VIRY.CZ

Kdyz se mi zapne pc a chci na plose kliknout na ikonu ktera je uplne dole ve sloupecku tak se mi zamodri vsechny a kdyz klikam do prazdna na plose tak to nemizi nebo kdyz najedu do slozky sjedu koleckem uplne dolu a kliknu na poslednu soubor tak se zamodri vsechny proste jako kdybych mel zmacknuty SHIFt....

Fajn, odzkoušejte, zda to dělá i v nouzovém režimu.

Ano dela to i v nouzovem rezimu. Ale jeste chci dodat ze kdyz mi to takhle blbne tak staci zapnout treba RSIt jen treba na tu tabulku continue exit a problem prestane zustanou treba jen to ze nejdou psat ty velka pismena.....

To je divné.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

OTL logfile created on: 9/1/2012 11:14:00 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Prochyn\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 2.79 Gb Available Physical Memory | 69.74% Memory free
8.00 Gb Paging File | 6.71 Gb Available in Paging File | 83.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142.84 Gb Total Space | 42.48 Gb Free Space | 29.74% Space Free | Partition Type: NTFS
Drive E: | 549.01 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 465.76 Gb Total Space | 26.90 Gb Free Space | 5.77% Space Free | Partition Type: NTFS

Computer Name: PROCHYN-PC | User Name: Prochyn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/01 11:13:04 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Prochyn\Desktop\OTL.exe
PRC - [2012/08/29 12:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/08/03 11:36:21 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
PRC - [2012/07/19 20:48:53 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/07/05 13:02:48 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/05/15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/03 11:36:21 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012/07/19 20:48:52 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/05/15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

========== Services (SafeList) ==========

SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/08/15 19:58:45 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 20:48:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/19 18:08:04 | 000,738,152 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/07/05 13:02:48 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/12 13:58:52 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/04/18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/09/16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2469519135-902021031-535114647-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-2469519135-902021031-535114647-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2469519135-902021031-535114647-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2469519135-902021031-535114647-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... ffe37e8d75
IE - HKU\S-1-5-21-2469519135-902021031-535114647-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.cz"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\bin1\npkalydo.dll (Eximion B.V.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 20:48:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/25 11:59:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 20:48:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/25 11:59:58 | 000,000,000 | ---D | M]

[2012/07/05 08:34:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Prochyn\AppData\Roaming\Mozilla\Extensions
[2012/08/07 09:16:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Prochyn\AppData\Roaming\Mozilla\Firefox\Profiles\6njvaud2.default\extensions
[2012/07/31 22:42:21 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Prochyn\AppData\Roaming\Mozilla\Firefox\Profiles\6njvaud2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/08/07 09:16:19 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Prochyn\AppData\Roaming\Mozilla\Firefox\Profiles\6njvaud2.default\extensions\ffxtlbr@babylon.com
[2012/07/05 08:34:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/19 20:48:53 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/08/07 09:15:47 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/07/19 20:48:50 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012/07/19 20:48:50 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/07/19 20:48:50 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012/07/19 20:48:50 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/07/19 20:48:50 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012/08/31 23:42:40 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe (Zemi Interactive Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-21-2469519135-902021031-535114647-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2469519135-902021031-535114647-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2469519135-902021031-535114647-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2469519135-902021031-535114647-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2469519135-902021031-535114647-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2469519135-902021031-535114647-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EF8658E-6D2B-4CC7-B86A-0E7A0A6652A4}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72FFE8A0-EB0B-4486-9274-FC43589950F7}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E37E8D75-A250-4034-A7AA-D578704E7BDA}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/10/27 23:44:05 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/09/01 11:13:02 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Prochyn\Desktop\OTL.exe
[2012/08/31 23:58:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/31 23:46:46 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/08/29 16:47:15 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\AppData\Roaming\Kalydo
[2012/08/29 16:38:49 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012/08/29 16:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/08/29 16:38:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/08/25 12:01:05 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\AppData\Local\Adobe
[2012/08/25 11:59:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/08/25 11:59:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/08/25 11:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/08/24 19:56:20 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\AppData\Local\LogMeIn Hamachi
[2012/08/24 14:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/08/24 13:58:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012/08/24 13:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012/08/24 13:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/08/24 13:57:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/08/24 13:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/08/24 13:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/08/24 13:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/08/24 13:54:49 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\AppData\Local\Microsoft Help
[2012/08/24 13:54:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/08/24 13:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/08/22 18:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Story_CZ
[2012/08/21 23:15:47 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\AppData\Roaming\.techniclauncher
[2012/08/21 23:15:31 | 000,052,736 | ---- | C] (Technic) -- C:\Users\Prochyn\Desktop\TechnicLauncher.exe
[2012/08/21 22:02:19 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\AppData\Roaming\.minecraft
[2012/08/21 14:55:29 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\Documents\GTA San Andreas User Files
[2012/08/21 13:07:10 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\AppData\Local\PMB Files
[2012/08/21 13:07:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012/08/21 13:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012/08/20 22:58:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/20 22:58:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/20 22:58:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/20 22:57:20 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/20 22:52:39 | 004,741,990 | R--- | C] (Swearware) -- C:\Users\Prochyn\Desktop\ComboFix.exe
[2012/08/20 20:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012/08/20 20:19:47 | 000,000,000 | ---D | C] -- C:\rsit
[2012/08/16 22:23:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012/08/14 13:53:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/08/14 13:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/08/12 21:26:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/08/12 21:25:28 | 000,000,000 | RH-D | C] -- C:\Users\Prochyn\AppData\Roaming\SecuROM
[2012/08/12 21:24:57 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012/08/12 21:23:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/08/12 21:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/08/07 09:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
[2012/08/07 09:09:31 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LucasArts
[2012/08/07 09:02:09 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts
[2012/08/05 22:23:49 | 000,000,000 | ---D | C] -- C:\Users\Prochyn\AppData\Roaming\vlc
[2012/08/05 22:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/08/05 22:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN

========== Files - Modified Within 30 Days ==========

[2012/09/01 11:15:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/09/01 11:13:04 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Prochyn\Desktop\OTL.exe
[2012/09/01 10:36:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/01 09:55:09 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/01 09:55:09 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/01 09:54:18 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/01 09:54:18 | 000,622,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012/09/01 09:54:18 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/01 09:54:18 | 000,118,810 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012/09/01 09:54:18 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/01 09:50:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/01 09:49:49 | 3220,672,512 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/01 09:48:47 | 000,417,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/31 23:42:40 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/31 23:32:35 | 004,741,990 | R--- | M] (Swearware) -- C:\Users\Prochyn\Desktop\ComboFix.exe
[2012/08/31 18:53:34 | 000,001,025 | ---- | M] () -- C:\Users\Prochyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/08/31 18:53:34 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/08/26 10:35:17 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/08/26 10:35:17 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/08/26 10:34:53 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/25 12:00:00 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/08/21 23:15:32 | 000,052,736 | ---- | M] (Technic) -- C:\Users\Prochyn\Desktop\TechnicLauncher.exe
[2012/08/21 22:02:08 | 000,263,186 | ---- | M] () -- C:\Users\Prochyn\Desktop\Minecraft.exe
[2012/08/21 21:49:47 | 000,000,714 | ---- | M] () -- C:\Users\Prochyn\Desktop\guerilla.png
[2012/08/19 21:23:13 | 000,007,605 | ---- | M] () -- C:\Users\Prochyn\AppData\Local\Resmon.ResmonCfg
[2012/08/15 19:58:44 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/15 19:58:44 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/14 13:53:02 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/12 21:24:57 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012/08/07 09:16:00 | 000,000,553 | ---- | M] () -- C:\user.js

========== Files Created - No Company Name ==========

[2012/09/01 11:15:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/08/31 18:53:34 | 000,001,001 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/08/25 11:59:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/08/25 11:59:59 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/08/21 21:49:46 | 000,000,714 | ---- | C] () -- C:\Users\Prochyn\Desktop\guerilla.png
[2012/08/20 22:58:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/20 22:58:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/20 22:58:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/20 22:58:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/20 22:58:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/19 21:23:13 | 000,007,605 | ---- | C] () -- C:\Users\Prochyn\AppData\Local\Resmon.ResmonCfg
[2012/08/16 13:20:22 | 000,263,186 | ---- | C] () -- C:\Users\Prochyn\Desktop\Minecraft.exe
[2012/08/14 13:53:02 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/08 21:16:47 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/07/05 09:26:34 | 000,282,296 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/07/05 09:26:32 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/07/05 09:26:31 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

========== LOP Check ==========

[2012/08/25 13:16:01 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\.minecraft
[2012/08/21 23:37:10 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\.techniclauncher
[2012/07/08 23:45:02 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Babylon
[2012/08/19 21:21:37 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\BitTorrent
[2012/08/31 19:19:35 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\DAEMON Tools Lite
[2012/07/31 22:42:57 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\DVDVideoSoft
[2012/07/31 22:42:20 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/08/29 16:47:15 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Kalydo
[2012/08/31 19:19:34 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\TS3Client
[2012/08/31 18:53:48 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Tunngle
[2012/07/13 13:25:46 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\wargaming.net
[2009/07/14 07:08:49 | 000,013,842 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012/04/17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012/07/13 13:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.)

< >

< MD5 for: AGP440.SYS >
[2008/04/14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/04/14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2008/04/14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008/04/14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\I386\AUTOCHK.EXE

< MD5 for: CDROM.SYS >
[2008/04/14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CHANGER.SYS >
[2008/04/14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:Changer.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009/07/14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2009/07/14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009/07/14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2009/07/14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\erdnt\cache86\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009/07/14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009/07/14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys

< MD5 for: HAL.DLL >
[2008/04/14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:hal.dll
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTOR.SYS >
[2009/02/11 11:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\SWTOOLS\DRIVERS\IMSM\IaStor.sys

< MD5 for: IASTORV.SYS >
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2008/04/14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\erdnt\cache64\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe

< MD5 for: NDIS.SYS >
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\erdnt\cache64\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\erdnt\cache64\netlogon.dll
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\erdnt\cache86\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NTFS.SYS >
[2009/07/14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\erdnt\cache64\ntfs.sys
[2009/07/14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\SysNative\drivers\ntfs.sys
[2009/07/14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
[2008/04/14 14:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\I386\NTFS.SYS
[2004/08/03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS

< MD5 for: NVRAID.SYS >
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\erdnt\cache86\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\erdnt\cache64\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2004/08/17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008/04/14 14:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\I386\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2009/07/14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\erdnt\cache64\spoolsv.exe
[2009/07/14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\SysNative\spoolsv.exe
[2009/07/14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\erdnt\cache64\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache86\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\erdnt\cache64\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\erdnt\cache64\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\erdnt\cache86\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009/07/14 03:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2009/07/14 03:41:56 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2009/07/13 19:04:32 | 000,003,584 | ---- | M] (Lexmark International Inc.) --
[2009/07/14 04:30:16 | 000,003,584 | ---- | M] (Lexmark International Inc.) --

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2009/06/10 23:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009/06/10 23:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2012/08/25 13:16:01 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\.minecraft
[2012/08/21 23:37:10 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\.techniclauncher
[2012/08/25 12:01:05 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Adobe
[2012/07/08 23:45:02 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Babylon
[2012/08/19 21:21:37 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\BitTorrent
[2012/08/31 19:19:35 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\DAEMON Tools Lite
[2012/07/31 22:42:57 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\DVDVideoSoft
[2012/07/31 22:42:20 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/07/05 00:45:09 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Identities
[2012/08/29 16:47:15 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Kalydo
[2012/07/05 08:41:08 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Macromedia
[2009/07/14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Media Center Programs
[2012/08/25 11:55:57 | 000,000,000 | --SD | M] -- C:\Users\Prochyn\AppData\Roaming\Microsoft
[2012/07/05 08:34:51 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Mozilla
[2012/07/05 14:46:04 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\NVIDIA
[2012/08/12 21:25:28 | 000,000,000 | RH-D | M] -- C:\Users\Prochyn\AppData\Roaming\SecuROM
[2012/09/01 11:19:33 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Skype
[2012/08/31 19:19:34 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\TS3Client
[2012/08/31 18:53:48 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\Tunngle
[2012/08/20 22:51:01 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\vlc
[2012/07/13 13:25:46 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\wargaming.net
[2012/07/05 15:14:26 | 000,000,000 | ---D | M] -- C:\Users\Prochyn\AppData\Roaming\WinRAR

< %APPDATA%\*.* >

< %APPDATA%\*.exe /s >
[2012/07/17 13:32:30 | 000,138,472 | ---- | M] (Eximion B.V.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\bin1\appinstall.exe
[2012/08/29 16:50:07 | 000,085,620 | ---- | M] (Eximion B.V.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\bin1\appuninstall.exe
[2012/07/17 13:32:28 | 000,362,432 | ---- | M] (Eximion B.V.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\bin1\kalELLaunch.exe
[2012/07/25 11:14:10 | 002,190,272 | ---- | M] (Eximion B.V.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\bin1\kalydoloader.exe
[2012/08/29 16:47:16 | 000,124,388 | ---- | M] (Eximion B.V.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\bin1\uninstall.exe
[2012/08/29 16:47:38 | 003,405,808 | ---- | M] (Zemi Interactive Inc.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\Bin\tclient.exe
[2011/11/21 09:25:00 | 000,779,088 | ---- | M] (AhnLab, Inc.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\ahnrpt.exe
[2011/10/14 02:58:00 | 000,113,344 | ---- | M] (AhnLab, Inc.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\hslogmgr.exe
[2012/03/09 12:05:00 | 000,159,072 | ---- | M] (AhnLab, Inc.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\hsupdate.exe
[2012/08/29 16:48:07 | 000,256,112 | ---- | M] (AhnLab, Inc.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\update\autoup.exe
[2012/08/29 16:48:07 | 000,779,088 | ---- | M] (AhnLab, Inc.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\ahnrpt.exe
[2012/08/29 16:48:07 | 000,113,344 | ---- | M] (AhnLab, Inc.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\hslogmgr.exe
[2012/08/29 16:48:07 | 000,159,072 | ---- | M] (AhnLab, Inc.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\hsupdate.exe
[2012/08/29 16:48:07 | 000,256,112 | ---- | M] (AhnLab, Inc.) -- C:\Users\Prochyn\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\update\autoup.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=C:\CMDCONS\BOOTSECT.DAT
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/09/01 11:15:20 | 000,000,512 | ---- | M] () MD5=DBC1199CF5604E6B27BC12F02B64CB77 -- C:\PhysicalMBR.bin

< End of report >

Extras:
OTL Extras logfile created on: 9/1/2012 11:14:00 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Prochyn\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 2.79 Gb Available Physical Memory | 69.74% Memory free
8.00 Gb Paging File | 6.71 Gb Available in Paging File | 83.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142.84 Gb Total Space | 42.48 Gb Free Space | 29.74% Space Free | Partition Type: NTFS
Drive E: | 549.01 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 465.76 Gb Total Space | 26.90 Gb Free Space | 5.77% Space Free | Partition Type: NTFS

Computer Name: PROCHYN-PC | User Name: Prochyn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2469519135-902021031-535114647-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A36A350-C18C-422C-81DA-A1FFD36E218D}" = lport=59034 | protocol=6 | dir=in | name=pando media booster |
"{AC3D52AA-C6DD-4162-A3EC-48BBABF5ED25}" = lport=59034 | protocol=6 | dir=in | name=pando media booster |
"{BC3D134C-DA04-4BEC-A9E7-93C8C90E0583}" = lport=59034 | protocol=17 | dir=in | name=pando media booster |
"{C047C8DB-A285-49AE-B9F9-4AE8A1E259A6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{E7B07746-6532-4AD9-9705-3830891855EA}" = lport=59034 | protocol=17 | dir=in | name=pando media booster |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009A9090-FB31-4378-8980-9B77B1DBBB71}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{02E1AAD1-0DA3-4D90-9FA3-D1DD805C0DC7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1EF7E17B-38D0-438D-B12B-52EDAC035232}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{3C3225CB-1B31-4E02-9A4C-9D458076428A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4BB82B6A-E254-4A75-8F7D-A0BA65C10F0F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{53B9BF8E-D350-4992-BDC6-9A87A4269DFB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{53FC3F5E-B2FB-4ECF-B204-02829C5E3B10}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{54E53A5F-8A52-4DC2-B857-C14086B7B6D0}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7D16A0A4-B5DF-44B7-AEBF-4BB4C07C3158}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{89314C2C-5FCF-44E5-B2F0-A2CAD44D6DBA}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{95BAC3AC-06F9-4D57-8307-3FD912BE2CAF}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{B616B7F9-BBB9-4B06-8880-9263B2608139}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CC583898-212B-4DEB-920B-F9857EEB12C8}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CD2236CF-42CE-48F8-A280-0BFEA2B5049B}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{D069CA04-4494-47DC-953E-77B05FE494BA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D88F517A-5623-42A7-914A-E2C679A0D48A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E202BBBF-8643-4D1F-AEC7-9C3C6818FFF3}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{E9650355-F940-445C-A806-4E0C843A6AF4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{EB41AC3F-4CFD-4E16-80F3-327EE17ABBD3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EECED4D2-E773-47E7-9AD8-E9726FF70A3F}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{F909A546-92CD-4422-9CA6-0B9677ED596E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FAE905F1-A74B-40FE-8CB8-BF4BDF22C955}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"TCP Query User{086AA3E4-CD00-4A14-A58C-E83F945A73ED}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{28A772A2-CA9F-4D8F-990D-3D13B5CCC3EC}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{409F4CB7-2684-4E2F-9640-47E9C197D5C3}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{46E0C7C6-C02D-4528-ABC0-DFD250D29B1E}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{47BD4D27-6BF2-43F9-B3CA-150467F0A299}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{542807A2-B4D8-42F1-B55E-86822A2EAAAE}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6 non-steam\hl.exe |
"TCP Query User{BBFE45FE-6190-40E8-A116-8B89D261968E}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{D758A339-28EF-4E3A-BB1E-9F9DB4794A29}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{F1EFA4D7-3777-4D05-AE5C-7E5F8F2928E9}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"TCP Query User{F3C7CA51-B26E-4948-BC83-C4132BEA85E2}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{38F128E9-1629-4534-BCBD-20A7A958B811}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{47252D84-8AD0-474D-8C4B-31539005F9E2}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{47DD7B5E-69EE-4D10-92DD-62077CA86A32}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{48303B88-DFE4-46E4-981C-E9CA376E6E0B}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{54035AA3-D1E3-47F4-932E-891298497037}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{6F6D4CED-D170-4DFB-B621-07A9D7CE6194}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{93B0F3CC-7A57-4D43-BD2C-8D9D5731E4CC}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6 non-steam\hl.exe |
"UDP Query User{C97F5807-2A9B-4365-BCA9-0495102A3A56}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E0358315-265C-49D1-8C71-7FCEE85C53F7}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"UDP Query User{E6826D0B-DD90-43D0-815E-C2184DCAEDD3}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"CCleaner" = CCleaner
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.4
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars®: Knights of the Old Republic (TM)
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E0303B6A-C675-4102-95DA-C013625BFA99}" = GTA San Andreas
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"4Story_CZ_is1" = 4Story CZ 3.9.78
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitTorrent" = BitTorrent
"Counter-Strike 1.6 Non-Steam 1.0" = Counter-Strike 1.6 Non-Steam 1.0
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Studio_is1" = Free Studio version 5.6.3.706
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"Tunngle beta_is1" = Tunngle beta
"VLC media player" = VLC media player 2.0.3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2469519135-902021031-535114647-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Kalydo App 4Story" = 4Story
"KalydoPlayer" = Kalydo Player 4.07.02

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/16/2012 4:44:49 AM | Computer Name = Prochyn-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: worldoftanks.exe, verze: 0.7.4.0, časové
razítko: 0x4fce070c Název chybujícího modulu: worldoftanks.exe, verze: 0.7.4.0,
časové razítko: 0x4fce070c Kód výjimky: 0xc0000005 Posun chyby: 0x001f8a8f ID chybujícího
procesu: 0xa24 Čas spuštění chybující aplikace: 0x01cd6322eeeca872 Cesta k chybující
aplikaci: C:\Games\World_of_Tanks\worldoftanks.exe Cesta k chybujícímu modulu: C:\Games\World_of_Tanks\worldoftanks.exe
ID
zprávy: 801560da-cf22-11e1-a3b5-00248c4c098d

Error - 7/17/2012 12:23:54 PM | Computer Name = Prochyn-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: bf3.exe, verze: 1.0.0.0, časové razítko:
0x4e9d3315 Název chybujícího modulu: bf3.exe, verze: 1.0.0.0, časové razítko: 0x4e9d3315
Kód
výjimky: 0xc0000005 Posun chyby: 0x0000ab3d ID chybujícího procesu: 0xcf0 Čas spuštění
chybující aplikace: 0x01cd64388c812a0c Cesta k chybující aplikaci: C:\Program Files
(x86)\Battlefield 3™\bf3.exe Cesta k chybujícímu modulu: C:\Program Files (x86)\Battlefield
3™\bf3.exe ID zprávy: ccf70127-d02b-11e1-a3b5-00248c4c098d

Error - 7/18/2012 5:57:47 AM | Computer Name = Prochyn-PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 13.0.1.4548 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
994 Čas spuštění: 01cd64cbadef2ef3 Čas ukončení: 99 Cesta k aplikaci: C:\Program Files
(x86)\Mozilla Firefox\firefox.exe ID hlášení: 039698b0-d0bf-11e1-b41b-00248c4c098d

Error - 7/22/2012 3:24:09 PM | Computer Name = Prochyn-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: FlashPlayerPlugin_11_3_300_265.exe, verze:
11.3.300.265, časové razítko: 0x4febd5ac Název chybujícího modulu: NPSWF32_11_3_300_265.dll,
verze: 11.3.300.265, časové razítko: 0x4febd798 Kód výjimky: 0xc0000005 Posun chyby:
0x004923d1 ID chybujícího procesu: 0xcb4 Čas spuštění chybující aplikace: 0x01cd682f686c01e9
Cesta
k chybující aplikaci: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Cesta
k chybujícímu modulu: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
ID
zprávy: cecb5b11-d432-11e1-ae97-00248c4c098d

Error - 8/7/2012 3:13:00 AM | Computer Name = Prochyn-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: swkotor.exe, verze: 1.0.0.0, časové razítko:
0x00000000 Název chybujícího modulu: swkotor.exe, verze: 1.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x00000110 ID chybujícího procesu:
0x744 Čas spuštění chybující aplikace: 0x01cd746c132397ce Cesta k chybující aplikaci:
C:\Program Files\LucasArts\SWKotOR\swkotor.exe Cesta k chybujícímu modulu: C:\Program
Files\LucasArts\SWKotOR\swkotor.exe ID zprávy: 5190f225-e05f-11e1-abcd-00248c4c098d

Error - 8/7/2012 3:13:11 AM | Computer Name = Prochyn-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: swkotor.exe, verze: 1.0.0.0, časové razítko:
0x00000000 Název chybujícího modulu: swkotor.exe, verze: 1.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x00000110 ID chybujícího procesu:
0xe48 Čas spuštění chybující aplikace: 0x01cd746c1a583365 Cesta k chybující aplikaci:
C:\Program Files\LucasArts\SWKotOR\swkotor.exe Cesta k chybujícímu modulu: C:\Program
Files\LucasArts\SWKotOR\swkotor.exe ID zprávy: 5821cbc9-e05f-11e1-abcd-00248c4c098d

Error - 8/7/2012 3:26:22 PM | Computer Name = Prochyn-PC | Source = Application Hang | ID = 1002
Description = Program swkotor.exe verze 1.0.3.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
ac4 Čas spuštění: 01cd74d261e450c2 Čas ukončení: 40 Cesta k aplikaci: C:\Program Files\LucasArts\SWKotOR\swkotor.exe

ID
hlášení:

Error - 8/19/2012 9:46:54 AM | Computer Name = Prochyn-PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 14.0.1.4577 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
d5c Čas spuštění: 01cd7dfc4b059d2b Čas ukončení: 172 Cesta k aplikaci: C:\Program
Files (x86)\Mozilla Firefox\firefox.exe ID hlášení: 45c55345-ea04-11e1-8812-00248c4c098d

Error - 8/21/2012 8:57:22 AM | Computer Name = Prochyn-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x0000000a ID chybujícího procesu: 0x15b0 Čas spuštění
chybující aplikace: 0x01cd7f9c79b5a5b1 Cesta k chybující aplikaci: C:\Program Files
(x86)\Rockstar Games\GTA San Andreas\gta_sa.exe Cesta k chybujícímu modulu: unknown
ID
zprávy: bebe6bb8-eb8f-11e1-a45b-00248c4c098d

Error - 8/21/2012 2:01:53 PM | Computer Name = Prochyn-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: FlashPlayerPlugin_11_3_300_270.exe, verze:
11.3.300.270, časové razítko: 0x50198027 Název chybujícího modulu: MMDevAPI.DLL,
verze: 6.1.7600.16385, časové razítko: 0x4a5bda29 Kód výjimky: 0xc0000005 Posun chyby:
0x00018c7d ID chybujícího procesu: 0x1548 Čas spuštění chybující aplikace: 0x01cd7fb8e4e625eb
Cesta
k chybující aplikaci: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
Cesta
k chybujícímu modulu: C:\Windows\system32\MMDevAPI.DLL ID zprávy: 4917765a-ebba-11e1-a45b-00248c4c098d

[ System Events ]
Error - 9/1/2012 3:48:58 AM | Computer Name = Prochyn-PC | Source = DCOM | ID = 10005
Description =

Error - 9/1/2012 3:48:58 AM | Computer Name = Prochyn-PC | Source = DCOM | ID = 10005
Description =

Error - 9/1/2012 3:48:58 AM | Computer Name = Prochyn-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 9/1/2012 3:48:58 AM | Computer Name = Prochyn-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 9/1/2012 3:48:59 AM | Computer Name = Prochyn-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 9/1/2012 3:48:59 AM | Computer Name = Prochyn-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 9/1/2012 3:48:59 AM | Computer Name = Prochyn-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 9/1/2012 3:48:59 AM | Computer Name = Prochyn-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 9/1/2012 3:48:59 AM | Computer Name = Prochyn-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 9/1/2012 3:48:59 AM | Computer Name = Prochyn-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

< End of report >

melo by to byt takhle....

To je stolní pc nebo notebook? Pokud stolní, jakou máte klávesnici? Máte možnost odzkoušet jinou? Nebo i myš?

Tuto složku znáte?
C:\Users\Prochyn\AppData\Roaming\Kalydo

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2469519135-902021031-535114647-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2469519135-902021031-535114647-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111434&tt=3212_5&babsrc=SP_ss&mntrId=24e1a91400000000000000ffe37e8d75
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

mam notebook...
Log
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2469519135-902021031-535114647-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2469519135-902021031-535114647-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Prochyn
->Temp folder emptied: 11323935 bytes
->Temporary Internet Files folder emptied: 5318000 bytes
->FireFox cache emptied: 610738092 bytes
->Flash cache emptied: 1523 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 598.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Prochyn
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.59.1 log created on 09022012_042028

Files\Folders moved on Reboot...
C:\Users\Prochyn\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

A používáte myš?
Teď to vypadá jak?

Mam klavesnici v notasu mam lenovo sl500 mam tam k tomu touch pad a takovyto cerveny kolecko uprostred klavesnice ale tyhle dve veci nepouzivam a mam k tomu normalne pripojenou mys koupenou z Tesca....dratovou...a porad nic a tu slozku neznam...

Kdyz sem sem dal ten predchozi prispevek tak sem mylel ze to nejde protoze vecer sem musel zase zapnout RSIT na tabulku abych potlacil ty problemy a dalo se neco na tom PC delat....nechal sem pc pusteny pres vecer a ted rano jak sem napsal prispevek sem skusil pocitac vypnout a zapnout a ejhle vse bezi jak ma uz jdou psat i velka pismena ale jeste k te klavesnici .... od Lenova tam mam takovy ty tlacitka okolo a nejaky tlacitka k Fn...a nemam k nim ovladace skousel sem nejake nainstalovat ze stranky ale nejak mi nesly vsechny a nikdy mi nesly ty na ovladani zvuku nakraji...a tak sem ovladace jednoduse odinstaloval....muze byt problem i v tom ze no spis je to podle me nejpravdepobonejsi ale chtel bych se zeptat jeste kdyz sem zapinal pomoci F8 tak kdyz ted zapinam PC tak je tam takova tabulka mam tam na vyber ze 3moznosti a kdyz neodkliknu na Windows7 entrem tak musim 30sec pockat nez se to da automaticky , neda se to nejak oddelat ? jinak ty ovladace na ten zvuk byly nejak ATK Hotkey nebo tak ale zaboha sem je nemohl rozchodit........

tak a je to tu znovu ....

Mozna tu vypadam jak blbec ale nainstaloval jsem z lenovo stranky nejakej ultranav driver ktery byl v kategorii keyboards and mouse a pc se resetovalo a vse jede jak ma xD nwm jestli si ze mne pocitac nedela srandu nebo neco ....vyplati se nainstalovat vsechny ovladace ? Nebo je to zbytecne svineni a spomalovani PC ?

Já nemám notebook, ale raději ty ovladače mějte nainstalované.
Momentálně je s pc nějaký problém?

VIRY.CZ

Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....

Re: Zvlastni vir....