mno je to celkem jednoduchý, používal jste jinej program, a ten ten kod neumí zpracovat
tohle je ten správný program: www.itxassociates.com/OT-Tools/OTL.exe
Klidně ho stáhněte a udělejte co psal rudy předtím, ale s tímto programem, výsledný log mu sem nahrajte, pozná z něj, kde je problém ve vašem PC, ale dál už musí Rudy, nejsem oprávněn Vám radit....
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola-problém s modrou smrtí
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola-problém s modrou smrtí
Aha, vida tady byl zakopaný pes 
Rudy mi musel omylem poslat špatný link a já si toho nevšíml že klikám na OTM místo OTL a já pořád bádal, proč se to chová jinak než mi Rudy popisoval. To Vám musím velice poděkovat za tohle 
určitě jste Rudymu ušetřil spousty nervů se mnou 
Extras:
OTL Extras logfile created on: 22.7.2010 16:01:50 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Jura\Desktop
64bit-Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16890)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 12,12 Gb Free Space | 24,81% Space Free | Partition Type: NTFS
Drive D: | 249,26 Gb Total Space | 22,37 Gb Free Space | 8,97% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JURA-PC
Current User Name: Jura
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- D:\Junior\Opera_broswer\Opera.exe (Opera Software)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- D:\Junior\Opera_broswer\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "D:\Junior\Opera_broswer\opera.exe" (Opera Software)
https [open] -- "D:\Junior\Opera_broswer\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\Junior\VLC media player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Junior\VLC media player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Junior\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Junior\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Junior\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "D:\Junior\Opera_broswer\opera.exe" (Opera Software)
https [open] -- "D:\Junior\Opera_broswer\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Junior\VLC media player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Junior\VLC media player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Junior\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Junior\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Junior\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Junior\FlashGet universal\FlashGet.exe" = D:\Junior\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"D:\Junior\FlashGet universal\LiveUpdate.exe" = D:\Junior\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found
"D:\Junior\FlashGet universal\LiveUpdateEx.exe" = D:\Junior\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found
"D:\Junior\FlashGet universal\FlashGet.exe" = D:\Junior\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"D:\Junior\FlashGet universal\LiveUpdate.exe" = D:\Junior\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found
"D:\Junior\FlashGet universal\LiveUpdateEx.exe" = D:\Junior\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02747684-1A60-4CE1-BF4C-906AB5315481}" = rport=139 | protocol=6 | dir=out | app=system |
"{47B498B5-7C84-49EC-AB7A-BB3797A7D974}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{48CD7305-83DF-4922-880B-4636CCA1761D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4E0D25A0-50C5-47F0-8915-FD9E52786286}" = lport=445 | protocol=6 | dir=in | app=system |
"{5764CDC9-3D6A-48FC-BAF4-A7433199BF06}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{61982D02-30BA-44B9-9D12-4F14F6F49A1C}" = rport=445 | protocol=6 | dir=out | app=system |
"{63827180-6DA4-45D4-AA3C-534C34A38763}" = lport=138 | protocol=17 | dir=in | app=system |
"{7E313FD1-7756-4526-85D1-6472D052A6B4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9CAAE781-FB51-46CC-A221-5ACBBAC32224}" = rport=138 | protocol=17 | dir=out | app=system |
"{9CDB34BF-64FE-4698-9919-18B514CE59C4}" = lport=139 | protocol=6 | dir=in | app=system |
"{A0FA389C-4404-44E5-9192-DE708199CF50}" = lport=137 | protocol=17 | dir=in | app=system |
"{CC6CCBA1-365D-4C1C-B295-1FAD67CCD71C}" = rport=137 | protocol=17 | dir=out | app=system |
"{E3D9D625-B18F-4C52-AA2A-20FC60941388}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{075D1E30-4C35-4F40-858F-24EC341DF2A7}" = protocol=58 | dir=in | app=system |
"{093D3E66-5833-473C-A660-9C946887E075}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0D103D94-065A-486F-90C0-13D918A3555F}" = protocol=58 | dir=out | app=system |
"{0FC21E43-AE8B-4171-804F-C810B2D84656}" = protocol=58 | dir=out | app=system |
"{12DFAEBD-BB8B-44F2-A56A-2F735AD55662}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{13AC279A-798E-4983-8D85-E7F3F6658FC6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{17F6004D-9C48-4898-AC16-0474BC3678F9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1E3B63D1-69C2-4742-8AD1-ED07E529A5C9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2112D3F4-4F36-4FB8-8751-7485C428DAC6}" = protocol=58 | dir=out | app=system |
"{213B8444-C838-4773-92FD-CCDF7B9848C5}" = protocol=17 | dir=in | app=c:\windows\system32\lxcgcoms.exe |
"{2453A72F-50E8-4E92-9976-AC353D0AD1B6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{261B94D7-8DC5-4449-898A-3EB6ECE12714}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{28A4A5B7-A1C1-4442-A60D-3B4D7D35B1E7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2A1A6374-ECC0-4832-A6E5-16791CF22CD0}" = protocol=17 | dir=in | app=d:\junior\opera_broswer\opera.exe |
"{2C850F4B-1393-484F-8510-2AD1ED3FB6F0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{3806450B-AC65-4FD9-901F-63ABCBF25DAF}" = protocol=58 | dir=out | app=system |
"{3CEBDD6E-0CD4-444A-B077-0C77563487B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4D1AF22C-8057-482E-9A82-E43DAF08BF5A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5515440F-C505-4FC0-A8E9-DCC184DA0E3D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5737C723-237A-43E9-9DCF-11DA87C918A4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A5AB1CB-7155-40D0-B890-84FD40BC9529}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{65D14658-02CF-4788-A721-EDEF27E7E646}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6AF4644D-8B47-48B8-BA04-EEFA7D020AA2}" = protocol=58 | dir=in | app=system |
"{6CC6B619-4030-4E5A-8E26-24F6729BF9A8}" = protocol=17 | dir=in | app=d:\junior\metro 2033\steam\steam.exe |
"{6D3C7762-3158-4ED9-9955-F9594CF1E3CD}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{79211CF5-EC1E-446D-9D27-BA49DF51B26D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7D20BEC5-DD72-4346-B608-A12D1D2CCF96}" = protocol=58 | dir=in | app=system |
"{86B4AC39-6DE5-4779-9783-EC60B0A256C9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{87F9809A-28C5-45F7-95CD-E9578A132E17}" = protocol=17 | dir=in | app=d:\junior\bf bc2\bfbc2updater.exe |
"{898BCA92-980A-40FF-A176-FE6CC56141DA}" = protocol=58 | dir=in | app=system |
"{8C170D92-F92B-4A77-8CED-51E8AC0D9411}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{91B49AEB-1CD7-40E0-8CC8-6C990D584359}" = protocol=58 | dir=in | app=system |
"{9594383B-E2CC-4440-BACA-F0148C871FB5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9B9E6FBC-26BE-417C-A20E-FA6D71075B01}" = protocol=6 | dir=in | app=d:\junior\opera_broswer\opera.exe |
"{A1A9633F-38F7-4E2A-B761-7FFF18154884}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{A4F18986-18D0-41E3-9049-D7701EF12FD1}" = protocol=58 | dir=in | app=system |
"{A61237CD-39C7-4693-AA7A-00B0838D145C}" = protocol=6 | dir=in | app=c:\windows\system32\lxcgcoms.exe |
"{A7C632F8-3578-452F-A335-E319B444DE93}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{AE81A897-86DA-4C60-BE09-D0728E4D3164}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B2D3E339-D191-405E-BAA6-C4941EB5C276}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C182DDB5-D290-4D2B-AC63-087C68B56589}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C4462655-B884-409C-A006-B2D10C368B2A}" = protocol=6 | dir=in | app=d:\junior\metro 2033\steam\steam.exe |
"{C60EFE7D-563C-43FC-A60E-33EB70274F72}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C6242952-43D4-43F9-A721-6C528CF48179}" = protocol=58 | dir=in | app=system |
"{C7D66691-EE82-40FF-A894-80D59E42AF57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C95BF5A8-1BCC-4C70-8835-49147FB63A62}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CA463D3B-5B79-4B1D-98C5-099A5D32044B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CBA302D3-74B3-446C-9079-B121082E201A}" = protocol=58 | dir=out | app=system |
"{CEFA3EEC-8A25-45CB-9EB3-043A814D0930}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DDA05777-B617-4E5F-839F-7449A577499A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E2EF3096-6D6A-47F4-9C3D-843EDCC7E727}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E6AB59F4-FCEB-43DE-8CF7-66B3D09780AD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EF659AD5-DFC9-48DE-82DF-C1A131CE7F91}" = protocol=58 | dir=out | app=system |
"{EFC0CB49-C790-42B7-A274-B4C93E1DDEDE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F25C00F3-53BC-4010-AF22-C121481D9786}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F2FA8B9A-4771-4164-B5CF-3C7176D0B534}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{F8B024E1-8757-4A6E-A6AC-3A3D2032C00E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FE472E28-9F2C-4BD2-AC8F-AC9D00D297FA}" = protocol=6 | dir=in | app=d:\junior\bf bc2\bfbc2updater.exe |
"{FE84910D-6579-4F55-91AB-83A7C7D0B87D}" = protocol=58 | dir=out | app=system |
"TCP Query User{04C48289-8639-4D69-82E1-65130158E79A}D:\junior\qip\qip\qip.exe" = protocol=6 | dir=in | app=d:\junior\qip\qip\qip.exe |
"TCP Query User{0D7F32C4-3C0F-429C-B076-820B7D7A39E6}D:\junior\gears of war\gears of war\binaries\wargame-g4wlive.exe" = protocol=6 | dir=in | app=d:\junior\gears of war\gears of war\binaries\wargame-g4wlive.exe |
"TCP Query User{1015165D-7F43-4954-9325-E1D16B505F0C}D:\junior\soldat\soldat.exe" = protocol=6 | dir=in | app=d:\junior\soldat\soldat.exe |
"TCP Query User{2792B405-C7DB-4C83-A029-AF6F7D31BE67}D:\junior\blazing angels 2\blazing angels 2 secret missions of wwii\bin\ba2.exe" = protocol=6 | dir=in | app=d:\junior\blazing angels 2\blazing angels 2 secret missions of wwii\bin\ba2.exe |
"TCP Query User{2A6F21ED-0055-4311-A1C8-7E6285CBCDE9}D:\junior\opera_broswer\opera.exe" = protocol=6 | dir=in | app=d:\junior\opera_broswer\opera.exe |
"TCP Query User{36D74A85-88CE-4D68-B74C-4E5719C6D654}D:\junior\bit lord\bitlord\bitlord.exe" = protocol=6 | dir=in | app=d:\junior\bit lord\bitlord\bitlord.exe |
"TCP Query User{391696CF-5F2F-4A4D-B138-9F9E218B6DFF}D:\junior\bit lord\bitlord\bitlord.exe" = protocol=6 | dir=in | app=d:\junior\bit lord\bitlord\bitlord.exe |
"TCP Query User{3CEFEEFB-34EC-4A70-83DB-967057CFEF75}D:\junior\bit lord\bitlord\downloads\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=d:\junior\bit lord\bitlord\downloads\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe |
"TCP Query User{4761494E-BD30-42C8-8AB3-4A633F8281A3}D:\junior\firefox\firefox.exe" = protocol=6 | dir=in | app=d:\junior\firefox\firefox.exe |
"TCP Query User{55F42BA5-E491-45B6-8DB5-79A3644069F6}D:\junior\anno1701\anno1701.exe" = protocol=6 | dir=in | app=d:\junior\anno1701\anno1701.exe |
"TCP Query User{80F74282-9974-4C8B-9821-5A5813C15E29}D:\junior\firefox\firefox.exe" = protocol=6 | dir=in | app=d:\junior\firefox\firefox.exe |
"TCP Query User{812B83D9-3E59-4D0E-BA33-A5E16AC7BF47}D:\junior\miranda pack by sssugi 2.3.1\miranda32.exe" = protocol=6 | dir=in | app=d:\junior\miranda pack by sssugi 2.3.1\miranda32.exe |
"TCP Query User{871606C4-D297-4615-8C17-49AAFD9F6477}D:\junior\ultima\ultima online kelevar\kelevarclient.exe" = protocol=6 | dir=in | app=d:\junior\ultima\ultima online kelevar\kelevarclient.exe |
"TCP Query User{88836FEC-D6DD-479D-91E1-F2226428073D}D:\junior\miranda pack by sssugi 2.3.1\miranda32.exe" = protocol=6 | dir=in | app=d:\junior\miranda pack by sssugi 2.3.1\miranda32.exe |
"TCP Query User{9A6770AD-8748-418C-AE0A-D2B47CD5D7EB}D:\junior\ultima\ultima online kelevar\client.exe" = protocol=6 | dir=in | app=d:\junior\ultima\ultima online kelevar\client.exe |
"TCP Query User{9F45CB40-9097-4ED1-B7A4-F1B51D570EF4}D:\junior\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=d:\junior\totalcmd\totalcmd.exe |
"TCP Query User{A23D4111-B9DC-482C-B824-8132BD690971}D:\junior\qip\qip\qip.exe" = protocol=6 | dir=in | app=d:\junior\qip\qip\qip.exe |
"TCP Query User{A26D873D-5C21-4EAC-9F78-992EBB3D2016}D:\junior\cod2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\junior\cod2\cod2mp_s.exe |
"TCP Query User{AF37EB22-531D-49B6-A315-65CA19F83400}D:\junior\qip\qip\qip\qip.exe" = protocol=6 | dir=in | app=d:\junior\qip\qip\qip\qip.exe |
"TCP Query User{B41403FF-1236-4B4C-A1FF-0DA365DC8576}D:\junior\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=d:\junior\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{B6C65079-43E1-4CBB-A06F-317FB5298481}D:\junior\cod2\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\junior\cod2\call of duty 2\cod2mp_s.exe |
"TCP Query User{B9ECF0F3-EA3A-492D-9625-41E1D417F3ED}D:\junior\ultima\ultima online kelevar\client.exe" = protocol=6 | dir=in | app=d:\junior\ultima\ultima online kelevar\client.exe |
"TCP Query User{BED84587-C5C8-4CF1-87F7-D6DD6666938A}D:\junior\flashget universal\flashget.exe" = protocol=6 | dir=in | app=d:\junior\flashget universal\flashget.exe |
"TCP Query User{CB65E9C5-8F6A-4A10-B759-5A5FD63366FC}D:\junior\miranda\miranda pack by sssugi 2.2.1\miranda32.exe" = protocol=6 | dir=in | app=d:\junior\miranda\miranda pack by sssugi 2.2.1\miranda32.exe |
"TCP Query User{F6F355F1-3CE3-4ECB-8F16-245270D17199}D:\junior\packet tracer 5.2\bin\packettracer5.exe" = protocol=6 | dir=in | app=d:\junior\packet tracer 5.2\bin\packettracer5.exe |
"TCP Query User{FC715899-7378-4C50-BDDE-01C0D6CEDFA0}D:\junior\generals\game.dat" = protocol=6 | dir=in | app=d:\junior\generals\game.dat |
"UDP Query User{00044DD2-B321-4DF7-B227-16E5C66A1314}D:\junior\anno1701\anno1701.exe" = protocol=17 | dir=in | app=d:\junior\anno1701\anno1701.exe |
"UDP Query User{0384A29D-6E9A-4E15-9FF0-A41E2536E3C8}D:\junior\firefox\firefox.exe" = protocol=17 | dir=in | app=d:\junior\firefox\firefox.exe |
"UDP Query User{19B33814-5B12-40B6-8D22-90E9F682D193}D:\junior\miranda pack by sssugi 2.3.1\miranda32.exe" = protocol=17 | dir=in | app=d:\junior\miranda pack by sssugi 2.3.1\miranda32.exe |
"UDP Query User{1A8F535A-A4D8-4530-9353-CEDB8B2995A9}D:\junior\ultima\ultima online kelevar\client.exe" = protocol=17 | dir=in | app=d:\junior\ultima\ultima online kelevar\client.exe |
"UDP Query User{262C4F21-6701-4E76-BBE8-0297AE56C9C9}D:\junior\qip\qip\qip.exe" = protocol=17 | dir=in | app=d:\junior\qip\qip\qip.exe |
"UDP Query User{2C68C416-B858-4B62-93E1-FBEEBAF229BA}D:\junior\ultima\ultima online kelevar\kelevarclient.exe" = protocol=17 | dir=in | app=d:\junior\ultima\ultima online kelevar\kelevarclient.exe |
"UDP Query User{2E060D0E-E649-4AF8-976E-B61117D3DC4D}D:\junior\flashget universal\flashget.exe" = protocol=17 | dir=in | app=d:\junior\flashget universal\flashget.exe |
"UDP Query User{31C71C9F-2450-46AC-8328-C5301A6BB45F}D:\junior\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=d:\junior\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{47586572-3232-4291-9C2A-9ECB48A994FC}D:\junior\qip\qip\qip.exe" = protocol=17 | dir=in | app=d:\junior\qip\qip\qip.exe |
"UDP Query User{52527DA9-A6FF-4E60-8915-3A801300323F}D:\junior\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=d:\junior\totalcmd\totalcmd.exe |
"UDP Query User{58CDDC71-2D5C-4956-983C-D0FB902EC1BA}D:\junior\soldat\soldat.exe" = protocol=17 | dir=in | app=d:\junior\soldat\soldat.exe |
"UDP Query User{65AC2085-48B7-4BD2-93E2-F48DE0EC2E44}D:\junior\firefox\firefox.exe" = protocol=17 | dir=in | app=d:\junior\firefox\firefox.exe |
"UDP Query User{7825993C-CF0A-4D6A-A2B0-131A0646596C}D:\junior\bit lord\bitlord\bitlord.exe" = protocol=17 | dir=in | app=d:\junior\bit lord\bitlord\bitlord.exe |
"UDP Query User{7CB3A55D-355F-4123-BBD6-C5A78E39DF47}D:\junior\opera_broswer\opera.exe" = protocol=17 | dir=in | app=d:\junior\opera_broswer\opera.exe |
"UDP Query User{A51C3075-9DAE-4A83-A42E-F65CE3551130}D:\junior\ultima\ultima online kelevar\client.exe" = protocol=17 | dir=in | app=d:\junior\ultima\ultima online kelevar\client.exe |
"UDP Query User{AAA7F012-D328-435E-B007-F7CD99DDF3FD}D:\junior\qip\qip\qip\qip.exe" = protocol=17 | dir=in | app=d:\junior\qip\qip\qip\qip.exe |
"UDP Query User{B156D668-D601-486D-A392-F482FF2A4A26}D:\junior\miranda pack by sssugi 2.3.1\miranda32.exe" = protocol=17 | dir=in | app=d:\junior\miranda pack by sssugi 2.3.1\miranda32.exe |
"UDP Query User{B3D28758-B0E7-406A-9E2D-11316588B0F6}D:\junior\blazing angels 2\blazing angels 2 secret missions of wwii\bin\ba2.exe" = protocol=17 | dir=in | app=d:\junior\blazing angels 2\blazing angels 2 secret missions of wwii\bin\ba2.exe |
"UDP Query User{D32E1223-C62D-46D6-AF5C-A236C3386C1B}D:\junior\cod2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\junior\cod2\cod2mp_s.exe |
"UDP Query User{DA913825-D4E2-41FA-8775-204F799A41E1}D:\junior\bit lord\bitlord\downloads\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=d:\junior\bit lord\bitlord\downloads\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe |
"UDP Query User{E36B9595-E530-4743-AA62-678D765CB468}D:\junior\cod2\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\junior\cod2\call of duty 2\cod2mp_s.exe |
"UDP Query User{E96B3161-2B75-4DE4-AC94-7D9BAC2E4141}D:\junior\generals\game.dat" = protocol=17 | dir=in | app=d:\junior\generals\game.dat |
"UDP Query User{ED328C8A-4D16-4A06-917C-8FD80558871C}D:\junior\gears of war\gears of war\binaries\wargame-g4wlive.exe" = protocol=17 | dir=in | app=d:\junior\gears of war\gears of war\binaries\wargame-g4wlive.exe |
"UDP Query User{EE27C516-C129-403E-B986-AF0E44BF4CB6}D:\junior\bit lord\bitlord\bitlord.exe" = protocol=17 | dir=in | app=d:\junior\bit lord\bitlord\bitlord.exe |
"UDP Query User{F2421778-67E0-40CB-8142-E763CF891CD2}D:\junior\miranda\miranda pack by sssugi 2.2.1\miranda32.exe" = protocol=17 | dir=in | app=d:\junior\miranda\miranda pack by sssugi 2.2.1\miranda32.exe |
"UDP Query User{FECAEEC5-FDF7-4361-888D-24FFCA490164}D:\junior\packet tracer 5.2\bin\packettracer5.exe" = protocol=17 | dir=in | app=d:\junior\packet tracer 5.2\bin\packettracer5.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DEFE11-5A7B-4D9A-92CD-3D9A8E1908FB}" = Saitek SD6 Programming Software 6.2.0.11
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{F057D378-EDF5-4174-BE13-4FD51CEAC4C3}" = Saitek SD6 Programming Software 6.2.0.11
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F78D5B74-2B10-4D99-B0D5-13FE1A4E0AFE}" = Sony Ericsson PC Suite x64
"Lexmark 2300 Series" = Lexmark 2300 Series
"Lexmark Fax Solutions" = Faxové funkce Lexmark
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1E2FDD18-E514-4631-AF4A-0CC58FD93DCB}" = Quake Live Mozilla Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage II
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 2.1.6 Release Preview r2494
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0711.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{A20DF6AC-0300-45E2-8152-7D677E4E8CF5}" = HotFile AutoDownloader
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.3 - Czech
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{D8B984A0-0D46-4EA0-BC1B-0597A2823A5C}" = Frag Games
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"ALZip_is1" = ALZip
"BSPlayerf" = BS.Player FREE
"Cisco Packet Tracer_is1" = Cisco Packet Tracer 5.2.1
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EAX Unified" = EAX Unified
"Elasto Mania" = Elasto Mania
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISE" = Microsoft Office Enterprise 2007
"exent_603850" = FlatOut: Ultimate Carnage
"ffdshow_is1" = ffdshow v1.1.3439 [2010-05-14]
"FlashGet 2.0" = FlashGet 2.0
"Fraps" = Fraps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"GameParkClient_is1" = GamePark
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"Inkscape" = Inkscape 0.47
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InterBase" = InterBase 6.5
"Mafia Game" = Mafia Game
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Megavideo Video Downloader_is1" = Megavideo Video Downloader 3.15
"Metro 2033_is1" = Metro 2033
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Miranda pack by sssugi_is1" = Miranda pack by sssugi 2.3.1
"MKVtoolnix" = MKVtoolnix 2.8.0
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"ProfiCAD_is1" = ProfiCAD
"PunkBusterSvc" = PunkBuster Services
"QIP 2005_is1" = QIP 2005 8090
"Soldat_is1" = Soldat 1.5.0
"SpeedFan" = SpeedFan (remove only)
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SystemRequirementsLab" = System Requirements Lab
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Rudy mi musel omylem poslat špatný link a já si toho nevšíml že klikám na OTM místo OTL a já pořád bádal, proč se to chová jinak než mi Rudy popisoval. To Vám musím velice poděkovat za tohle určitě jste Rudymu ušetřil spousty nervů se mnou Extras:
OTL Extras logfile created on: 22.7.2010 16:01:50 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Jura\Desktop
64bit-Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16890)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 12,12 Gb Free Space | 24,81% Space Free | Partition Type: NTFS
Drive D: | 249,26 Gb Total Space | 22,37 Gb Free Space | 8,97% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JURA-PC
Current User Name: Jura
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- D:\Junior\Opera_broswer\Opera.exe (Opera Software)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- D:\Junior\Opera_broswer\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "D:\Junior\Opera_broswer\opera.exe" (Opera Software)
https [open] -- "D:\Junior\Opera_broswer\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\Junior\VLC media player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Junior\VLC media player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Junior\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Junior\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Junior\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "D:\Junior\Opera_broswer\opera.exe" (Opera Software)
https [open] -- "D:\Junior\Opera_broswer\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Junior\VLC media player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Junior\VLC media player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Junior\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Junior\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Junior\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Junior\FlashGet universal\FlashGet.exe" = D:\Junior\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"D:\Junior\FlashGet universal\LiveUpdate.exe" = D:\Junior\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found
"D:\Junior\FlashGet universal\LiveUpdateEx.exe" = D:\Junior\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found
"D:\Junior\FlashGet universal\FlashGet.exe" = D:\Junior\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"D:\Junior\FlashGet universal\LiveUpdate.exe" = D:\Junior\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found
"D:\Junior\FlashGet universal\LiveUpdateEx.exe" = D:\Junior\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02747684-1A60-4CE1-BF4C-906AB5315481}" = rport=139 | protocol=6 | dir=out | app=system |
"{47B498B5-7C84-49EC-AB7A-BB3797A7D974}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{48CD7305-83DF-4922-880B-4636CCA1761D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4E0D25A0-50C5-47F0-8915-FD9E52786286}" = lport=445 | protocol=6 | dir=in | app=system |
"{5764CDC9-3D6A-48FC-BAF4-A7433199BF06}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{61982D02-30BA-44B9-9D12-4F14F6F49A1C}" = rport=445 | protocol=6 | dir=out | app=system |
"{63827180-6DA4-45D4-AA3C-534C34A38763}" = lport=138 | protocol=17 | dir=in | app=system |
"{7E313FD1-7756-4526-85D1-6472D052A6B4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9CAAE781-FB51-46CC-A221-5ACBBAC32224}" = rport=138 | protocol=17 | dir=out | app=system |
"{9CDB34BF-64FE-4698-9919-18B514CE59C4}" = lport=139 | protocol=6 | dir=in | app=system |
"{A0FA389C-4404-44E5-9192-DE708199CF50}" = lport=137 | protocol=17 | dir=in | app=system |
"{CC6CCBA1-365D-4C1C-B295-1FAD67CCD71C}" = rport=137 | protocol=17 | dir=out | app=system |
"{E3D9D625-B18F-4C52-AA2A-20FC60941388}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{075D1E30-4C35-4F40-858F-24EC341DF2A7}" = protocol=58 | dir=in | app=system |
"{093D3E66-5833-473C-A660-9C946887E075}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0D103D94-065A-486F-90C0-13D918A3555F}" = protocol=58 | dir=out | app=system |
"{0FC21E43-AE8B-4171-804F-C810B2D84656}" = protocol=58 | dir=out | app=system |
"{12DFAEBD-BB8B-44F2-A56A-2F735AD55662}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{13AC279A-798E-4983-8D85-E7F3F6658FC6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{17F6004D-9C48-4898-AC16-0474BC3678F9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1E3B63D1-69C2-4742-8AD1-ED07E529A5C9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2112D3F4-4F36-4FB8-8751-7485C428DAC6}" = protocol=58 | dir=out | app=system |
"{213B8444-C838-4773-92FD-CCDF7B9848C5}" = protocol=17 | dir=in | app=c:\windows\system32\lxcgcoms.exe |
"{2453A72F-50E8-4E92-9976-AC353D0AD1B6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{261B94D7-8DC5-4449-898A-3EB6ECE12714}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{28A4A5B7-A1C1-4442-A60D-3B4D7D35B1E7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2A1A6374-ECC0-4832-A6E5-16791CF22CD0}" = protocol=17 | dir=in | app=d:\junior\opera_broswer\opera.exe |
"{2C850F4B-1393-484F-8510-2AD1ED3FB6F0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{3806450B-AC65-4FD9-901F-63ABCBF25DAF}" = protocol=58 | dir=out | app=system |
"{3CEBDD6E-0CD4-444A-B077-0C77563487B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4D1AF22C-8057-482E-9A82-E43DAF08BF5A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5515440F-C505-4FC0-A8E9-DCC184DA0E3D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5737C723-237A-43E9-9DCF-11DA87C918A4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A5AB1CB-7155-40D0-B890-84FD40BC9529}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{65D14658-02CF-4788-A721-EDEF27E7E646}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6AF4644D-8B47-48B8-BA04-EEFA7D020AA2}" = protocol=58 | dir=in | app=system |
"{6CC6B619-4030-4E5A-8E26-24F6729BF9A8}" = protocol=17 | dir=in | app=d:\junior\metro 2033\steam\steam.exe |
"{6D3C7762-3158-4ED9-9955-F9594CF1E3CD}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{79211CF5-EC1E-446D-9D27-BA49DF51B26D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7D20BEC5-DD72-4346-B608-A12D1D2CCF96}" = protocol=58 | dir=in | app=system |
"{86B4AC39-6DE5-4779-9783-EC60B0A256C9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{87F9809A-28C5-45F7-95CD-E9578A132E17}" = protocol=17 | dir=in | app=d:\junior\bf bc2\bfbc2updater.exe |
"{898BCA92-980A-40FF-A176-FE6CC56141DA}" = protocol=58 | dir=in | app=system |
"{8C170D92-F92B-4A77-8CED-51E8AC0D9411}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{91B49AEB-1CD7-40E0-8CC8-6C990D584359}" = protocol=58 | dir=in | app=system |
"{9594383B-E2CC-4440-BACA-F0148C871FB5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9B9E6FBC-26BE-417C-A20E-FA6D71075B01}" = protocol=6 | dir=in | app=d:\junior\opera_broswer\opera.exe |
"{A1A9633F-38F7-4E2A-B761-7FFF18154884}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{A4F18986-18D0-41E3-9049-D7701EF12FD1}" = protocol=58 | dir=in | app=system |
"{A61237CD-39C7-4693-AA7A-00B0838D145C}" = protocol=6 | dir=in | app=c:\windows\system32\lxcgcoms.exe |
"{A7C632F8-3578-452F-A335-E319B444DE93}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{AE81A897-86DA-4C60-BE09-D0728E4D3164}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B2D3E339-D191-405E-BAA6-C4941EB5C276}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C182DDB5-D290-4D2B-AC63-087C68B56589}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C4462655-B884-409C-A006-B2D10C368B2A}" = protocol=6 | dir=in | app=d:\junior\metro 2033\steam\steam.exe |
"{C60EFE7D-563C-43FC-A60E-33EB70274F72}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C6242952-43D4-43F9-A721-6C528CF48179}" = protocol=58 | dir=in | app=system |
"{C7D66691-EE82-40FF-A894-80D59E42AF57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C95BF5A8-1BCC-4C70-8835-49147FB63A62}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CA463D3B-5B79-4B1D-98C5-099A5D32044B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CBA302D3-74B3-446C-9079-B121082E201A}" = protocol=58 | dir=out | app=system |
"{CEFA3EEC-8A25-45CB-9EB3-043A814D0930}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DDA05777-B617-4E5F-839F-7449A577499A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E2EF3096-6D6A-47F4-9C3D-843EDCC7E727}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E6AB59F4-FCEB-43DE-8CF7-66B3D09780AD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EF659AD5-DFC9-48DE-82DF-C1A131CE7F91}" = protocol=58 | dir=out | app=system |
"{EFC0CB49-C790-42B7-A274-B4C93E1DDEDE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F25C00F3-53BC-4010-AF22-C121481D9786}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F2FA8B9A-4771-4164-B5CF-3C7176D0B534}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{F8B024E1-8757-4A6E-A6AC-3A3D2032C00E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FE472E28-9F2C-4BD2-AC8F-AC9D00D297FA}" = protocol=6 | dir=in | app=d:\junior\bf bc2\bfbc2updater.exe |
"{FE84910D-6579-4F55-91AB-83A7C7D0B87D}" = protocol=58 | dir=out | app=system |
"TCP Query User{04C48289-8639-4D69-82E1-65130158E79A}D:\junior\qip\qip\qip.exe" = protocol=6 | dir=in | app=d:\junior\qip\qip\qip.exe |
"TCP Query User{0D7F32C4-3C0F-429C-B076-820B7D7A39E6}D:\junior\gears of war\gears of war\binaries\wargame-g4wlive.exe" = protocol=6 | dir=in | app=d:\junior\gears of war\gears of war\binaries\wargame-g4wlive.exe |
"TCP Query User{1015165D-7F43-4954-9325-E1D16B505F0C}D:\junior\soldat\soldat.exe" = protocol=6 | dir=in | app=d:\junior\soldat\soldat.exe |
"TCP Query User{2792B405-C7DB-4C83-A029-AF6F7D31BE67}D:\junior\blazing angels 2\blazing angels 2 secret missions of wwii\bin\ba2.exe" = protocol=6 | dir=in | app=d:\junior\blazing angels 2\blazing angels 2 secret missions of wwii\bin\ba2.exe |
"TCP Query User{2A6F21ED-0055-4311-A1C8-7E6285CBCDE9}D:\junior\opera_broswer\opera.exe" = protocol=6 | dir=in | app=d:\junior\opera_broswer\opera.exe |
"TCP Query User{36D74A85-88CE-4D68-B74C-4E5719C6D654}D:\junior\bit lord\bitlord\bitlord.exe" = protocol=6 | dir=in | app=d:\junior\bit lord\bitlord\bitlord.exe |
"TCP Query User{391696CF-5F2F-4A4D-B138-9F9E218B6DFF}D:\junior\bit lord\bitlord\bitlord.exe" = protocol=6 | dir=in | app=d:\junior\bit lord\bitlord\bitlord.exe |
"TCP Query User{3CEFEEFB-34EC-4A70-83DB-967057CFEF75}D:\junior\bit lord\bitlord\downloads\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=d:\junior\bit lord\bitlord\downloads\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe |
"TCP Query User{4761494E-BD30-42C8-8AB3-4A633F8281A3}D:\junior\firefox\firefox.exe" = protocol=6 | dir=in | app=d:\junior\firefox\firefox.exe |
"TCP Query User{55F42BA5-E491-45B6-8DB5-79A3644069F6}D:\junior\anno1701\anno1701.exe" = protocol=6 | dir=in | app=d:\junior\anno1701\anno1701.exe |
"TCP Query User{80F74282-9974-4C8B-9821-5A5813C15E29}D:\junior\firefox\firefox.exe" = protocol=6 | dir=in | app=d:\junior\firefox\firefox.exe |
"TCP Query User{812B83D9-3E59-4D0E-BA33-A5E16AC7BF47}D:\junior\miranda pack by sssugi 2.3.1\miranda32.exe" = protocol=6 | dir=in | app=d:\junior\miranda pack by sssugi 2.3.1\miranda32.exe |
"TCP Query User{871606C4-D297-4615-8C17-49AAFD9F6477}D:\junior\ultima\ultima online kelevar\kelevarclient.exe" = protocol=6 | dir=in | app=d:\junior\ultima\ultima online kelevar\kelevarclient.exe |
"TCP Query User{88836FEC-D6DD-479D-91E1-F2226428073D}D:\junior\miranda pack by sssugi 2.3.1\miranda32.exe" = protocol=6 | dir=in | app=d:\junior\miranda pack by sssugi 2.3.1\miranda32.exe |
"TCP Query User{9A6770AD-8748-418C-AE0A-D2B47CD5D7EB}D:\junior\ultima\ultima online kelevar\client.exe" = protocol=6 | dir=in | app=d:\junior\ultima\ultima online kelevar\client.exe |
"TCP Query User{9F45CB40-9097-4ED1-B7A4-F1B51D570EF4}D:\junior\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=d:\junior\totalcmd\totalcmd.exe |
"TCP Query User{A23D4111-B9DC-482C-B824-8132BD690971}D:\junior\qip\qip\qip.exe" = protocol=6 | dir=in | app=d:\junior\qip\qip\qip.exe |
"TCP Query User{A26D873D-5C21-4EAC-9F78-992EBB3D2016}D:\junior\cod2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\junior\cod2\cod2mp_s.exe |
"TCP Query User{AF37EB22-531D-49B6-A315-65CA19F83400}D:\junior\qip\qip\qip\qip.exe" = protocol=6 | dir=in | app=d:\junior\qip\qip\qip\qip.exe |
"TCP Query User{B41403FF-1236-4B4C-A1FF-0DA365DC8576}D:\junior\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=d:\junior\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{B6C65079-43E1-4CBB-A06F-317FB5298481}D:\junior\cod2\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\junior\cod2\call of duty 2\cod2mp_s.exe |
"TCP Query User{B9ECF0F3-EA3A-492D-9625-41E1D417F3ED}D:\junior\ultima\ultima online kelevar\client.exe" = protocol=6 | dir=in | app=d:\junior\ultima\ultima online kelevar\client.exe |
"TCP Query User{BED84587-C5C8-4CF1-87F7-D6DD6666938A}D:\junior\flashget universal\flashget.exe" = protocol=6 | dir=in | app=d:\junior\flashget universal\flashget.exe |
"TCP Query User{CB65E9C5-8F6A-4A10-B759-5A5FD63366FC}D:\junior\miranda\miranda pack by sssugi 2.2.1\miranda32.exe" = protocol=6 | dir=in | app=d:\junior\miranda\miranda pack by sssugi 2.2.1\miranda32.exe |
"TCP Query User{F6F355F1-3CE3-4ECB-8F16-245270D17199}D:\junior\packet tracer 5.2\bin\packettracer5.exe" = protocol=6 | dir=in | app=d:\junior\packet tracer 5.2\bin\packettracer5.exe |
"TCP Query User{FC715899-7378-4C50-BDDE-01C0D6CEDFA0}D:\junior\generals\game.dat" = protocol=6 | dir=in | app=d:\junior\generals\game.dat |
"UDP Query User{00044DD2-B321-4DF7-B227-16E5C66A1314}D:\junior\anno1701\anno1701.exe" = protocol=17 | dir=in | app=d:\junior\anno1701\anno1701.exe |
"UDP Query User{0384A29D-6E9A-4E15-9FF0-A41E2536E3C8}D:\junior\firefox\firefox.exe" = protocol=17 | dir=in | app=d:\junior\firefox\firefox.exe |
"UDP Query User{19B33814-5B12-40B6-8D22-90E9F682D193}D:\junior\miranda pack by sssugi 2.3.1\miranda32.exe" = protocol=17 | dir=in | app=d:\junior\miranda pack by sssugi 2.3.1\miranda32.exe |
"UDP Query User{1A8F535A-A4D8-4530-9353-CEDB8B2995A9}D:\junior\ultima\ultima online kelevar\client.exe" = protocol=17 | dir=in | app=d:\junior\ultima\ultima online kelevar\client.exe |
"UDP Query User{262C4F21-6701-4E76-BBE8-0297AE56C9C9}D:\junior\qip\qip\qip.exe" = protocol=17 | dir=in | app=d:\junior\qip\qip\qip.exe |
"UDP Query User{2C68C416-B858-4B62-93E1-FBEEBAF229BA}D:\junior\ultima\ultima online kelevar\kelevarclient.exe" = protocol=17 | dir=in | app=d:\junior\ultima\ultima online kelevar\kelevarclient.exe |
"UDP Query User{2E060D0E-E649-4AF8-976E-B61117D3DC4D}D:\junior\flashget universal\flashget.exe" = protocol=17 | dir=in | app=d:\junior\flashget universal\flashget.exe |
"UDP Query User{31C71C9F-2450-46AC-8328-C5301A6BB45F}D:\junior\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=d:\junior\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{47586572-3232-4291-9C2A-9ECB48A994FC}D:\junior\qip\qip\qip.exe" = protocol=17 | dir=in | app=d:\junior\qip\qip\qip.exe |
"UDP Query User{52527DA9-A6FF-4E60-8915-3A801300323F}D:\junior\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=d:\junior\totalcmd\totalcmd.exe |
"UDP Query User{58CDDC71-2D5C-4956-983C-D0FB902EC1BA}D:\junior\soldat\soldat.exe" = protocol=17 | dir=in | app=d:\junior\soldat\soldat.exe |
"UDP Query User{65AC2085-48B7-4BD2-93E2-F48DE0EC2E44}D:\junior\firefox\firefox.exe" = protocol=17 | dir=in | app=d:\junior\firefox\firefox.exe |
"UDP Query User{7825993C-CF0A-4D6A-A2B0-131A0646596C}D:\junior\bit lord\bitlord\bitlord.exe" = protocol=17 | dir=in | app=d:\junior\bit lord\bitlord\bitlord.exe |
"UDP Query User{7CB3A55D-355F-4123-BBD6-C5A78E39DF47}D:\junior\opera_broswer\opera.exe" = protocol=17 | dir=in | app=d:\junior\opera_broswer\opera.exe |
"UDP Query User{A51C3075-9DAE-4A83-A42E-F65CE3551130}D:\junior\ultima\ultima online kelevar\client.exe" = protocol=17 | dir=in | app=d:\junior\ultima\ultima online kelevar\client.exe |
"UDP Query User{AAA7F012-D328-435E-B007-F7CD99DDF3FD}D:\junior\qip\qip\qip\qip.exe" = protocol=17 | dir=in | app=d:\junior\qip\qip\qip\qip.exe |
"UDP Query User{B156D668-D601-486D-A392-F482FF2A4A26}D:\junior\miranda pack by sssugi 2.3.1\miranda32.exe" = protocol=17 | dir=in | app=d:\junior\miranda pack by sssugi 2.3.1\miranda32.exe |
"UDP Query User{B3D28758-B0E7-406A-9E2D-11316588B0F6}D:\junior\blazing angels 2\blazing angels 2 secret missions of wwii\bin\ba2.exe" = protocol=17 | dir=in | app=d:\junior\blazing angels 2\blazing angels 2 secret missions of wwii\bin\ba2.exe |
"UDP Query User{D32E1223-C62D-46D6-AF5C-A236C3386C1B}D:\junior\cod2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\junior\cod2\cod2mp_s.exe |
"UDP Query User{DA913825-D4E2-41FA-8775-204F799A41E1}D:\junior\bit lord\bitlord\downloads\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=d:\junior\bit lord\bitlord\downloads\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe |
"UDP Query User{E36B9595-E530-4743-AA62-678D765CB468}D:\junior\cod2\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\junior\cod2\call of duty 2\cod2mp_s.exe |
"UDP Query User{E96B3161-2B75-4DE4-AC94-7D9BAC2E4141}D:\junior\generals\game.dat" = protocol=17 | dir=in | app=d:\junior\generals\game.dat |
"UDP Query User{ED328C8A-4D16-4A06-917C-8FD80558871C}D:\junior\gears of war\gears of war\binaries\wargame-g4wlive.exe" = protocol=17 | dir=in | app=d:\junior\gears of war\gears of war\binaries\wargame-g4wlive.exe |
"UDP Query User{EE27C516-C129-403E-B986-AF0E44BF4CB6}D:\junior\bit lord\bitlord\bitlord.exe" = protocol=17 | dir=in | app=d:\junior\bit lord\bitlord\bitlord.exe |
"UDP Query User{F2421778-67E0-40CB-8142-E763CF891CD2}D:\junior\miranda\miranda pack by sssugi 2.2.1\miranda32.exe" = protocol=17 | dir=in | app=d:\junior\miranda\miranda pack by sssugi 2.2.1\miranda32.exe |
"UDP Query User{FECAEEC5-FDF7-4361-888D-24FFCA490164}D:\junior\packet tracer 5.2\bin\packettracer5.exe" = protocol=17 | dir=in | app=d:\junior\packet tracer 5.2\bin\packettracer5.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DEFE11-5A7B-4D9A-92CD-3D9A8E1908FB}" = Saitek SD6 Programming Software 6.2.0.11
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{F057D378-EDF5-4174-BE13-4FD51CEAC4C3}" = Saitek SD6 Programming Software 6.2.0.11
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F78D5B74-2B10-4D99-B0D5-13FE1A4E0AFE}" = Sony Ericsson PC Suite x64
"Lexmark 2300 Series" = Lexmark 2300 Series
"Lexmark Fax Solutions" = Faxové funkce Lexmark
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1E2FDD18-E514-4631-AF4A-0CC58FD93DCB}" = Quake Live Mozilla Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage II
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 2.1.6 Release Preview r2494
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0711.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{A20DF6AC-0300-45E2-8152-7D677E4E8CF5}" = HotFile AutoDownloader
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.3 - Czech
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{D8B984A0-0D46-4EA0-BC1B-0597A2823A5C}" = Frag Games
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"ALZip_is1" = ALZip
"BSPlayerf" = BS.Player FREE
"Cisco Packet Tracer_is1" = Cisco Packet Tracer 5.2.1
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EAX Unified" = EAX Unified
"Elasto Mania" = Elasto Mania
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISE" = Microsoft Office Enterprise 2007
"exent_603850" = FlatOut: Ultimate Carnage
"ffdshow_is1" = ffdshow v1.1.3439 [2010-05-14]
"FlashGet 2.0" = FlashGet 2.0
"Fraps" = Fraps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"GameParkClient_is1" = GamePark
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"Inkscape" = Inkscape 0.47
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InterBase" = InterBase 6.5
"Mafia Game" = Mafia Game
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Megavideo Video Downloader_is1" = Megavideo Video Downloader 3.15
"Metro 2033_is1" = Metro 2033
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Miranda pack by sssugi_is1" = Miranda pack by sssugi 2.3.1
"MKVtoolnix" = MKVtoolnix 2.8.0
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"ProfiCAD_is1" = ProfiCAD
"PunkBusterSvc" = PunkBuster Services
"QIP 2005_is1" = QIP 2005 8090
"Soldat_is1" = Soldat 1.5.0
"SpeedFan" = SpeedFan (remove only)
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SystemRequirementsLab" = System Requirements Lab
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Naposledy upravil(a) Teochi dne 22 črc 2010 15:41, celkem upraveno 1 x.
Re: Kontrola-problém s modrou smrtí
rozdělte ho do více příspěvků, většinou to bývá dost dlouhé 
, ale jak jsem psal, zkouknout to musí rudy, nebo nějakej jinej rádce, já na to nejsem oprávněn, hodně štěstí s odvířením, musím leťet pryčRe: Kontrola-problém s modrou smrtí
Dobrá omlouvám se. Já myslel, že to tak bude přehlednější než to dělit do dvou zpráv. A děkuji snad to vyřeší můj problém
OTL:
OTL logfile created on: 22.7.2010 16:01:50 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Jura\Desktop
64bit-Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16890)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 12,12 Gb Free Space | 24,81% Space Free | Partition Type: NTFS
Drive D: | 249,26 Gb Total Space | 22,37 Gb Free Space | 8,97% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JURA-PC
Current User Name: Jura
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.07.22 16:00:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
PRC - [2010.06.30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- D:\Junior\Opera_broswer\opera.exe
PRC - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.05.06 21:40:50 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.03.26 10:52:24 | 001,234,216 | ---- | M] (Nero AG) -- D:\Junior\Nero Multimedia\Nero BackItUp\NBAgent.exe
PRC - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010.01.31 00:27:38 | 000,141,061 | ---- | M] () -- D:\Junior\VLC media player\VLC\vlc.exe
PRC - [2009.09.24 07:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- D:\Junior\totalcmd\TOTALCMD.EXE
PRC - [2009.07.26 16:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009.03.15 12:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- D:\Junior\poweriso\PWRISOVM.EXE
PRC - [2009.03.09 17:49:18 | 000,037,888 | ---- | M] () -- D:\Junior\Winamp\winampa.exe
PRC - [2009.02.06 01:04:10 | 003,367,424 | ---- | M] (The Author of QIP) -- D:\Junior\qip\QIP\QIP\qip.exe
PRC - [2008.12.29 12:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd) -- D:\Junior\Daemon Tools\DAEMON Tools Lite\daemon.exe
PRC - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () -- D:\Junior\CD burner\CDBurnerXP\NMSAccessU.exe
PRC - [2008.07.11 19:00:06 | 000,080,392 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- D:\Junior\dock\RocketDock\RocketDock.exe
PRC - [2001.11.29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) -- D:\Junior\Delphi\Bin\ibserver.exe
PRC - [2001.11.29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) -- D:\Junior\Delphi\Bin\ibguard.exe
========== Modules (SafeList) ==========
MOD - [2010.07.22 16:00:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- D:\Junior\dock\RocketDock\RocketDock.dll
MOD - [2006.11.02 11:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2006.11.02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010.03.25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.09.26 12:51:00 | 000,371,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008.07.29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2006.11.02 17:03:11 | 000,232,960 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2006.11.02 17:03:10 | 000,196,096 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2006.11.02 17:03:03 | 000,570,368 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2005.07.25 21:58:12 | 000,451,584 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\lxcgcoms.exe -- (lxcg_device)
SRV - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.05.06 21:40:50 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Junior\CD burner\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.07.11 19:00:06 | 000,080,392 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2005.07.25 21:25:18 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\Windows\SysWow64\lxcgcoms.exe -- (lxcg_device)
SRV - [2002.12.17 17:23:30 | 000,066,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper)
SRV - [2001.11.29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) [On_Demand | Running] -- D:\Junior\Delphi\Bin\ibserver.exe -- (InterBaseServer)
SRV - [2001.11.29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) [Auto | Running] -- D:\Junior\Delphi\Bin\ibguard.exe -- (InterBaseGuardian)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010.03.29 14:11:42 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.03.29 14:11:42 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.09.13 15:08:00 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2008.02.14 08:56:14 | 000,160,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008.01.14 11:22:50 | 000,041,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2008.01.14 11:22:50 | 000,016,000 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2008.01.14 11:22:36 | 000,034,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiU0CEA.sys -- (SaiU0CEA)
DRV:64bit: - [2008.01.14 11:22:35 | 000,129,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiK0CEA.sys -- (SaiK0CEA)
DRV:64bit: - [2007.04.23 15:54:40 | 000,126,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007.04.23 15:54:40 | 000,123,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115obex.sys -- (s115obex)
DRV:64bit: - [2007.04.23 15:54:38 | 000,144,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007.04.23 15:54:36 | 000,019,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007.04.23 15:54:32 | 000,108,296 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV:64bit: - [2006.11.02 17:03:03 | 000,417,792 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2006.09.18 23:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010.07.22 15:13:43 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.03.10 21:02:00 | 000,055,328 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Frag Games\X5XSEx.sys -- (X5XSEx_Pr298)
DRV - [2007.02.07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2002.07.17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\Aspi32.sys -- (ASPI32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jura\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..browser.startup.homepage: "http://start.qip.ru"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: D:\Junior\Firefox\components [2010.07.19 12:35:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: D:\Junior\Firefox\plugins [2010.07.21 15:08:11 | 000,000,000 | ---D | M]
[2009.09.13 15:18:09 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Mozilla\Extensions
[2010.06.06 10:44:33 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\t9t4c9kk.default\extensions
[2009.09.27 22:17:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\t9t4c9kk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.10.06 20:36:25 | 000,002,061 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\t9t4c9kk.default\searchplugins\qipsearch.xml
O1 HOSTS File: ([2010.01.10 14:41:19 | 000,000,095 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - D:\Junior\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jura\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3:64bit: - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4:64bit: - HKLM..\Run: [LXCGCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCGtime.DLL ()
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] D:\Junior\Nero Multimedia\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PWRISOVM.EXE] D:\Junior\poweriso\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [WinampAgent] D:\Junior\Winamp\winampa.exe ()
O4 - HKU\.DEFAULT..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-18..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [DAEMON Tools Lite] D:\Junior\Daemon Tools\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [RocketDock] D:\Junior\dock\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: &Download All by FlashGet - D:\Junior\FlashGet universal\ComDlls\Bhoall.htm ()
O8:64bit: - Extra context menu item: &Download by FlashGet - D:\Junior\FlashGet universal\ComDlls\Bholink.htm ()
O8:64bit: - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Download All by FlashGet - D:\Junior\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - D:\Junior\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jura\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jura\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.04 23:26:33 | 000,000,000 | ---D | M] - D:\Autocad -- [ NTFS ]
O33 - MountPoints2\{a12cec99-3afd-11df-aae7-001fd098d930}\Shell - "" = AutoRun
O33 - MountPoints2\{a12cec99-3afd-11df-aae7-001fd098d930}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2010.07.22 16:00:33 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
[2010.07.21 20:03:14 | 000,000,000 | ---D | C] -- C:\Users\Jura\AppData\Roaming\Malwarebytes
[2010.07.21 20:02:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.07.21 20:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.21 20:02:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.07.21 20:02:30 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jura\Desktop\mbam-setup-1.46.exe
[2010.07.21 19:19:28 | 000,000,000 | ---D | C] -- C:\_OTM
[2010.07.21 18:27:50 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010.07.21 16:59:43 | 000,000,000 | ---D | C] -- C:\Users\Jura\Desktop\cats
[2010.07.21 14:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Frag Games
[2010.07.21 14:11:46 | 000,000,000 | ---D | C] -- C:\Remote Programs
[2010.07.21 14:11:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Frag Games
[2010.07.21 11:04:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2005.07.25 21:31:30 | 001,183,744 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgserv.dll
[2005.07.25 21:27:22 | 000,483,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcglmpm.dll
[2005.07.25 21:26:58 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcomm.dll
[2005.07.25 21:25:26 | 000,114,688 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgpplc.dll
[2005.07.25 21:24:46 | 000,704,512 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcomc.dll
[2005.07.25 21:24:14 | 000,155,648 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgprox.dll
[2005.07.25 21:19:36 | 001,134,592 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgusb1.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.07.22 16:05:05 | 002,621,440 | -HS- | M] () -- C:\Users\Jura\NTUSER.DAT
[2010.07.22 16:00:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
[2010.07.22 15:19:17 | 001,345,850 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.07.22 15:19:17 | 000,639,006 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.07.22 15:19:17 | 000,502,756 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.07.22 15:19:17 | 000,115,944 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.22 15:19:17 | 000,094,662 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.07.22 15:14:17 | 000,036,821 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.07.22 15:14:17 | 000,036,821 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.07.22 15:13:43 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010.07.22 15:13:35 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.22 15:13:35 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.22 15:13:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.22 15:13:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.22 15:13:21 | 390,191,148 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.07.22 11:41:49 | 002,292,687 | -H-- | M] () -- C:\Users\Jura\AppData\Local\IconCache.db
[2010.07.21 20:02:56 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.21 20:02:35 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jura\Desktop\mbam-setup-1.46.exe
[2010.07.21 15:08:11 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.21 14:11:52 | 000,001,776 | ---- | M] () -- C:\Users\Public\Desktop\Frag Games Player.lnk
[2010.07.21 14:11:48 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2010.07.18 18:09:50 | 000,056,832 | ---- | M] () -- C:\Users\Jura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.07.21 20:02:56 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.21 20:02:52 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010.07.21 17:49:45 | 390,191,148 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.07.21 15:08:11 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.21 14:11:52 | 000,001,776 | ---- | C] () -- C:\Users\Public\Desktop\Frag Games Player.lnk
[2010.07.21 14:11:48 | 000,124,030 | ---- | C] () -- C:\Windows\TMCZ.ico
[2010.07.21 14:11:48 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2010.05.15 17:25:50 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.28 19:22:10 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\sh33w32.dll
[2009.11.13 18:49:58 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.11.01 19:41:51 | 000,000,067 | ---- | C] () -- C:\Windows\AoADVDRipper.INI
[2009.09.17 17:36:31 | 001,320,552 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.09.13 13:28:47 | 000,002,846 | ---- | C] () -- C:\Windows\WINCMD.INI
[2009.09.12 14:55:05 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2006.11.02 14:20:47 | 000,055,858 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 14:18:05 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2005.08.09 06:58:34 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\lxcginsr.dll
[2005.08.09 06:58:08 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\lxcgjswr.dll
[2002.08.09 16:00:00 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\WSIHK32.DLL
[2002.08.09 16:00:00 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\WSIWIN32.DLL
........................................................................................................................................................................................
OTL:
OTL logfile created on: 22.7.2010 16:01:50 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Jura\Desktop
64bit-Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16890)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 12,12 Gb Free Space | 24,81% Space Free | Partition Type: NTFS
Drive D: | 249,26 Gb Total Space | 22,37 Gb Free Space | 8,97% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JURA-PC
Current User Name: Jura
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.07.22 16:00:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
PRC - [2010.06.30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- D:\Junior\Opera_broswer\opera.exe
PRC - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.05.06 21:40:50 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.03.26 10:52:24 | 001,234,216 | ---- | M] (Nero AG) -- D:\Junior\Nero Multimedia\Nero BackItUp\NBAgent.exe
PRC - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010.01.31 00:27:38 | 000,141,061 | ---- | M] () -- D:\Junior\VLC media player\VLC\vlc.exe
PRC - [2009.09.24 07:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- D:\Junior\totalcmd\TOTALCMD.EXE
PRC - [2009.07.26 16:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009.03.15 12:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- D:\Junior\poweriso\PWRISOVM.EXE
PRC - [2009.03.09 17:49:18 | 000,037,888 | ---- | M] () -- D:\Junior\Winamp\winampa.exe
PRC - [2009.02.06 01:04:10 | 003,367,424 | ---- | M] (The Author of QIP) -- D:\Junior\qip\QIP\QIP\qip.exe
PRC - [2008.12.29 12:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd) -- D:\Junior\Daemon Tools\DAEMON Tools Lite\daemon.exe
PRC - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () -- D:\Junior\CD burner\CDBurnerXP\NMSAccessU.exe
PRC - [2008.07.11 19:00:06 | 000,080,392 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- D:\Junior\dock\RocketDock\RocketDock.exe
PRC - [2001.11.29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) -- D:\Junior\Delphi\Bin\ibserver.exe
PRC - [2001.11.29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) -- D:\Junior\Delphi\Bin\ibguard.exe
========== Modules (SafeList) ==========
MOD - [2010.07.22 16:00:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- D:\Junior\dock\RocketDock\RocketDock.dll
MOD - [2006.11.02 11:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2006.11.02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010.03.25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.09.26 12:51:00 | 000,371,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008.07.29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2006.11.02 17:03:11 | 000,232,960 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2006.11.02 17:03:10 | 000,196,096 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2006.11.02 17:03:03 | 000,570,368 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2005.07.25 21:58:12 | 000,451,584 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\lxcgcoms.exe -- (lxcg_device)
SRV - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.05.06 21:40:50 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Junior\CD burner\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.07.11 19:00:06 | 000,080,392 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2005.07.25 21:25:18 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\Windows\SysWow64\lxcgcoms.exe -- (lxcg_device)
SRV - [2002.12.17 17:23:30 | 000,066,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper)
SRV - [2001.11.29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) [On_Demand | Running] -- D:\Junior\Delphi\Bin\ibserver.exe -- (InterBaseServer)
SRV - [2001.11.29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) [Auto | Running] -- D:\Junior\Delphi\Bin\ibguard.exe -- (InterBaseGuardian)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010.03.29 14:11:42 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.03.29 14:11:42 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.09.13 15:08:00 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2008.02.14 08:56:14 | 000,160,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008.01.14 11:22:50 | 000,041,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2008.01.14 11:22:50 | 000,016,000 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2008.01.14 11:22:36 | 000,034,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiU0CEA.sys -- (SaiU0CEA)
DRV:64bit: - [2008.01.14 11:22:35 | 000,129,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiK0CEA.sys -- (SaiK0CEA)
DRV:64bit: - [2007.04.23 15:54:40 | 000,126,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007.04.23 15:54:40 | 000,123,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115obex.sys -- (s115obex)
DRV:64bit: - [2007.04.23 15:54:38 | 000,144,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007.04.23 15:54:36 | 000,019,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007.04.23 15:54:32 | 000,108,296 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV:64bit: - [2006.11.02 17:03:03 | 000,417,792 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2006.09.18 23:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010.07.22 15:13:43 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.03.10 21:02:00 | 000,055,328 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Frag Games\X5XSEx.sys -- (X5XSEx_Pr298)
DRV - [2007.02.07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2002.07.17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\Aspi32.sys -- (ASPI32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jura\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-533346256-3732780939-570174114-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..browser.startup.homepage: "http://start.qip.ru"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: D:\Junior\Firefox\components [2010.07.19 12:35:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: D:\Junior\Firefox\plugins [2010.07.21 15:08:11 | 000,000,000 | ---D | M]
[2009.09.13 15:18:09 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Mozilla\Extensions
[2010.06.06 10:44:33 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\t9t4c9kk.default\extensions
[2009.09.27 22:17:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\t9t4c9kk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.10.06 20:36:25 | 000,002,061 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\t9t4c9kk.default\searchplugins\qipsearch.xml
O1 HOSTS File: ([2010.01.10 14:41:19 | 000,000,095 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - D:\Junior\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jura\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3:64bit: - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-533346256-3732780939-570174114-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4:64bit: - HKLM..\Run: [LXCGCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCGtime.DLL ()
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] D:\Junior\Nero Multimedia\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PWRISOVM.EXE] D:\Junior\poweriso\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [WinampAgent] D:\Junior\Winamp\winampa.exe ()
O4 - HKU\.DEFAULT..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-18..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [DAEMON Tools Lite] D:\Junior\Daemon Tools\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [Exetender] C:\Program Files (x86)\Frag Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [RocketDock] D:\Junior\dock\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-533346256-3732780939-570174114-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: &Download All by FlashGet - D:\Junior\FlashGet universal\ComDlls\Bhoall.htm ()
O8:64bit: - Extra context menu item: &Download by FlashGet - D:\Junior\FlashGet universal\ComDlls\Bholink.htm ()
O8:64bit: - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Download All by FlashGet - D:\Junior\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - D:\Junior\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jura\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jura\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.04 23:26:33 | 000,000,000 | ---D | M] - D:\Autocad -- [ NTFS ]
O33 - MountPoints2\{a12cec99-3afd-11df-aae7-001fd098d930}\Shell - "" = AutoRun
O33 - MountPoints2\{a12cec99-3afd-11df-aae7-001fd098d930}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2010.07.22 16:00:33 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
[2010.07.21 20:03:14 | 000,000,000 | ---D | C] -- C:\Users\Jura\AppData\Roaming\Malwarebytes
[2010.07.21 20:02:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.07.21 20:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.21 20:02:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.07.21 20:02:30 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jura\Desktop\mbam-setup-1.46.exe
[2010.07.21 19:19:28 | 000,000,000 | ---D | C] -- C:\_OTM
[2010.07.21 18:27:50 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010.07.21 16:59:43 | 000,000,000 | ---D | C] -- C:\Users\Jura\Desktop\cats
[2010.07.21 14:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Frag Games
[2010.07.21 14:11:46 | 000,000,000 | ---D | C] -- C:\Remote Programs
[2010.07.21 14:11:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Frag Games
[2010.07.21 11:04:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2005.07.25 21:31:30 | 001,183,744 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgserv.dll
[2005.07.25 21:27:22 | 000,483,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcglmpm.dll
[2005.07.25 21:26:58 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcomm.dll
[2005.07.25 21:25:26 | 000,114,688 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgpplc.dll
[2005.07.25 21:24:46 | 000,704,512 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcomc.dll
[2005.07.25 21:24:14 | 000,155,648 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgprox.dll
[2005.07.25 21:19:36 | 001,134,592 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgusb1.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.07.22 16:05:05 | 002,621,440 | -HS- | M] () -- C:\Users\Jura\NTUSER.DAT
[2010.07.22 16:00:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
[2010.07.22 15:19:17 | 001,345,850 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.07.22 15:19:17 | 000,639,006 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.07.22 15:19:17 | 000,502,756 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.07.22 15:19:17 | 000,115,944 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.22 15:19:17 | 000,094,662 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.07.22 15:14:17 | 000,036,821 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.07.22 15:14:17 | 000,036,821 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.07.22 15:13:43 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010.07.22 15:13:35 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.22 15:13:35 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.22 15:13:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.22 15:13:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.22 15:13:21 | 390,191,148 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.07.22 11:41:49 | 002,292,687 | -H-- | M] () -- C:\Users\Jura\AppData\Local\IconCache.db
[2010.07.21 20:02:56 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.21 20:02:35 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jura\Desktop\mbam-setup-1.46.exe
[2010.07.21 15:08:11 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.21 14:11:52 | 000,001,776 | ---- | M] () -- C:\Users\Public\Desktop\Frag Games Player.lnk
[2010.07.21 14:11:48 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2010.07.18 18:09:50 | 000,056,832 | ---- | M] () -- C:\Users\Jura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.07.21 20:02:56 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.21 20:02:52 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010.07.21 17:49:45 | 390,191,148 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.07.21 15:08:11 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.21 14:11:52 | 000,001,776 | ---- | C] () -- C:\Users\Public\Desktop\Frag Games Player.lnk
[2010.07.21 14:11:48 | 000,124,030 | ---- | C] () -- C:\Windows\TMCZ.ico
[2010.07.21 14:11:48 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2010.05.15 17:25:50 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.28 19:22:10 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\sh33w32.dll
[2009.11.13 18:49:58 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.11.01 19:41:51 | 000,000,067 | ---- | C] () -- C:\Windows\AoADVDRipper.INI
[2009.09.17 17:36:31 | 001,320,552 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.09.13 13:28:47 | 000,002,846 | ---- | C] () -- C:\Windows\WINCMD.INI
[2009.09.12 14:55:05 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2006.11.02 14:20:47 | 000,055,858 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 14:18:05 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2005.08.09 06:58:34 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\lxcginsr.dll
[2005.08.09 06:58:08 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\lxcgjswr.dll
[2002.08.09 16:00:00 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\WSIHK32.DLL
[2002.08.09 16:00:00 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\WSIWIN32.DLL
........................................................................................................................................................................................
Re: Kontrola-problém s modrou smrtí
........................................................................................................................................................................................
========== LOP Check ==========
[2009.09.28 17:29:50 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Aegisub
[2010.05.17 21:55:15 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Audacity
[2010.04.04 19:15:54 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Bioshock2
[2010.06.05 20:39:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BITS
[2009.09.26 17:50:45 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BSplayer
[2009.09.13 14:57:36 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BSplayer Pro
[2009.09.13 15:17:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Canneverbe_Limited
[2009.09.13 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools
[2009.09.16 16:47:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
[2009.09.13 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Pro
[2010.04.18 15:38:51 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\fltk.org
[2010.07.10 12:42:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GetRightToGo
[2010.05.05 19:32:16 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GHISLER
[2009.09.13 20:28:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\HighAndes
[2010.06.10 17:25:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\inkscape
[2010.04.15 18:55:28 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Leadertech
[2009.09.13 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Opera
[2009.11.19 20:23:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\ProfiCAD
[2010.05.17 18:25:56 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Publish Providers
[2010.04.20 17:24:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Soldat
[2010.05.18 18:41:03 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Sony
[2009.09.13 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Teleca
[2010.03.22 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TS3Client
[2009.09.26 21:39:26 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\URUWorks
[2010.06.11 15:17:57 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\DAEMON Tools
[2010.06.11 15:17:55 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\DAEMON Tools Lite
[2010.06.11 15:17:55 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\DAEMON Tools Pro
[2009.09.15 12:35:24 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\Opera
[2009.09.15 12:34:45 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\Teleca
[2010.06.06 19:49:59 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\DAEMON Tools
[2010.06.06 19:49:59 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\DAEMON Tools Lite
[2010.06.06 19:49:59 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\DAEMON Tools Pro
[2009.10.19 17:26:37 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\Opera
[2010.07.22 11:41:52 | 000,032,518 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "D:\Junior\dock\RocketDock\RocketDock.exe" -- [2007.09.02 14:58:52 | 000,495,616 | ---- | M] ()
"DAEMON Tools Lite" = "D:\Junior\Daemon Tools\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.12.29 12:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd)
"msnmsgr" = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background -- [2009.07.26 16:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation)
"Exetender" = "C:\Program Files (x86)\Frag Games\GPlayer.exe" /schedule 300000 -- [2010.05.17 09:54:00 | 002,113,536 | ---- | M] (Exent Technologies Ltd.)
"WMPNSCFG" = C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe -- File not found
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2010.06.19 19:28:23 | 000,000,286 | ---- | M] () -- C:\flv.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.07.10 11:47:15 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Adobe
[2009.09.28 17:29:50 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Aegisub
[2010.05.17 21:55:15 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Audacity
[2010.04.04 19:15:54 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Bioshock2
[2010.06.05 20:39:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BITS
[2009.09.26 17:50:45 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BSplayer
[2009.09.13 14:57:36 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BSplayer Pro
[2009.09.13 15:17:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Canneverbe_Limited
[2009.11.28 19:23:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Corel
[2009.09.13 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools
[2009.09.16 16:47:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
[2009.09.13 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Pro
[2010.05.01 11:33:54 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\dvdcss
[2009.09.13 16:47:33 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\ESTsoft
[2010.04.18 15:38:51 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\fltk.org
[2010.07.10 12:42:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GetRightToGo
[2010.05.05 19:32:16 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GHISLER
[2009.09.13 20:28:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\HighAndes
[2009.09.12 14:46:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Identities
[2010.06.10 17:25:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\inkscape
[2009.09.12 15:04:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\InstallShield
[2010.04.15 18:55:28 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Leadertech
[2009.09.12 15:14:18 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Macromedia
[2010.07.21 20:03:14 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Malwarebytes
[2009.10.06 20:42:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Media Player Classic
[2010.06.17 15:53:05 | 000,000,000 | --SD | M] -- C:\Users\Jura\AppData\Roaming\Microsoft
[2009.09.28 21:22:54 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Microsoft Games
[2009.09.13 15:18:09 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Mozilla
[2010.06.23 21:30:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Nero
[2010.06.18 15:53:07 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\NVIDIA
[2009.09.13 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Opera
[2009.11.19 20:23:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\ProfiCAD
[2010.05.17 18:25:56 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Publish Providers
[2009.09.13 13:29:10 | 000,000,000 | RH-D | M] -- C:\Users\Jura\AppData\Roaming\SecuROM
[2010.07.11 11:39:46 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Skype
[2010.07.11 11:39:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\skypePM
[2010.04.20 17:24:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Soldat
[2010.05.18 18:41:03 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Sony
[2009.09.13 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Sony Ericsson
[2009.09.13 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\SUPERAntiSpyware.com
[2009.09.13 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Teleca
[2010.03.22 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TS3Client
[2009.09.26 21:39:26 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\URUWorks
[2010.01.13 15:17:15 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Ventrilo
[2010.07.20 22:42:36 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\vlc
[2010.06.05 21:50:20 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Winamp
< %APPDATA%\*.exe /s >
[2002.08.29 17:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\MafiaSetup.exe
[2007.08.18 09:54:02 | 000,020,480 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 09:53:50 | 000,016,384 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 17:26:54 | 000,036,396 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\AC3 Filter\uninstall.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2009.12.25 01:18:53 | 000,029,926 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_18be6784.exe
[2009.12.25 01:18:53 | 000,029,422 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_294823.exe
[2010.01.12 19:22:04 | 000,005,120 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
[2010.07.13 10:14:42 | 000,094,334 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{A20DF6AC-0300-45E2-8152-7D677E4E8CF5}\_7821278E3179A951288E4F.exe
[2010.07.13 10:14:42 | 000,094,334 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{A20DF6AC-0300-45E2-8152-7D677E4E8CF5}\_BBA79F13A1F0618ED6C3E1.exe
[2010.07.13 10:14:42 | 000,094,334 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{A20DF6AC-0300-45E2-8152-7D677E4E8CF5}\_C9C2C62A5E0B9A4C5E1A62.exe
< MD5 for: ATAPI.SYS >
[2009.09.26 12:48:30 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=05001E1FACCE49DB895B8526B05C7302 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_37cb142cf6008bc1\atapi.sys
[2009.09.26 12:48:31 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=BB55C79E0595D8CFBE4A80A3C9EB77EA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2006.11.02 13:15:40 | 000,730,112 | ---- | M] (Microsoft Corporation) MD5=B56DB371DC4C6F791B2708EAA4814BB7 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_3bdbc6d17d338351\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\SysWOW64\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\SysWOW64\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\SysWOW64\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\SysWOW64\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2006.11.02 13:16:52 | 000,163,328 | ---- | M] (Microsoft Corporation) MD5=4B48CC76EBFE97314EA64C3BDA983623 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_cfe772ec5641ae4b\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009.09.26 13:17:18 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\SysWOW64\explorer.exe
[2009.09.26 13:17:18 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\SysWOW64\explorer.exe
[2009.09.26 13:17:18 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2009.09.26 13:17:17 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2009.09.26 13:17:18 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\explorer.exe
[2009.09.26 13:17:18 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2009.09.26 13:17:15 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2006.11.02 13:15:52 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=5D768BEB711FF67ADC8FAD4E2F6ABB02 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_ab9c809a352ecf21\explorer.exe
[2009.09.26 13:14:52 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_b61f6f46696c67ab\explorer.exe
[2009.09.26 13:17:17 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2009.09.26 13:14:51 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=819D88EC82C2C44B556DC32ED22044DE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_ac3dc19d4e3a6405\explorer.exe
[2009.09.26 13:17:16 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.09.26 13:14:51 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_b6926bef829b2600\explorer.exe
[2009.09.26 13:17:15 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2009.09.26 13:17:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2009.09.26 13:14:51 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=FCBF8AC1855EF986CDEC2387760F71C6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_abcac4f4350ba5b0\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_b5f12aec698f911c\explorer.exe
< MD5 for: HAL.DLL >
[2006.12.20 09:28:27 | 000,269,928 | ---- | M] (Microsoft Corporation) MD5=4E9E6AED40A89EAC984D3350314DE721 -- C:\Windows\SoftwareDistribution\Download\8fa0b026e83f4c57d16c5df6f1cb1630\amd64_hal.inf_31bf3856ad364e35_6.0.6000.20503_none_5de106e5dc413556\hal.dll
[2006.12.24 10:13:50 | 000,269,928 | ---- | M] (Microsoft Corporation) MD5=92081E91EA18B6060D059C23A800ABE4 -- C:\Windows\SoftwareDistribution\Download\8fa0b026e83f4c57d16c5df6f1cb1630\amd64_hal.inf_31bf3856ad364e35_6.0.6000.16407_none_5d5b6b42c31ffae8\hal.dll
< MD5 for: LSASS.EXE >
[2009.06.15 15:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2009.02.13 10:52:40 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\SoftwareDistribution\Download\b5b1b0e0fa054a813d4c3fb8c6b86f9e\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2008.01.19 10:00:20 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\SoftwareDistribution\Download\b5b1b0e0fa054a813d4c3fb8c6b86f9e\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2009.06.15 15:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2009.06.15 15:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009.02.13 07:14:46 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\SoftwareDistribution\Download\b5b1b0e0fa054a813d4c3fb8c6b86f9e\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2006.11.02 13:15:57 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=7B6AA93EEE1F354B3A4AC2ADE5EE334E -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_0032644a183d9898\lsass.exe
[2009.06.15 15:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009.02.13 09:46:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\SoftwareDistribution\Download\b5b1b0e0fa054a813d4c3fb8c6b86f9e\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009.06.15 15:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
< MD5 for: NDIS.SYS >
[2006.11.02 13:52:20 | 000,641,128 | ---- | M] (Microsoft Corporation) MD5=CCA69C9493A13AF86DCF0AE272AFBB72 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_01af054ed7816d7a\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\SysWOW64\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\SysWOW64\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_61f43b1d27cd0ab4\netlogon.dll
[2006.11.02 13:18:47 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=BFAB28B54DF41208CF3490FF26E53FD9 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_579f90caf36c48b9\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.11.02 13:19:09 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=32EF13F20B28966D29DE5EABE036431D -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_91f5bbe3948dcf74\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\SysWOW64\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\SysWOW64\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_9c4a6635c8ee916f\scecli.dll
< MD5 for: SMSS.EXE >
[2006.11.02 13:16:12 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=362C49C769D938B1FB6648D240BF5C76 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_06228184d4a4001c\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\SysWOW64\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\SysWOW64\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2006.11.02 13:16:13 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6B30067D55E10E4DEBDC842FB1911479 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_0fa33328c0c01e47\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.09.26 13:05:53 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2009.09.26 13:05:41 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2009.09.26 12:47:42 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=5833A92EDC82BA178E4915A8E81A1FC2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_bbaf54e84a9a7440\tcpip.sys
[2009.09.26 12:47:41 | 001,192,448 | ---- | M] (Microsoft Corporation) MD5=616E40EA154BECBB549A87790AA0D667 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_bc13807d63d4e92a\tcpip.sys
[2009.09.26 13:05:41 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2009.09.26 13:05:47 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2009.09.26 13:05:47 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.09.26 13:05:51 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2006.11.02 11:48:29 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=DB08D7CB8D64A07E4D59F8983CD13758 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_bb6d6f644acc0b1a\tcpip.sys
< MD5 for: USERINIT.EXE >
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\SysWOW64\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\SysWOW64\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 13:16:15 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=46D5B6B80E4A5997F508F938F96B7628 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_3610939d8d22586d\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.11.02 13:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\SysWOW64\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\SysWOW64\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\SysWOW64\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\SysWOW64\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2006.11.02 13:19:11 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_4c9f8a4a89c86626\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< End of report >
========== LOP Check ==========
[2009.09.28 17:29:50 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Aegisub
[2010.05.17 21:55:15 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Audacity
[2010.04.04 19:15:54 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Bioshock2
[2010.06.05 20:39:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BITS
[2009.09.26 17:50:45 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BSplayer
[2009.09.13 14:57:36 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BSplayer Pro
[2009.09.13 15:17:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Canneverbe_Limited
[2009.09.13 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools
[2009.09.16 16:47:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
[2009.09.13 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Pro
[2010.04.18 15:38:51 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\fltk.org
[2010.07.10 12:42:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GetRightToGo
[2010.05.05 19:32:16 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GHISLER
[2009.09.13 20:28:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\HighAndes
[2010.06.10 17:25:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\inkscape
[2010.04.15 18:55:28 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Leadertech
[2009.09.13 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Opera
[2009.11.19 20:23:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\ProfiCAD
[2010.05.17 18:25:56 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Publish Providers
[2010.04.20 17:24:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Soldat
[2010.05.18 18:41:03 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Sony
[2009.09.13 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Teleca
[2010.03.22 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TS3Client
[2009.09.26 21:39:26 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\URUWorks
[2010.06.11 15:17:57 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\DAEMON Tools
[2010.06.11 15:17:55 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\DAEMON Tools Lite
[2010.06.11 15:17:55 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\DAEMON Tools Pro
[2009.09.15 12:35:24 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\Opera
[2009.09.15 12:34:45 | 000,000,000 | ---D | M] -- C:\Users\mamka\AppData\Roaming\Teleca
[2010.06.06 19:49:59 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\DAEMON Tools
[2010.06.06 19:49:59 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\DAEMON Tools Lite
[2010.06.06 19:49:59 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\DAEMON Tools Pro
[2009.10.19 17:26:37 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\Opera
[2010.07.22 11:41:52 | 000,032,518 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "D:\Junior\dock\RocketDock\RocketDock.exe" -- [2007.09.02 14:58:52 | 000,495,616 | ---- | M] ()
"DAEMON Tools Lite" = "D:\Junior\Daemon Tools\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.12.29 12:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd)
"msnmsgr" = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background -- [2009.07.26 16:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation)
"Exetender" = "C:\Program Files (x86)\Frag Games\GPlayer.exe" /schedule 300000 -- [2010.05.17 09:54:00 | 002,113,536 | ---- | M] (Exent Technologies Ltd.)
"WMPNSCFG" = C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe -- File not found
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2010.06.19 19:28:23 | 000,000,286 | ---- | M] () -- C:\flv.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.07.10 11:47:15 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Adobe
[2009.09.28 17:29:50 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Aegisub
[2010.05.17 21:55:15 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Audacity
[2010.04.04 19:15:54 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Bioshock2
[2010.06.05 20:39:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BITS
[2009.09.26 17:50:45 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BSplayer
[2009.09.13 14:57:36 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BSplayer Pro
[2009.09.13 15:17:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Canneverbe_Limited
[2009.11.28 19:23:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Corel
[2009.09.13 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools
[2009.09.16 16:47:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
[2009.09.13 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Pro
[2010.05.01 11:33:54 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\dvdcss
[2009.09.13 16:47:33 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\ESTsoft
[2010.04.18 15:38:51 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\fltk.org
[2010.07.10 12:42:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GetRightToGo
[2010.05.05 19:32:16 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GHISLER
[2009.09.13 20:28:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\HighAndes
[2009.09.12 14:46:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Identities
[2010.06.10 17:25:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\inkscape
[2009.09.12 15:04:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\InstallShield
[2010.04.15 18:55:28 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Leadertech
[2009.09.12 15:14:18 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Macromedia
[2010.07.21 20:03:14 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Malwarebytes
[2009.10.06 20:42:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Media Player Classic
[2010.06.17 15:53:05 | 000,000,000 | --SD | M] -- C:\Users\Jura\AppData\Roaming\Microsoft
[2009.09.28 21:22:54 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Microsoft Games
[2009.09.13 15:18:09 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Mozilla
[2010.06.23 21:30:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Nero
[2010.06.18 15:53:07 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\NVIDIA
[2009.09.13 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Opera
[2009.11.19 20:23:25 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\ProfiCAD
[2010.05.17 18:25:56 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Publish Providers
[2009.09.13 13:29:10 | 000,000,000 | RH-D | M] -- C:\Users\Jura\AppData\Roaming\SecuROM
[2010.07.11 11:39:46 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Skype
[2010.07.11 11:39:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\skypePM
[2010.04.20 17:24:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Soldat
[2010.05.18 18:41:03 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Sony
[2009.09.13 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Sony Ericsson
[2009.09.13 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\SUPERAntiSpyware.com
[2009.09.13 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Teleca
[2010.03.22 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TS3Client
[2009.09.26 21:39:26 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\URUWorks
[2010.01.13 15:17:15 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Ventrilo
[2010.07.20 22:42:36 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\vlc
[2010.06.05 21:50:20 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Winamp
< %APPDATA%\*.exe /s >
[2002.08.29 17:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\MafiaSetup.exe
[2007.08.18 09:54:02 | 000,020,480 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 09:53:50 | 000,016,384 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 17:26:54 | 000,036,396 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\AC3 Filter\uninstall.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2009.12.25 01:18:53 | 000,029,926 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_18be6784.exe
[2009.12.25 01:18:53 | 000,029,422 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_294823.exe
[2010.01.12 19:22:04 | 000,005,120 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
[2010.07.13 10:14:42 | 000,094,334 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{A20DF6AC-0300-45E2-8152-7D677E4E8CF5}\_7821278E3179A951288E4F.exe
[2010.07.13 10:14:42 | 000,094,334 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{A20DF6AC-0300-45E2-8152-7D677E4E8CF5}\_BBA79F13A1F0618ED6C3E1.exe
[2010.07.13 10:14:42 | 000,094,334 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{A20DF6AC-0300-45E2-8152-7D677E4E8CF5}\_C9C2C62A5E0B9A4C5E1A62.exe
< MD5 for: ATAPI.SYS >
[2009.09.26 12:48:30 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=05001E1FACCE49DB895B8526B05C7302 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_37cb142cf6008bc1\atapi.sys
[2009.09.26 12:48:31 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=BB55C79E0595D8CFBE4A80A3C9EB77EA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2006.11.02 13:15:40 | 000,730,112 | ---- | M] (Microsoft Corporation) MD5=B56DB371DC4C6F791B2708EAA4814BB7 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_3bdbc6d17d338351\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\SysWOW64\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\SysWOW64\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\SysWOW64\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\SysWOW64\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2006.11.02 13:16:52 | 000,163,328 | ---- | M] (Microsoft Corporation) MD5=4B48CC76EBFE97314EA64C3BDA983623 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_cfe772ec5641ae4b\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009.09.26 13:17:18 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\SysWOW64\explorer.exe
[2009.09.26 13:17:18 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\SysWOW64\explorer.exe
[2009.09.26 13:17:18 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2009.09.26 13:17:17 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2009.09.26 13:17:18 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\explorer.exe
[2009.09.26 13:17:18 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2009.09.26 13:17:15 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2006.11.02 13:15:52 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=5D768BEB711FF67ADC8FAD4E2F6ABB02 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_ab9c809a352ecf21\explorer.exe
[2009.09.26 13:14:52 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_b61f6f46696c67ab\explorer.exe
[2009.09.26 13:17:17 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2009.09.26 13:14:51 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=819D88EC82C2C44B556DC32ED22044DE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_ac3dc19d4e3a6405\explorer.exe
[2009.09.26 13:17:16 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.09.26 13:14:51 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_b6926bef829b2600\explorer.exe
[2009.09.26 13:17:15 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2009.09.26 13:17:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2009.09.26 13:14:51 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=FCBF8AC1855EF986CDEC2387760F71C6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_abcac4f4350ba5b0\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_b5f12aec698f911c\explorer.exe
< MD5 for: HAL.DLL >
[2006.12.20 09:28:27 | 000,269,928 | ---- | M] (Microsoft Corporation) MD5=4E9E6AED40A89EAC984D3350314DE721 -- C:\Windows\SoftwareDistribution\Download\8fa0b026e83f4c57d16c5df6f1cb1630\amd64_hal.inf_31bf3856ad364e35_6.0.6000.20503_none_5de106e5dc413556\hal.dll
[2006.12.24 10:13:50 | 000,269,928 | ---- | M] (Microsoft Corporation) MD5=92081E91EA18B6060D059C23A800ABE4 -- C:\Windows\SoftwareDistribution\Download\8fa0b026e83f4c57d16c5df6f1cb1630\amd64_hal.inf_31bf3856ad364e35_6.0.6000.16407_none_5d5b6b42c31ffae8\hal.dll
< MD5 for: LSASS.EXE >
[2009.06.15 15:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2009.02.13 10:52:40 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\SoftwareDistribution\Download\b5b1b0e0fa054a813d4c3fb8c6b86f9e\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2008.01.19 10:00:20 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\SoftwareDistribution\Download\b5b1b0e0fa054a813d4c3fb8c6b86f9e\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2009.06.15 15:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2009.06.15 15:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009.02.13 07:14:46 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\SoftwareDistribution\Download\b5b1b0e0fa054a813d4c3fb8c6b86f9e\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2006.11.02 13:15:57 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=7B6AA93EEE1F354B3A4AC2ADE5EE334E -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_0032644a183d9898\lsass.exe
[2009.06.15 15:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009.02.13 09:46:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\SoftwareDistribution\Download\b5b1b0e0fa054a813d4c3fb8c6b86f9e\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009.06.15 15:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\SoftwareDistribution\Download\037b1eae88e0c2621af985ac6cbfa3b7\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
< MD5 for: NDIS.SYS >
[2006.11.02 13:52:20 | 000,641,128 | ---- | M] (Microsoft Corporation) MD5=CCA69C9493A13AF86DCF0AE272AFBB72 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_01af054ed7816d7a\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\SysWOW64\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\SysWOW64\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_61f43b1d27cd0ab4\netlogon.dll
[2006.11.02 13:18:47 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=BFAB28B54DF41208CF3490FF26E53FD9 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_579f90caf36c48b9\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.11.02 13:19:09 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=32EF13F20B28966D29DE5EABE036431D -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_91f5bbe3948dcf74\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\SysWOW64\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\SysWOW64\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_9c4a6635c8ee916f\scecli.dll
< MD5 for: SMSS.EXE >
[2006.11.02 13:16:12 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=362C49C769D938B1FB6648D240BF5C76 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_06228184d4a4001c\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\SysWOW64\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\SysWOW64\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2006.11.02 13:16:13 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6B30067D55E10E4DEBDC842FB1911479 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_0fa33328c0c01e47\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.09.26 13:05:53 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2009.09.26 13:05:41 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2009.09.26 12:47:42 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=5833A92EDC82BA178E4915A8E81A1FC2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_bbaf54e84a9a7440\tcpip.sys
[2009.09.26 12:47:41 | 001,192,448 | ---- | M] (Microsoft Corporation) MD5=616E40EA154BECBB549A87790AA0D667 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_bc13807d63d4e92a\tcpip.sys
[2009.09.26 13:05:41 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2009.09.26 13:05:47 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2009.09.26 13:05:47 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.09.26 13:05:51 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2006.11.02 11:48:29 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=DB08D7CB8D64A07E4D59F8983CD13758 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_bb6d6f644acc0b1a\tcpip.sys
< MD5 for: USERINIT.EXE >
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\SysWOW64\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\SysWOW64\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 13:16:15 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=46D5B6B80E4A5997F508F938F96B7628 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_3610939d8d22586d\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.11.02 13:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\SysWOW64\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\SysWOW64\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\SysWOW64\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\SysWOW64\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2006.11.02 13:19:11 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_4c9f8a4a89c86626\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola-problém s modrou smrtí
V PC nemáte nic nebezpečného. Z toho vyplývá, že virus problém nezpůsobuje. Zkuste provést obnovu systému k datu, před stažením toho souboru.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola-problém s modrou smrtí
Dobře děkuji Vám za čas, který jste strávil nad kontrolou mého PC. Vidím, že problém bude někde v klientu. Ještě jednou děkuji za kontrolu a přeji hezký den
a přeji hezký den -
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola-problém s modrou smrtí
Hezký den i vám a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?