas spuštění: 01cc4ad8a2114eb3 Čas ukončení: 279 Cesta k aplikaci: D:\hry\Warcraft
III\war3.exe ID hlášení:
Error - 26.7.2011 10:30:18 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program mbam-setup-1.51.1.1800.tmp verze 51.52.0.0 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 15bc Čas spuštění: 01cc4b9f7da98dc4 Čas ukončení: 3 Cesta k aplikaci: C:\Users\JamET\AppData\Local\Temp\is-SKCIN.tmp\mbam-setup-1.51.1.1800.tmp
ID
hlášení:
[ Media Center Events ]
Error - 18.2.2011 22:56:09 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:09 - Chyba při připojování k Internetu 3:56:09 - Nelze kontaktovat
server..
Error - 18.2.2011 22:56:15 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:14 - Chyba při připojování k Internetu 3:56:14 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:20 - Chyba při připojování k Internetu 4:56:20 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:27 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:26 - Chyba při připojování k Internetu 4:56:26 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:33 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:33 - Chyba při připojování k Internetu 5:56:33 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:40 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:38 - Chyba při připojování k Internetu 5:56:38 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:21 - Chyba při připojování k Internetu 8:47:21 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:36 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:26 - Chyba při připojování k Internetu 8:47:26 - Nelze kontaktovat
server..
Error - 16.6.2011 11:05:14 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
Error - 16.6.2011 11:25:34 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
[ OSession Events ]
Error - 26.4.2011 3:46:54 | Computer Name = JamET-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Obálka a jádro minipřesměrovačů SMB závisí na službě Podsystém
přesměrovaného ukládání do vyrovnávací paměti, která neuspěla při spuštění v důsledku
následující chyby: %%31
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 1.x závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 2.0 závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Síťová připojení závisí na službě Služba rozhraní síťového
úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Sledování umístění v síti (NLA) závisí na službě Služba rozhraní
síťového úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD aswRdr aswSnx aswSP aswTdi CSC DfsC discache NetBIOS NetBT nsiproxy Psched
rdbss
spldr
sptd
tdx
Wanarpv6
WfpLwf
Error - 26.7.2011 9:31:57 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:32:02 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 10:20:17 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvsysdriver32 byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
OTL Extras logfile created on: 26.7.2011 16:36:25 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\JamET\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,06% Memory free
5,99 Gb Paging File | 4,16 Gb Available in Paging File | 69,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142,65 Gb Total Space | 89,26 Gb Free Space | 62,57% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 61,97 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Computer Name: JAMET-PC | User Name: JamET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99A5569D-9F86-4f32-A227-1538B731DA42}" = Canon MF4320-4350
"{B6FD23F0-1047-4088-94BF-B137D4D17CD8}" = WD SmartWare
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 25
"{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = OSCAR Editor
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf07
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1" = Leawo AVI Converter version 4.0.0.0
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCB3527-C033-415C-88B6-27173B5E3592}" = Tron: Evolution
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D48AFFA2-E0DD-445E-B52C-7B7255BFAB8D}" = Splash Lite
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"001FFFFFFF12FF00FF1101F03F02F000-R1" = ArchiCAD 12 CZE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALZip_is1" = ALZip
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Ashampoo Magical Defrag 2" = Ashampoo Magical Defrag 2
"Ashampoo Photo Optimizer 2_is1" = Ashampoo Photo Optimizer 2.02
"Assassins Creed Brotherhood (Cestina) 32bit 1.00" = Assassins Creed Brotherhood (Cestina) 32bit 1.00
"avast" = avast! Free Antivirus
"Digsby" = Digsby
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fotostar Offline client4" = Fotostar Offline client4
"Garena" = Garena 2010
"InstallShield_{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = X7 Oscar Editor
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Popisovač CD/DVD 3.20_is1" = Popisovač CD/DVD 3.20
"PunkBusterSvc" = PunkBuster Services
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"tvMobili" = tvMobili
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio 4.2.16.1
"Word to PDF Converter_is1" = Word to PDF Converter 3.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3343315272-3904119132-4205976823-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.7.2011 8:27:16 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLaSfBuSwI.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1164 Čas spuštění chybující aplikace: 0x01cc46d859d46619 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLaSfBuSwI.dll
ID
zprávy: 9a3afaba-b2cb-11e0-adbe-001d72c8118e
Error - 22.7.2011 16:30:50 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1374 Čas spuštění chybující aplikace: 0x01cc48ae3b1b35d0 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 7cd7e993-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:31:00 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1478 Čas spuštění chybující aplikace: 0x01cc48ae4186d411 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 827b79f7-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:43 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1b80 Čas spuštění chybující aplikace: 0x01cc48ae7f9a3d81 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: bfb80841-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:54 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x167c Čas spuštění chybující aplikace: 0x01cc48ae854261d5 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: c6717986-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:35:04 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1bc4 Čas spuštění chybující aplikace: 0x01cc48aed387b10a Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 1411d3c0-b4a2-11e0-8d5b-001d72c8118e
Error - 23.7.2011 17:51:57 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: main.exe, verze: 1.5.48.0, časové razítko:
0x49dc5510 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x00317fff ID chybujícího
procesu: 0x1120 Čas spuštění chybující aplikace: 0x01cc497830770ee1 Cesta k chybující
aplikaci: D:\hry\cismu3\main.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll ID zprávy:
fc25fb46-b575-11e0-add5-001d72c8118e
Error - 23.7.2011 17:52:01 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0xb18 Čas spuštění chybující aplikace: 0x01cc49782ec2057b Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll
ID
zprávy: fe4e3a86-b575-11e0-add5-001d72c8118e
Error - 25.7.2011 14:51:49 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program war3.exe verze 1.26.0.6401 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
13bc Čas spuštění: 01cc4ad8a2114eb3 Čas ukončení: 279 Cesta k aplikaci: D:\hry\Warcraft
III\war3.exe ID hlášení:
Error - 26.7.2011 10:30:18 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program mbam-setup-1.51.1.1800.tmp verze 51.52.0.0 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 15bc Čas spuštění: 01cc4b9f7da98dc4 Čas ukončení: 3 Cesta k aplikaci: C:\Users\JamET\AppData\Local\Temp\is-SKCIN.tmp\mbam-setup-1.51.1.1800.tmp
ID
hlášení:
[ Media Center Events ]
Error - 18.2.2011 22:56:09 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:09 - Chyba při připojování k Internetu 3:56:09 - Nelze kontaktovat
server..
Error - 18.2.2011 22:56:15 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:14 - Chyba při připojování k Internetu 3:56:14 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:20 - Chyba při připojování k Internetu 4:56:20 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:27 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:26 - Chyba při připojování k Internetu 4:56:26 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:33 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:33 - Chyba při připojování k Internetu 5:56:33 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:40 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:38 - Chyba při připojování k Internetu 5:56:38 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:21 - Chyba při připojování k Internetu 8:47:21 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:36 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:26 - Chyba při připojování k Internetu 8:47:26 - Nelze kontaktovat
server..
Error - 16.6.2011 11:05:14 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
Error - 16.6.2011 11:25:34 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
[ OSession Events ]
Error - 26.4.2011 3:46:54 | Computer Name = JamET-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Obálka a jádro minipřesměrovačů SMB závisí na službě Podsystém
přesměrovaného ukládání do vyrovnávací paměti, která neuspěla při spuštění v důsledku
následující chyby: %%31
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 1.x závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 2.0 závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Síťová připojení závisí na službě Služba rozhraní síťového
úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Sledování umístění v síti (NLA) závisí na službě Služba rozhraní
síťového úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD aswRdr aswSnx aswSP aswTdi CSC DfsC discache NetBIOS NetBT nsiproxy Psched
rdbss
spldr
sptd
tdx
Wanarpv6
WfpLwf
Error - 26.7.2011 9:31:57 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:32:02 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 10:20:17 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvsysdriver32 byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
Re: fcb vir
a druhej
OTL Extras logfile created on: 26.7.2011 16:36:25 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\JamET\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,06% Memory free
5,99 Gb Paging File | 4,16 Gb Available in Paging File | 69,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142,65 Gb Total Space | 89,26 Gb Free Space | 62,57% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 61,97 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Computer Name: JAMET-PC | User Name: JamET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99A5569D-9F86-4f32-A227-1538B731DA42}" = Canon MF4320-4350
"{B6FD23F0-1047-4088-94BF-B137D4D17CD8}" = WD SmartWare
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 25
"{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = OSCAR Editor
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf07
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1" = Leawo AVI Converter version 4.0.0.0
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCB3527-C033-415C-88B6-27173B5E3592}" = Tron: Evolution
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D48AFFA2-E0DD-445E-B52C-7B7255BFAB8D}" = Splash Lite
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"001FFFFFFF12FF00FF1101F03F02F000-R1" = ArchiCAD 12 CZE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALZip_is1" = ALZip
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Ashampoo Magical Defrag 2" = Ashampoo Magical Defrag 2
"Ashampoo Photo Optimizer 2_is1" = Ashampoo Photo Optimizer 2.02
"Assassins Creed Brotherhood (Cestina) 32bit 1.00" = Assassins Creed Brotherhood (Cestina) 32bit 1.00
"avast" = avast! Free Antivirus
"Digsby" = Digsby
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fotostar Offline client4" = Fotostar Offline client4
"Garena" = Garena 2010
"InstallShield_{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = X7 Oscar Editor
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Popisovač CD/DVD 3.20_is1" = Popisovač CD/DVD 3.20
"PunkBusterSvc" = PunkBuster Services
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"tvMobili" = tvMobili
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio 4.2.16.1
"Word to PDF Converter_is1" = Word to PDF Converter 3.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3343315272-3904119132-4205976823-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.7.2011 8:27:16 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLaSfBuSwI.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1164 Čas spuštění chybující aplikace: 0x01cc46d859d46619 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLaSfBuSwI.dll
ID
zprávy: 9a3afaba-b2cb-11e0-adbe-001d72c8118e
Error - 22.7.2011 16:30:50 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1374 Čas spuštění chybující aplikace: 0x01cc48ae3b1b35d0 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 7cd7e993-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:31:00 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1478 Čas spuštění chybující aplikace: 0x01cc48ae4186d411 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 827b79f7-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:43 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1b80 Čas spuštění chybující aplikace: 0x01cc48ae7f9a3d81 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: bfb80841-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:54 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x167c Čas spuštění chybující aplikace: 0x01cc48ae854261d5 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: c6717986-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:35:04 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1bc4 Čas spuštění chybující aplikace: 0x01cc48aed387b10a Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 1411d3c0-b4a2-11e0-8d5b-001d72c8118e
Error - 23.7.2011 17:51:57 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: main.exe, verze: 1.5.48.0, časové razítko:
0x49dc5510 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x00317fff ID chybujícího
procesu: 0x1120 Čas spuštění chybující aplikace: 0x01cc497830770ee1 Cesta k chybující
aplikaci: D:\hry\cismu3\main.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll ID zprávy:
fc25fb46-b575-11e0-add5-001d72c8118e
Error - 23.7.2011 17:52:01 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0xb18 Čas spuštění chybující aplikace: 0x01cc49782ec2057b Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll
ID
zprávy: fe4e3a86-b575-11e0-add5-001d72c8118e
Error - 25.7.2011 14:51:49 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program war3.exe verze 1.26.0.6401 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
13bc Čas spuštění: 01cc4ad8a2114eb3 Čas ukončení: 279 Cesta k aplikaci: D:\hry\Warcraft
III\war3.exe ID hlášení:
Error - 26.7.2011 10:30:18 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program mbam-setup-1.51.1.1800.tmp verze 51.52.0.0 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 15bc Čas spuštění: 01cc4b9f7da98dc4 Čas ukončení: 3 Cesta k aplikaci: C:\Users\JamET\AppData\Local\Temp\is-SKCIN.tmp\mbam-setup-1.51.1.1800.tmp
ID
hlášení:
[ Media Center Events ]
Error - 18.2.2011 22:56:09 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:09 - Chyba při připojování k Internetu 3:56:09 - Nelze kontaktovat
server..
Error - 18.2.2011 22:56:15 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:14 - Chyba při připojování k Internetu 3:56:14 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:20 - Chyba při připojování k Internetu 4:56:20 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:27 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:26 - Chyba při připojování k Internetu 4:56:26 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:33 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:33 - Chyba při připojování k Internetu 5:56:33 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:40 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:38 - Chyba při připojování k Internetu 5:56:38 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:21 - Chyba při připojování k Internetu 8:47:21 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:36 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:26 - Chyba při připojování k Internetu 8:47:26 - Nelze kontaktovat
server..
Error - 16.6.2011 11:05:14 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
Error - 16.6.2011 11:25:34 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
[ OSession Events ]
Error - 26.4.2011 3:46:54 | Computer Name = JamET-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Obálka a jádro minipřesměrovačů SMB závisí na službě Podsystém
přesměrovaného ukládání do vyrovnávací paměti, která neuspěla při spuštění v důsledku
následující chyby: %%31
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 1.x závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 2.0 závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Síťová připojení závisí na službě Služba rozhraní síťového
úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Sledování umístění v síti (NLA) závisí na službě Služba rozhraní
síťového úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD aswRdr aswSnx aswSP aswTdi CSC DfsC discache NetBIOS NetBT nsiproxy Psched
rdbss
spldr
sptd
tdx
Wanarpv6
WfpLwf
Error - 26.7.2011 9:31:57 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:32:02 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 10:20:17 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvsysdriver32 byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
OTL Extras logfile created on: 26.7.2011 16:36:25 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\JamET\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,06% Memory free
5,99 Gb Paging File | 4,16 Gb Available in Paging File | 69,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142,65 Gb Total Space | 89,26 Gb Free Space | 62,57% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 61,97 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Computer Name: JAMET-PC | User Name: JamET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files (x86)\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99A5569D-9F86-4f32-A227-1538B731DA42}" = Canon MF4320-4350
"{B6FD23F0-1047-4088-94BF-B137D4D17CD8}" = WD SmartWare
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 25
"{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = OSCAR Editor
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf07
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1" = Leawo AVI Converter version 4.0.0.0
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCB3527-C033-415C-88B6-27173B5E3592}" = Tron: Evolution
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D48AFFA2-E0DD-445E-B52C-7B7255BFAB8D}" = Splash Lite
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"001FFFFFFF12FF00FF1101F03F02F000-R1" = ArchiCAD 12 CZE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALZip_is1" = ALZip
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Ashampoo Magical Defrag 2" = Ashampoo Magical Defrag 2
"Ashampoo Photo Optimizer 2_is1" = Ashampoo Photo Optimizer 2.02
"Assassins Creed Brotherhood (Cestina) 32bit 1.00" = Assassins Creed Brotherhood (Cestina) 32bit 1.00
"avast" = avast! Free Antivirus
"Digsby" = Digsby
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fotostar Offline client4" = Fotostar Offline client4
"Garena" = Garena 2010
"InstallShield_{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = X7 Oscar Editor
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Popisovač CD/DVD 3.20_is1" = Popisovač CD/DVD 3.20
"PunkBusterSvc" = PunkBuster Services
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"tvMobili" = tvMobili
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio 4.2.16.1
"Word to PDF Converter_is1" = Word to PDF Converter 3.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3343315272-3904119132-4205976823-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.7.2011 8:27:16 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLaSfBuSwI.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1164 Čas spuštění chybující aplikace: 0x01cc46d859d46619 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLaSfBuSwI.dll
ID
zprávy: 9a3afaba-b2cb-11e0-adbe-001d72c8118e
Error - 22.7.2011 16:30:50 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1374 Čas spuštění chybující aplikace: 0x01cc48ae3b1b35d0 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 7cd7e993-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:31:00 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1478 Čas spuštění chybující aplikace: 0x01cc48ae4186d411 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 827b79f7-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:43 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1b80 Čas spuštění chybující aplikace: 0x01cc48ae7f9a3d81 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: bfb80841-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:32:54 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x167c Čas spuštění chybující aplikace: 0x01cc48ae854261d5 Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: c6717986-b4a1-11e0-8d5b-001d72c8118e
Error - 22.7.2011 16:35:04 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLqMoMuDsH.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0x1bc4 Čas spuštění chybující aplikace: 0x01cc48aed387b10a Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLqMoMuDsH.dll
ID
zprávy: 1411d3c0-b4a2-11e0-8d5b-001d72c8118e
Error - 23.7.2011 17:51:57 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: main.exe, verze: 1.5.48.0, časové razítko:
0x49dc5510 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x00317fff ID chybujícího
procesu: 0x1120 Čas spuštění chybující aplikace: 0x01cc497830770ee1 Cesta k chybující
aplikaci: D:\hry\cismu3\main.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll ID zprávy:
fc25fb46-b575-11e0-add5-001d72c8118e
Error - 23.7.2011 17:52:01 | Computer Name = JamET-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cis3mu_launcher.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: xLkGcDyVeY.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4d9f9726 Kód výjimky: 0xc0000005 Posun chyby: 0x1001977f ID chybujícího
procesu: 0xb18 Čas spuštění chybující aplikace: 0x01cc49782ec2057b Cesta k chybující
aplikaci: D:\hry\cismu3\cis3mu_launcher.exe Cesta k chybujícímu modulu: xLkGcDyVeY.dll
ID
zprávy: fe4e3a86-b575-11e0-add5-001d72c8118e
Error - 25.7.2011 14:51:49 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program war3.exe verze 1.26.0.6401 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
13bc Čas spuštění: 01cc4ad8a2114eb3 Čas ukončení: 279 Cesta k aplikaci: D:\hry\Warcraft
III\war3.exe ID hlášení:
Error - 26.7.2011 10:30:18 | Computer Name = JamET-PC | Source = Application Hang | ID = 1002
Description = Program mbam-setup-1.51.1.1800.tmp verze 51.52.0.0 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 15bc Čas spuštění: 01cc4b9f7da98dc4 Čas ukončení: 3 Cesta k aplikaci: C:\Users\JamET\AppData\Local\Temp\is-SKCIN.tmp\mbam-setup-1.51.1.1800.tmp
ID
hlášení:
[ Media Center Events ]
Error - 18.2.2011 22:56:09 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:09 - Chyba při připojování k Internetu 3:56:09 - Nelze kontaktovat
server..
Error - 18.2.2011 22:56:15 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 3:56:14 - Chyba při připojování k Internetu 3:56:14 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:20 - Chyba při připojování k Internetu 4:56:20 - Nelze kontaktovat
server..
Error - 18.2.2011 23:56:27 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 4:56:26 - Chyba při připojování k Internetu 4:56:26 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:33 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:33 - Chyba při připojování k Internetu 5:56:33 - Nelze kontaktovat
server..
Error - 19.2.2011 0:56:40 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 5:56:38 - Chyba při připojování k Internetu 5:56:38 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:21 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:21 - Chyba při připojování k Internetu 8:47:21 - Nelze kontaktovat
server..
Error - 20.2.2011 3:47:36 | Computer Name = JamET-PC | Source = MCUpdate | ID = 0
Description = 8:47:26 - Chyba při připojování k Internetu 8:47:26 - Nelze kontaktovat
server..
Error - 16.6.2011 11:05:14 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
Error - 16.6.2011 11:25:34 | Computer Name = JamET-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description =
[ OSession Events ]
Error - 26.4.2011 3:46:54 | Computer Name = JamET-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Obálka a jádro minipřesměrovačů SMB závisí na službě Podsystém
přesměrovaného ukládání do vyrovnávací paměti, která neuspěla při spuštění v důsledku
následující chyby: %%31
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 1.x závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Mini-přesměrovač SMB 2.0 závisí na službě Obálka a jádro minipřesměrovačů
SMB, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Síťová připojení závisí na službě Služba rozhraní síťového
úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:26 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7001
Description = Služba Sledování umístění v síti (NLA) závisí na službě Služba rozhraní
síťového úložiště, která neuspěla při spuštění v důsledku následující chyby: %%1068
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:31:34 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD aswRdr aswSnx aswSP aswTdi CSC DfsC discache NetBIOS NetBT nsiproxy Psched
rdbss
spldr
sptd
tdx
Wanarpv6
WfpLwf
Error - 26.7.2011 9:31:57 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 9:32:02 | Computer Name = JamET-PC | Source = DCOM | ID = 10005
Description =
Error - 26.7.2011 10:20:17 | Computer Name = JamET-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvsysdriver32 byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
Re: fcb vir
OTL logfile created on: 26.7.2011 16:36:25 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\JamET\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,06% Memory free
5,99 Gb Paging File | 4,16 Gb Available in Paging File | 69,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142,65 Gb Total Space | 89,26 Gb Free Space | 62,57% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 61,97 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Computer Name: JAMET-PC | User Name: JamET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.07.26 16:34:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\JamET\Desktop\OTL.exe
PRC - [2011.07.26 16:20:11 | 000,526,848 | ---- | M] () -- C:\Users\JamET\Desktop\RogueKiller.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:45:13 | 000,348,672 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.06.29 12:20:24 | 000,743,936 | ---- | M] (Ufasoft) -- C:\Windows\ufa\ufa.exe
PRC - [2011.04.01 07:21:55 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.11.12 15:54:50 | 000,819,291 | ---- | M] () -- C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe
PRC - [2010.11.08 12:43:34 | 001,060,352 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
PRC - [2010.10.18 17:36:58 | 000,074,608 | ---- | M] (PortableApps.com) -- D:\programy\SkypePortable\SkypePortable.exe
PRC - [2010.06.24 18:25:19 | 002,625,536 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
PRC - [2007.02.12 12:57:56 | 000,749,752 | ---- | M] ( ) -- D:\programy\Ashampoo Magical Defrag 2\bin\aDefragService.exe
PRC - [2007.02.12 12:57:56 | 000,168,120 | ---- | M] () -- D:\programy\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
PRC - [2007.02.12 12:57:56 | 000,131,256 | ---- | M] (ashampoo Technology GmbH & Co. KG) -- D:\programy\Ashampoo Magical Defrag 2\bin\defragMonitorService.exe
PRC - [2007.02.12 12:57:56 | 000,078,008 | ---- | M] () -- D:\programy\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
========== Modules (SafeList) ==========
MOD - [2011.07.26 16:34:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\JamET\Desktop\OTL.exe
MOD - [2010.04.03 12:37:14 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\dll\DLL_Wheel4D.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.11.08 12:41:06 | 000,288,256 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.07.26 15:34:14 | 000,256,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011.04.24 08:38:10 | 000,948,775 | ---- | M] (Crawler.com) [Auto | Running] -- D:\programy\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011.04.01 07:21:55 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.03.01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.11.12 15:54:50 | 000,819,291 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe -- (tvMobiliService)
SRV - [2010.11.08 12:43:34 | 001,060,352 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010.11.08 12:43:06 | 000,485,376 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.02.12 12:57:56 | 000,749,752 | ---- | M] ( ) [Auto | Running] -- D:\programy\Ashampoo Magical Defrag 2\bin\aDefragService.exe -- (AshampooDefragService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.10.14 16:58:25 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.07.07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010.06.22 00:07:36 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.12.03 17:48:32 | 000,716,872 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009.08.28 10:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.02.13 13:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008.02.04 03:04:28 | 000,618,496 | ---- | M] (LiteOn) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\JamET\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\JamET\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.04.18 18:56:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.04.18 18:56:30 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011.07.26 16:20:51 | 000,000,726 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3 - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [3820728.exe] C:\Windows\Temp\3820728.exe ()
O4 - HKLM..\Run: [5233007.exe] C:\Windows\Temp\5233007.exe ()
O4 - HKLM..\Run: [5568682.exe] C:\Windows\Temp\5568682.exe ()
O4 - HKLM..\Run: [7414788.exe] C:\Users\JamET\AppData\Local\Temp\7414788.exe ()
O4 - HKLM..\Run: [84901546-loader2.exe] C:\Windows\Temp\84901546-loader2.exe ()
O4 - HKLM..\Run: [DefragTaskBar] D:\programy\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe ()
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] C:\Windows\services32.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001..\Run: [OscarEditor] C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.129.50.20 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{58cd19f1-2ec8-11e0-94e5-001d72c8118e}\Shell - "" = AutoRun
O33 - MountPoints2\{58cd19f1-2ec8-11e0-94e5-001d72c8118e}\Shell\AutoRun\command - "" = G:\unlock.exe autoplay=true
O33 - MountPoints2\{7568e0a9-d7a4-11df-b1eb-001d72c8118e}\Shell - "" = AutoRun
O33 - MountPoints2\{7568e0a9-d7a4-11df-b1eb-001d72c8118e}\Shell\AutoRun\command - "" = F:\Razor1911_Installer.exe
O33 - MountPoints2\{c931c5a1-7ed9-11e0-bae5-001d72c8118e}\Shell - "" = AutoRun
O33 - MountPoints2\{c931c5a1-7ed9-11e0-bae5-001d72c8118e}\Shell\AutoRun\command - "" = G:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Unable to save MBR. Invalid drive designation:
========== Files/Folders - Created Within 30 Days ==========
[2011.07.26 16:35:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.07.26 16:34:42 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\JamET\Desktop\OTL.exe
[2011.07.26 16:33:58 | 000,000,000 | ---D | C] -- C:\Users\JamET\Desktop\RK_Quarantine
[2011.07.26 16:29:04 | 000,000,000 | ---D | C] -- C:\Users\JamET\AppData\Roaming\Malwarebytes
[2011.07.26 16:22:59 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.26 16:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.07.26 16:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.07.26 16:22:56 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.26 16:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.07.26 16:22:34 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\JamET\Desktop\mbam-setup-1.51.1.1800.exe
[2011.07.26 15:56:55 | 000,000,000 | ---D | C] -- C:\Users\JamET\AppData\Roaming\SkypePM
[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.07.26 15:52:17 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.26 15:46:11 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.07.26 15:45:14 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.07.26 15:33:54 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.07.26 15:32:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[2011.07.21 09:45:03 | 000,000,000 | ---D | C] -- C:\Users\JamET\AppData\Local\photoOptimizeHistoryDataBase
[2011.07.21 09:44:58 | 000,000,000 | ---D | C] -- C:\Users\JamET\AppData\Local\Ashampoo Photo Optimizer 2
[2011.07.21 09:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011.07.17 22:13:09 | 000,000,000 | ---D | C] -- C:\Users\JamET\Documents\Duke Nukem Forever
[2011.07.17 22:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011.07.04 15:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.07.04 14:59:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.06.27 19:17:55 | 000,000,000 | ---D | C] -- C:\Windows\pss
========== Files - Modified Within 30 Days ==========
[2011.07.26 16:34:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\JamET\Desktop\OTL.exe
[2011.07.26 16:22:40 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\JamET\Desktop\mbam-setup-1.51.1.1800.exe
[2011.07.26 16:20:51 | 000,000,726 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.07.26 16:20:11 | 000,526,848 | ---- | M] () -- C:\Users\JamET\Desktop\RogueKiller.exe
[2011.07.26 16:16:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3343315272-3904119132-4205976823-1001UA.job
[2011.07.26 15:53:46 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.07.26 15:53:46 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.07.26 15:53:46 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.07.26 15:53:46 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.07.26 15:51:56 | 000,781,383 | ---- | M] () -- C:\Users\JamET\Desktop\RSIT.exe
[2011.07.26 15:47:04 | 000,000,157 | ---- | M] () -- C:\Windows\info1
[2011.07.26 15:46:39 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.07.26 15:46:31 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011.07.26 15:40:58 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.26 15:40:58 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.26 15:35:28 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.07.26 15:35:11 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32_.exe
[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.07.26 15:33:54 | 000,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011.07.26 15:33:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.26 15:32:59 | 2411,876,352 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.26 15:19:51 | 001,183,232 | ---- | M] () -- C:\Windows\services32.exe
[2011.07.25 20:51:56 | 000,045,286 | ---- | M] () -- C:\Users\JamET\AppData\Roaming\room_v3.dat
[2011.07.25 17:16:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3343315272-3904119132-4205976823-1001Core.job
[2011.07.22 14:16:53 | 000,001,454 | ---- | M] () -- C:\Users\JamET\Desktop\MUAutoClickerElite – zástupce.lnk
[2011.07.17 22:15:17 | 000,000,786 | ---- | M] () -- C:\Users\JamET\Desktop\DukeForever – zástupce.lnk
[2011.07.17 19:57:08 | 001,478,650 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.17 19:57:08 | 000,634,546 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.07.17 19:57:08 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.17 19:57:08 | 000,123,104 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.07.17 19:57:08 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011.07.16 10:58:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.06 16:34:07 | 000,000,374 | R-S- | M] () -- C:\ProgramData\ntuser.pol
[2011.07.05 17:12:03 | 000,000,110 | ---- | M] () -- C:\Users\JamET\Desktop\Creative Fatality Gaming Headset - sluchátka, mikrofon - Prodej a servis výpočetní techniky - Exasoft Czech, a.s..url
[2011.07.04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.07.04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.07.04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
========== Files Created - No Company Name ==========
[2011.07.26 16:20:09 | 000,526,848 | ---- | C] () -- C:\Users\JamET\Desktop\RogueKiller.exe
[2011.07.26 15:53:46 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011.07.26 15:53:46 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011.07.26 15:53:46 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011.07.26 15:51:54 | 000,781,383 | ---- | C] () -- C:\Users\JamET\Desktop\RSIT.exe
[2011.07.26 15:46:44 | 000,232,960 | ---- | C] () -- C:\Windows\l1rezerv.exe
[2011.07.26 15:45:14 | 000,000,157 | ---- | C] () -- C:\Windows\info1
[2011.07.26 15:35:13 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.07.26 15:35:11 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.07.26 15:35:11 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.07.26 15:34:45 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.07.26 15:34:44 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32_.exe
[2011.07.26 15:34:30 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32.exe
[2011.07.26 15:20:13 | 001,183,232 | ---- | C] () -- C:\Windows\services32.exe
[2011.07.21 10:27:31 | 000,001,454 | ---- | C] () -- C:\Users\JamET\Desktop\MUAutoClickerElite – zástupce.lnk
[2011.07.17 22:15:20 | 000,000,786 | ---- | C] () -- C:\Users\JamET\Desktop\DukeForever – zástupce.lnk
[2011.07.05 17:12:03 | 000,000,110 | ---- | C] () -- C:\Users\JamET\Desktop\Creative Fatality Gaming Headset - sluchátka, mikrofon - Prodej a servis výpočetní techniky - Exasoft Czech, a.s..url
[2011.06.09 11:31:15 | 000,001,008 | ---- | C] () -- C:\Users\JamET\AppData\Local\SRDownloader.nast
[2011.05.26 21:30:03 | 000,045,286 | ---- | C] () -- C:\Users\JamET\AppData\Roaming\room_v3.dat
[2011.05.15 23:03:04 | 000,000,600 | ---- | C] () -- C:\Users\JamET\AppData\Roaming\winscp.rnd
[2011.05.04 17:45:21 | 000,000,256 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011.04.01 07:22:00 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.01 07:21:55 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.03.22 17:18:02 | 000,046,742 | ---- | C] () -- C:\Users\JamET\AppData\Roaming\room.dat
[2011.01.13 22:27:14 | 000,000,460 | ---- | C] () -- C:\Users\JamET\AppData\Roaming\Network Monitor II_Settings.ini
[2010.12.30 18:11:33 | 001,471,654 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.22 23:06:20 | 000,000,374 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2010.11.02 23:12:54 | 000,004,608 | ---- | C] () -- C:\Users\JamET\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.03.29 09:43:38 | 000,042,496 | ---- | C] () -- C:\Windows\SysWow64\ALZZip.BIN
[2006.03.29 09:43:36 | 000,062,464 | ---- | C] () -- C:\Windows\SysWow64\ALZALZ.BIN
[2002.11.20 17:13:44 | 003,907,640 | ---- | C] () -- C:\Windows\SysWow64\GSDLL32.dll
[2001.10.28 03:42:30 | 000,116,224 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
========== LOP Check ==========
[2010.11.24 16:41:09 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\.purple
[2010.10.12 08:36:56 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Acronis
[2010.10.05 17:25:39 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Ashampoo
[2010.11.20 20:27:43 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Canon
[2011.03.03 18:28:07 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\CoSoSys
[2010.10.14 17:21:27 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\DAEMON Tools Lite
[2011.05.16 08:55:40 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\GHISLER
[2010.11.02 23:44:35 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Graphisoft
[2011.05.24 08:51:29 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Kalypso Media
[2011.05.31 16:27:27 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Leawo
[2011.05.31 16:27:36 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Leawo Video2AVI v2
[2010.10.03 20:23:50 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Mirillis
[2011.05.31 16:27:28 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Moyea
[2011.01.31 13:48:57 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Mumble
[2011.03.20 22:14:47 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\My Battle for Middle-earth Files
[2011.04.01 07:21:53 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\PunkBuster
[2011.07.26 15:39:02 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Spyware Terminator
[2011.06.23 10:35:32 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\StepMania 5
[2010.10.01 17:40:45 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\TS3Client
[2011.07.14 21:56:09 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\uTorrent
[2010.10.06 21:44:31 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\WindSolutions
[2010.12.19 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Zoner
[2011.04.14 13:12:46 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s> in the current context! >
< Error: Unable to interpret <C:\windows\system32\spool\prtprocs|dll;true;true;true /FP> in the current context! >
< Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /5> in the current context! >
Invalid Switch: 5> in the current context!
< Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /X > in the current context! >
< Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles> in the current context! >
< Error: Unable to interpret <%systemroot%\system32\*.* /5> in the current context! >
Invalid Switch: 5> in the current context!
< Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles> in the current context! >
< Error: Unable to interpret <%systemroot%\system32\config\*.sav > in the current context! >
< Error: Unable to interpret <%systemroot%\Tasks\*.job /lockedfiles> in the current context! >
< Error: Unable to interpret <%systemroot%\*.* /U /s> in the current context! >
< Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context! >
< Error: Unable to interpret <%ALLUSERSPROFILE%\Data Aplikací\*.*> in the current context! >
< Error: Unable to interpret <%ALLUSERSPROFILE%\Data Aplikací\*.exe /s> in the current context! >
< Error: Unable to interpret <%ALLUSERSPROFILE%\Dáta aplikácií\*.*> in the current context! >
< Error: Unable to interpret <%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s> in the current context! >
< Error: Unable to interpret <%APPDATA%\*.> in the current context! >
< Error: Unable to interpret <%APPDATA%\*.*> in the current context! >
< Error: Unable to interpret <%APPDATA%\*.exe /s> in the current context! >
< Error: Unable to interpret <%SYSTEMDRIVE%\*.exe> in the current context! >
< Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s> in the current context! >
< Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs> in the current context! >
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime > in the current context!
< Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s> in the current context! >
< Error: Unable to interpret <reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c> in the current context! >
< Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c> in the current context! >
< Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c> in the current context! >
< Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c> in the current context! >
< Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c> in the current context! >
< Error: Unable to interpret <type c:\boot.ini >> test.txt /c> in the current context! >
Invalid Switch: c> in the current context!
< Error: Unable to interpret <%SystemDrive%\PhysicalMBR.bin /md5> in the current context! >
< >
< OTL by OldTimer - Version 3.2.26.1 log created on 07262011_163533 >
< End of report >
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\JamET\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,06% Memory free
5,99 Gb Paging File | 4,16 Gb Available in Paging File | 69,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142,65 Gb Total Space | 89,26 Gb Free Space | 62,57% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 61,97 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Computer Name: JAMET-PC | User Name: JamET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.07.26 16:34:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\JamET\Desktop\OTL.exe
PRC - [2011.07.26 16:20:11 | 000,526,848 | ---- | M] () -- C:\Users\JamET\Desktop\RogueKiller.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:46:10 | 000,495,616 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.26 15:45:13 | 000,348,672 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.26 15:19:51 | 001,183,232 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.06.29 12:20:24 | 000,743,936 | ---- | M] (Ufasoft) -- C:\Windows\ufa\ufa.exe
PRC - [2011.04.01 07:21:55 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.11.12 15:54:50 | 000,819,291 | ---- | M] () -- C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe
PRC - [2010.11.08 12:43:34 | 001,060,352 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
PRC - [2010.10.18 17:36:58 | 000,074,608 | ---- | M] (PortableApps.com) -- D:\programy\SkypePortable\SkypePortable.exe
PRC - [2010.06.24 18:25:19 | 002,625,536 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
PRC - [2007.02.12 12:57:56 | 000,749,752 | ---- | M] ( ) -- D:\programy\Ashampoo Magical Defrag 2\bin\aDefragService.exe
PRC - [2007.02.12 12:57:56 | 000,168,120 | ---- | M] () -- D:\programy\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
PRC - [2007.02.12 12:57:56 | 000,131,256 | ---- | M] (ashampoo Technology GmbH & Co. KG) -- D:\programy\Ashampoo Magical Defrag 2\bin\defragMonitorService.exe
PRC - [2007.02.12 12:57:56 | 000,078,008 | ---- | M] () -- D:\programy\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
========== Modules (SafeList) ==========
MOD - [2011.07.26 16:34:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\JamET\Desktop\OTL.exe
MOD - [2010.04.03 12:37:14 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\dll\DLL_Wheel4D.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.11.08 12:41:06 | 000,288,256 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.07.26 15:34:14 | 000,256,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011.04.24 08:38:10 | 000,948,775 | ---- | M] (Crawler.com) [Auto | Running] -- D:\programy\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011.04.01 07:21:55 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.03.01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.11.12 15:54:50 | 000,819,291 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe -- (tvMobiliService)
SRV - [2010.11.08 12:43:34 | 001,060,352 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010.11.08 12:43:06 | 000,485,376 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.02.12 12:57:56 | 000,749,752 | ---- | M] ( ) [Auto | Running] -- D:\programy\Ashampoo Magical Defrag 2\bin\aDefragService.exe -- (AshampooDefragService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.10.14 16:58:25 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.07.07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010.06.22 00:07:36 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.12.03 17:48:32 | 000,716,872 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009.08.28 10:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.02.13 13:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008.02.04 03:04:28 | 000,618,496 | ---- | M] (LiteOn) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\JamET\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\JamET\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.04.18 18:56:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.04.18 18:56:30 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011.07.26 16:20:51 | 000,000,726 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3 - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [3820728.exe] C:\Windows\Temp\3820728.exe ()
O4 - HKLM..\Run: [5233007.exe] C:\Windows\Temp\5233007.exe ()
O4 - HKLM..\Run: [5568682.exe] C:\Windows\Temp\5568682.exe ()
O4 - HKLM..\Run: [7414788.exe] C:\Users\JamET\AppData\Local\Temp\7414788.exe ()
O4 - HKLM..\Run: [84901546-loader2.exe] C:\Windows\Temp\84901546-loader2.exe ()
O4 - HKLM..\Run: [DefragTaskBar] D:\programy\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe ()
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] C:\Windows\services32.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001..\Run: [OscarEditor] C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.129.50.20 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{58cd19f1-2ec8-11e0-94e5-001d72c8118e}\Shell - "" = AutoRun
O33 - MountPoints2\{58cd19f1-2ec8-11e0-94e5-001d72c8118e}\Shell\AutoRun\command - "" = G:\unlock.exe autoplay=true
O33 - MountPoints2\{7568e0a9-d7a4-11df-b1eb-001d72c8118e}\Shell - "" = AutoRun
O33 - MountPoints2\{7568e0a9-d7a4-11df-b1eb-001d72c8118e}\Shell\AutoRun\command - "" = F:\Razor1911_Installer.exe
O33 - MountPoints2\{c931c5a1-7ed9-11e0-bae5-001d72c8118e}\Shell - "" = AutoRun
O33 - MountPoints2\{c931c5a1-7ed9-11e0-bae5-001d72c8118e}\Shell\AutoRun\command - "" = G:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Unable to save MBR. Invalid drive designation:
========== Files/Folders - Created Within 30 Days ==========
[2011.07.26 16:35:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.07.26 16:34:42 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\JamET\Desktop\OTL.exe
[2011.07.26 16:33:58 | 000,000,000 | ---D | C] -- C:\Users\JamET\Desktop\RK_Quarantine
[2011.07.26 16:29:04 | 000,000,000 | ---D | C] -- C:\Users\JamET\AppData\Roaming\Malwarebytes
[2011.07.26 16:22:59 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.26 16:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.07.26 16:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.07.26 16:22:56 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.26 16:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.07.26 16:22:34 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\JamET\Desktop\mbam-setup-1.51.1.1800.exe
[2011.07.26 15:56:55 | 000,000,000 | ---D | C] -- C:\Users\JamET\AppData\Roaming\SkypePM
[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.07.26 15:52:17 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.26 15:46:11 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.07.26 15:45:14 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.07.26 15:33:54 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.07.26 15:32:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[2011.07.21 09:45:03 | 000,000,000 | ---D | C] -- C:\Users\JamET\AppData\Local\photoOptimizeHistoryDataBase
[2011.07.21 09:44:58 | 000,000,000 | ---D | C] -- C:\Users\JamET\AppData\Local\Ashampoo Photo Optimizer 2
[2011.07.21 09:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011.07.17 22:13:09 | 000,000,000 | ---D | C] -- C:\Users\JamET\Documents\Duke Nukem Forever
[2011.07.17 22:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011.07.04 15:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.07.04 14:59:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.06.27 19:17:55 | 000,000,000 | ---D | C] -- C:\Windows\pss
========== Files - Modified Within 30 Days ==========
[2011.07.26 16:34:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\JamET\Desktop\OTL.exe
[2011.07.26 16:22:40 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\JamET\Desktop\mbam-setup-1.51.1.1800.exe
[2011.07.26 16:20:51 | 000,000,726 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.07.26 16:20:11 | 000,526,848 | ---- | M] () -- C:\Users\JamET\Desktop\RogueKiller.exe
[2011.07.26 16:16:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3343315272-3904119132-4205976823-1001UA.job
[2011.07.26 15:53:46 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.07.26 15:53:46 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.07.26 15:53:46 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.07.26 15:53:46 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.07.26 15:51:56 | 000,781,383 | ---- | M] () -- C:\Users\JamET\Desktop\RSIT.exe
[2011.07.26 15:47:04 | 000,000,157 | ---- | M] () -- C:\Windows\info1
[2011.07.26 15:46:39 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.07.26 15:46:31 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011.07.26 15:40:58 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.26 15:40:58 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.26 15:35:28 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.07.26 15:35:11 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32_.exe
[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.07.26 15:33:54 | 000,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011.07.26 15:33:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.26 15:32:59 | 2411,876,352 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.26 15:19:51 | 001,183,232 | ---- | M] () -- C:\Windows\services32.exe
[2011.07.25 20:51:56 | 000,045,286 | ---- | M] () -- C:\Users\JamET\AppData\Roaming\room_v3.dat
[2011.07.25 17:16:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3343315272-3904119132-4205976823-1001Core.job
[2011.07.22 14:16:53 | 000,001,454 | ---- | M] () -- C:\Users\JamET\Desktop\MUAutoClickerElite – zástupce.lnk
[2011.07.17 22:15:17 | 000,000,786 | ---- | M] () -- C:\Users\JamET\Desktop\DukeForever – zástupce.lnk
[2011.07.17 19:57:08 | 001,478,650 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.17 19:57:08 | 000,634,546 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.07.17 19:57:08 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.17 19:57:08 | 000,123,104 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.07.17 19:57:08 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011.07.16 10:58:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.06 16:34:07 | 000,000,374 | R-S- | M] () -- C:\ProgramData\ntuser.pol
[2011.07.05 17:12:03 | 000,000,110 | ---- | M] () -- C:\Users\JamET\Desktop\Creative Fatality Gaming Headset - sluchátka, mikrofon - Prodej a servis výpočetní techniky - Exasoft Czech, a.s..url
[2011.07.04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.07.04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.07.04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
========== Files Created - No Company Name ==========
[2011.07.26 16:20:09 | 000,526,848 | ---- | C] () -- C:\Users\JamET\Desktop\RogueKiller.exe
[2011.07.26 15:53:46 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011.07.26 15:53:46 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011.07.26 15:53:46 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011.07.26 15:51:54 | 000,781,383 | ---- | C] () -- C:\Users\JamET\Desktop\RSIT.exe
[2011.07.26 15:46:44 | 000,232,960 | ---- | C] () -- C:\Windows\l1rezerv.exe
[2011.07.26 15:45:14 | 000,000,157 | ---- | C] () -- C:\Windows\info1
[2011.07.26 15:35:13 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.07.26 15:35:11 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.07.26 15:35:11 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.07.26 15:34:45 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.07.26 15:34:44 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32_.exe
[2011.07.26 15:34:30 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32.exe
[2011.07.26 15:20:13 | 001,183,232 | ---- | C] () -- C:\Windows\services32.exe
[2011.07.21 10:27:31 | 000,001,454 | ---- | C] () -- C:\Users\JamET\Desktop\MUAutoClickerElite – zástupce.lnk
[2011.07.17 22:15:20 | 000,000,786 | ---- | C] () -- C:\Users\JamET\Desktop\DukeForever – zástupce.lnk
[2011.07.05 17:12:03 | 000,000,110 | ---- | C] () -- C:\Users\JamET\Desktop\Creative Fatality Gaming Headset - sluchátka, mikrofon - Prodej a servis výpočetní techniky - Exasoft Czech, a.s..url
[2011.06.09 11:31:15 | 000,001,008 | ---- | C] () -- C:\Users\JamET\AppData\Local\SRDownloader.nast
[2011.05.26 21:30:03 | 000,045,286 | ---- | C] () -- C:\Users\JamET\AppData\Roaming\room_v3.dat
[2011.05.15 23:03:04 | 000,000,600 | ---- | C] () -- C:\Users\JamET\AppData\Roaming\winscp.rnd
[2011.05.04 17:45:21 | 000,000,256 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011.04.01 07:22:00 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.01 07:21:55 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.03.22 17:18:02 | 000,046,742 | ---- | C] () -- C:\Users\JamET\AppData\Roaming\room.dat
[2011.01.13 22:27:14 | 000,000,460 | ---- | C] () -- C:\Users\JamET\AppData\Roaming\Network Monitor II_Settings.ini
[2010.12.30 18:11:33 | 001,471,654 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.22 23:06:20 | 000,000,374 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2010.11.02 23:12:54 | 000,004,608 | ---- | C] () -- C:\Users\JamET\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.03.29 09:43:38 | 000,042,496 | ---- | C] () -- C:\Windows\SysWow64\ALZZip.BIN
[2006.03.29 09:43:36 | 000,062,464 | ---- | C] () -- C:\Windows\SysWow64\ALZALZ.BIN
[2002.11.20 17:13:44 | 003,907,640 | ---- | C] () -- C:\Windows\SysWow64\GSDLL32.dll
[2001.10.28 03:42:30 | 000,116,224 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
========== LOP Check ==========
[2010.11.24 16:41:09 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\.purple
[2010.10.12 08:36:56 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Acronis
[2010.10.05 17:25:39 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Ashampoo
[2010.11.20 20:27:43 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Canon
[2011.03.03 18:28:07 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\CoSoSys
[2010.10.14 17:21:27 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\DAEMON Tools Lite
[2011.05.16 08:55:40 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\GHISLER
[2010.11.02 23:44:35 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Graphisoft
[2011.05.24 08:51:29 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Kalypso Media
[2011.05.31 16:27:27 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Leawo
[2011.05.31 16:27:36 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Leawo Video2AVI v2
[2010.10.03 20:23:50 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Mirillis
[2011.05.31 16:27:28 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Moyea
[2011.01.31 13:48:57 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Mumble
[2011.03.20 22:14:47 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\My Battle for Middle-earth Files
[2011.04.01 07:21:53 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\PunkBuster
[2011.07.26 15:39:02 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Spyware Terminator
[2011.06.23 10:35:32 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\StepMania 5
[2010.10.01 17:40:45 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\TS3Client
[2011.07.14 21:56:09 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\uTorrent
[2010.10.06 21:44:31 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\WindSolutions
[2010.12.19 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\JamET\AppData\Roaming\Zoner
[2011.04.14 13:12:46 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s> in the current context! >
< Error: Unable to interpret <C:\windows\system32\spool\prtprocs|dll;true;true;true /FP> in the current context! >
< Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /5> in the current context! >
Invalid Switch: 5> in the current context!
< Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /X > in the current context! >
< Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles> in the current context! >
< Error: Unable to interpret <%systemroot%\system32\*.* /5> in the current context! >
Invalid Switch: 5> in the current context!
< Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles> in the current context! >
< Error: Unable to interpret <%systemroot%\system32\config\*.sav > in the current context! >
< Error: Unable to interpret <%systemroot%\Tasks\*.job /lockedfiles> in the current context! >
< Error: Unable to interpret <%systemroot%\*.* /U /s> in the current context! >
< Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context! >
< Error: Unable to interpret <%ALLUSERSPROFILE%\Data Aplikací\*.*> in the current context! >
< Error: Unable to interpret <%ALLUSERSPROFILE%\Data Aplikací\*.exe /s> in the current context! >
< Error: Unable to interpret <%ALLUSERSPROFILE%\Dáta aplikácií\*.*> in the current context! >
< Error: Unable to interpret <%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s> in the current context! >
< Error: Unable to interpret <%APPDATA%\*.> in the current context! >
< Error: Unable to interpret <%APPDATA%\*.*> in the current context! >
< Error: Unable to interpret <%APPDATA%\*.exe /s> in the current context! >
< Error: Unable to interpret <%SYSTEMDRIVE%\*.exe> in the current context! >
< Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s> in the current context! >
< Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs> in the current context! >
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime > in the current context!
< Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s> in the current context! >
< Error: Unable to interpret <reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c> in the current context! >
< Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c> in the current context! >
< Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c> in the current context! >
< Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c> in the current context! >
< Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c> in the current context! >
< Error: Unable to interpret <type c:\boot.ini >> test.txt /c> in the current context! >
Invalid Switch: c> in the current context!
< Error: Unable to interpret <%SystemDrive%\PhysicalMBR.bin /md5> in the current context! >
< >
< OTL by OldTimer - Version 3.2.26.1 log created on 07262011_163533 >
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: fcb vir
Spuštěl jste Malwarebytes' Anti-Malware 
Co ty cracky
Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, výsledný log vložte sem.
Co ty cracky
Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, výsledný log vložte sem.
Kód: Vybrat vše
:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
SRV - [2011.07.26 15:34:14 | 000,256,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
O3 - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [3820728.exe] C:\Windows\Temp\3820728.exe ()
O4 - HKLM..\Run: [5233007.exe] C:\Windows\Temp\5233007.exe ()
O4 - HKLM..\Run: [5568682.exe] C:\Windows\Temp\5568682.exe ()
O4 - HKLM..\Run: [7414788.exe] C:\Users\JamET\AppData\Local\Temp\7414788.exe ()
O4 - HKLM..\Run: [84901546-loader2.exe] C:\Windows\Temp\84901546-loader2.exe ()
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] C:\Windows\services32.exe ()
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O33 - MountPoints2\{7568e0a9-d7a4-11df-b1eb-001d72c8118e}\Shell\AutoRun\command - "" = F:\Razor1911_Installer.exe
O33 - MountPoints2\{c931c5a1-7ed9-11e0-bae5-001d72c8118e}\Shell - "" = AutoRun
[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.07.26 15:52:17 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.26 15:46:11 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.07.26 15:45:14 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.07.26 15:33:54 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.07.26 15:32:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
011.07.17 22:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011.07.26 15:53:46 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.07.26 15:53:46 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.07.26 15:53:46 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.07.26 15:53:46 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.07.26 15:47:04 | 000,000,157 | ---- | M] () -- C:\Windows\info1
[2011.07.26 15:46:39 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.07.26 15:35:28 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.07.26 15:35:11 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32_.exe
[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.07.26 15:19:51 | 001,183,232 | ---- | M] () -- C:\Windows\services32.exe
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011.07.26 15:53:46 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011.07.26 15:53:46 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011.07.26 15:53:46 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011.07.26 15:46:44 | 000,232,960 | ---- | C] () -- C:\Windows\l1rezerv.exe
[2011.07.26 15:45:14 | 000,000,157 | ---- | C] () -- C:\Windows\info1
[2011.07.26 15:35:13 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.07.26 15:35:11 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.07.26 15:35:11 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.07.26 15:34:45 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.07.26 15:34:44 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32_.exe
[2011.07.26 15:34:30 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32.exe
[2011.07.26 15:20:13 | 001,183,232 | ---- | C] () -- C:\Windows\services32.exeRe: fcb vir
Ano použil ještě než sem napsal sem, zkoušel jsem jeden návod který jsem našel na netu. No a co k tomu říct nejsem svatej a nemohu si dovolit platit tolik za hry 
All processes killed
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: JamET
->Temp folder emptied: 30801844 bytes
->Temporary Internet Files folder emptied: 39331193 bytes
->Java cache emptied: 16712 bytes
->Google Chrome cache emptied: 429266543 bytes
->Flash cache emptied: 5622 bytes
User: Mcx1-JAMET-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 155993411 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66891 bytes
RecycleBin emptied: 655864040 bytes
Total Files Cleaned = 1 251,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: JamET
->Flash cache emptied: 0 bytes
User: Mcx1-JAMET-PC
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
Error: Unable to interpret <SRV - [2011.07.26 15:34:14 | 000,256,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [3820728.exe] C:\Windows\Temp\3820728.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [5233007.exe] C:\Windows\Temp\5233007.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [5568682.exe] C:\Windows\Temp\5568682.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [7414788.exe] C:\Users\JamET\AppData\Local\Temp\7414788.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [84901546-loader2.exe] C:\Windows\Temp\84901546-loader2.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-7-0\svchost.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico1] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico2] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico3] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico4] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [wxpdrv] C:\Windows\services32.exe ()> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.> in the current context!
Error: Unable to interpret <O31 - SafeBoot: AlternateShell - services32.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{7568e0a9-d7a4-11df-b1eb-001d72c8118e}\Shell\AutoRun\command - "" = F:\Razor1911_Installer.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{c931c5a1-7ed9-11e0-bae5-001d72c8118e}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\ufa> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\phoenix> in the current context!
Error: Unable to interpret <[2011.07.26 15:52:17 | 000,000,000 | ---D | C] -- C:\rsit> in the current context!
Error: Unable to interpret <[2011.07.26 15:46:11 | 000,000,000 | -H-D | C] -- C:\Windows\update.2> in the current context!
Error: Unable to interpret <[2011.07.26 15:45:14 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0> in the current context!
Error: Unable to interpret <[2011.07.26 15:33:54 | 000,000,000 | ---D | C] -- C:\Windows\av_ico> in the current context!
Error: Unable to interpret <[2011.07.26 15:32:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.1> in the current context!
Error: Unable to interpret <[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk> in the current context!
Error: Unable to interpret <[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0> in the current context!
Error: Unable to interpret <011.07.17 22:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:47:04 | 000,000,157 | ---- | M] () -- C:\Windows\info1> in the current context!
Error: Unable to interpret <[2011.07.26 15:46:39 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:28 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:11 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32_.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:19:51 | 001,183,232 | ---- | M] () -- C:\Windows\services32.exe> in the current context!
Error: Unable to interpret <[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:46:44 | 000,232,960 | ---- | C] () -- C:\Windows\l1rezerv.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:45:14 | 000,000,157 | ---- | C] () -- C:\Windows\info1> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:13 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:11 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:11 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:45 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:44 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32_.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:30 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:20:13 | 001,183,232 | ---- | C] () -- C:\Windows\services32.exe> in the current context!
OTL by OldTimer - Version 3.2.26.1 log created on 07262011_170809
Files\Folders moved on Reboot...
C:\Users\JamET\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\etilqs_pN9DYW68qLxO7NhUkGN0 not found!
File\Folder C:\Windows\temp\etilqs_tegApEGhPg5zZHqULBkD not found!
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: JamET
->Temp folder emptied: 30801844 bytes
->Temporary Internet Files folder emptied: 39331193 bytes
->Java cache emptied: 16712 bytes
->Google Chrome cache emptied: 429266543 bytes
->Flash cache emptied: 5622 bytes
User: Mcx1-JAMET-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 155993411 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66891 bytes
RecycleBin emptied: 655864040 bytes
Total Files Cleaned = 1 251,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: JamET
->Flash cache emptied: 0 bytes
User: Mcx1-JAMET-PC
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
Error: Unable to interpret <SRV - [2011.07.26 15:34:14 | 000,256,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-3343315272-3904119132-4205976823-1001\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [3820728.exe] C:\Windows\Temp\3820728.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [5233007.exe] C:\Windows\Temp\5233007.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [5568682.exe] C:\Windows\Temp\5568682.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [7414788.exe] C:\Users\JamET\AppData\Local\Temp\7414788.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [84901546-loader2.exe] C:\Windows\Temp\84901546-loader2.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-7-0\svchost.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico1] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico2] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico3] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [tray_ico4] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [wxpdrv] C:\Windows\services32.exe ()> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.> in the current context!
Error: Unable to interpret <O31 - SafeBoot: AlternateShell - services32.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{7568e0a9-d7a4-11df-b1eb-001d72c8118e}\Shell\AutoRun\command - "" = F:\Razor1911_Installer.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{c931c5a1-7ed9-11e0-bae5-001d72c8118e}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\ufa> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:47 | 000,000,000 | ---D | C] -- C:\Windows\phoenix> in the current context!
Error: Unable to interpret <[2011.07.26 15:52:17 | 000,000,000 | ---D | C] -- C:\rsit> in the current context!
Error: Unable to interpret <[2011.07.26 15:46:11 | 000,000,000 | -H-D | C] -- C:\Windows\update.2> in the current context!
Error: Unable to interpret <[2011.07.26 15:45:14 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0> in the current context!
Error: Unable to interpret <[2011.07.26 15:33:54 | 000,000,000 | ---D | C] -- C:\Windows\av_ico> in the current context!
Error: Unable to interpret <[2011.07.26 15:32:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.1> in the current context!
Error: Unable to interpret <[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk> in the current context!
Error: Unable to interpret <[2011.07.26 15:31:56 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0> in the current context!
Error: Unable to interpret <011.07.17 22:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:47:04 | 000,000,157 | ---- | M] () -- C:\Windows\info1> in the current context!
Error: Unable to interpret <[2011.07.26 15:46:39 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:28 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:11 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32_.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:14 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:19:51 | 001,183,232 | ---- | M] () -- C:\Windows\services32.exe> in the current context!
Error: Unable to interpret <[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:53:46 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:46:44 | 000,232,960 | ---- | C] () -- C:\Windows\l1rezerv.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:45:14 | 000,000,157 | ---- | C] () -- C:\Windows\info1> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:13 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:11 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar> in the current context!
Error: Unable to interpret <[2011.07.26 15:35:11 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:45 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:44 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32_.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:34:30 | 000,256,000 | ---- | C] () -- C:\Windows\sysdriver32.exe> in the current context!
Error: Unable to interpret <[2011.07.26 15:20:13 | 001,183,232 | ---- | C] () -- C:\Windows\services32.exe> in the current context!
OTL by OldTimer - Version 3.2.26.1 log created on 07262011_170809
Files\Folders moved on Reboot...
C:\Users\JamET\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\etilqs_pN9DYW68qLxO7NhUkGN0 not found!
File\Folder C:\Windows\temp\etilqs_tegApEGhPg5zZHqULBkD not found!
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: fcb vir
Takže až budou smazané všechny cracky, keygeny a všechno nelegální, tak mi sem vložte log z CKScaneru.
Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe
Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe- Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
- Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.
Re: fcb vir
aha tak díky za pomoc
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Přispějete na provoz fóra?