dobry den,
mam problem s pc, porad pada,je pomale a programy neodpovidaji...krom toho take nereaguje na zmeny....když neco odinstaluji stale to tam mam i po restartu, když prepišu nejaky soubor neco de nej pridam tak zmenu programy nereflektuji....
RSIt vytvorilo tytto dva soubory.....
info.txt logfile of random's system information tool 1.09 2011-10-30 10:28:54
======Uninstall list======
-->"C:\Program Files (x86)\Acer Games\Game Explorer Categories - main\Uninstall.exe"
-->"C:\Program Files (x86)\InstallShield Installation Information\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
Acer Backup Manager-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409
Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer ePower Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x405 -removeonly
Acer eRecovery Management-->"C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x405 -removeonly
Acer Games-->"C:\Program Files (x86)\Acer Games\Uninstall.exe"
Acer Registration-->C:\Program Files (x86)\Acer\Registration\Uninstall.exe
Acer ScreenSaver-->C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe
Acer Updater-->"C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x405 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe -maintain activex
Adobe Reader X (10.1.1) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Agatha Christie - Death on the Nile-->"C:\Program Files (x86)\Acer Games\Agatha Christie - Death on the Nile\uninstall\uninstaller.exe"
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Backup Manager Basic-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409
BatteryBar (remove only)-->"C:\Program Files\BatteryBar\Uninstall.exe"
Bejeweled 2 Deluxe-->"C:\Program Files (x86)\Acer Games\Bejeweled 2 Deluxe\uninstall\uninstaller.exe"
Bing Bar-->MsiExec.exe /X{C28D96C0-6A90-459E-A077-A6706F4EC0FC}
Broadcom Gigabit NetLink Controller-->MsiExec.exe /X{A84DB02B-9C2B-4272-9D2D-A80E00A56513}
Call of Duty Modern Warfare 2-->"C:\Program Files (x86)\Activision\Modern Warfare 2\unins000.exe"
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops-->"C:\Program Files (x86)\Activision\Call of Duty - Black Ops\unins000.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Corsair Addon-->C:\Program Files (x86)\Corsair Addon\uninstall.exe
Crazy Chicken Kart 2-->"C:\Program Files (x86)\Acer Games\Crazy Chicken Kart 2\uninstall\uninstaller.exe"
CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall
CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
ETDWare PS/2-x64 7.0.6.5_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
FATE-->"C:\Program Files (x86)\Acer Games\FATE\uninstall\uninstaller.exe"
Final Drive: Nitro-->"C:\Program Files (x86)\Acer Games\Final Drive Nitro\uninstall\uninstaller.exe"
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
Galeria de Fotografias do Windows Live-->MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}
Galería fotográfica de Windows Live-->MsiExec.exe /X{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}
Galeria fotogràfica del Windows Live-->MsiExec.exe /X{4736B0ED-F6A1-48EC-A1B7-C053027648F1}
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
GamePark-->"C:\Program Files (x86)\GamePark\unins000.exe"
Garena Classic 2011-->C:\Program Files (x86)\Garena Classic\uninst.exe
Harry Potter and the Deathly Hallows(TM) - Part 2 Demo-->MsiExec.exe /X{8D8E696E-916E-49CE-B2EE-C2346A6FE949}
Chuzzle Deluxe-->"C:\Program Files (x86)\Acer Games\Chuzzle Deluxe\uninstall\uninstaller.exe"
Identity Card-->C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe
Insaniquarium Deluxe-->"C:\Program Files (x86)\Acer Games\Insaniquarium Deluxe\uninstall\uninstaller.exe"
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Jewel Match 3-->"C:\Program Files (x86)\Acer Games\Jewel Match 3\uninstall\uninstaller.exe"
Jewel Quest Solitaire-->"C:\Program Files (x86)\Acer Games\Jewel Quest Solitaire\uninstall\uninstaller.exe"
John Deere Drive Green-->"C:\Program Files (x86)\Acer Games\John Deere Drive Green\uninstall\uninstaller.exe"
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Klikni a spusť 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Klikni a spusť 2010-->MsiExec.exe /I{90140000-006D-0405-1000-0000000FF1CE}
Microsoft Office Starter 2010 - čeština-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Mystery of Mortlake Mansion-->"C:\Program Files (x86)\Acer Games\Mystery of Mortlake Mansion\uninstall\uninstaller.exe"
MyWinLocker 4-->MsiExec.exe /X{39F15B50-A977-4CA6-B1C3-6A8724CDA025}
MyWinLocker Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\setup.exe" -runfromtemp -l0x0405 -removeonly
MyWinLocker Suite-->MsiExec.exe /X{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
MyWinLocker-->MsiExec.exe /I{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
newsXpresso-->"C:\Program Files (x86)\InstallShield Installation Information\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\setup.exe" -runfromtemp -l0x0409 -removeonly
newsXpresso-->MsiExec.exe /X{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}
Nitro PDF Professional-->MsiExec.exe /X{B734F624-8B49-42F9-BB0E-7B2132CEB813}
NTI Media Maker 9-->C:\Program Files (x86)\InstallShield Installation Information\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}\setup.exe -runfromtemp -l0x0409
NVIDIA Graphics Driver 268.00-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
OpenOffice.org 3.2-->MsiExec.exe /I{FAB43061-FEFB-46E8-A159-96710395DB5E}
Penguins!-->"C:\Program Files (x86)\Acer Games\Penguins!\uninstall\uninstaller.exe"
Plants vs. Zombies - Game of the Year-->"C:\Program Files (x86)\Acer Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Polar Bowler-->"C:\Program Files (x86)\Acer Games\Polar Bowler\uninstall\uninstaller.exe"
Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
Raccolta foto di Windows Live-->MsiExec.exe /X{ED16B700-D91F-44B0-867C-7EB5253CA38D}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Shredder-->MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Slingo Deluxe-->"C:\Program Files (x86)\Acer Games\Slingo Deluxe\uninstall\uninstaller.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Torchlight-->"C:\Program Files (x86)\Acer Games\Torchlight\uninstall\uninstaller.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
Virtual Villagers 4 - The Tree of Life-->"C:\Program Files (x86)\Acer Games\Virtual Villagers 4 - The Tree of Life\uninstall\uninstaller.exe"
Wedding Dash-->"C:\Program Files (x86)\Acer Games\Wedding Dash\uninstall\uninstaller.exe"
Welcome Center-->C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe
WildTangent Games App (Acer Games)-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\acer\Uninstall.exe"
Windows Live Argazki Galeria-->MsiExec.exe /X{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{06B05153-97E4-427E-B1A8-E098F6C5E52F}
Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials-->MsiExec.exe /I{17F99FCE-8F03-4439-860A-25C5A5434E18}
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live Essentials-->MsiExec.exe /I{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{43B43577-2514-4CE0-B14A-7E85C17C0453}
Windows Live Essentials-->MsiExec.exe /I{4A04DB63-8F81-4EF4-9D09-61A2057EF419}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}
Windows Live Essentials-->MsiExec.exe /I{7D99B933-E29C-4599-92F0-DAED2AF041E3}
Windows Live Essentials-->MsiExec.exe /I{827D3E4A-0186-48B7-9801-7D1E9DD40C07}
Windows Live Essentials-->MsiExec.exe /I{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}
Windows Live Essentials-->MsiExec.exe /I{ABD534B7-E951-470E-92C2-CD5AF1735726}
Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials-->MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}
Windows Live Essentials-->MsiExec.exe /I{F0F9505B-3ACF-4158-9311-D0285136AA00}
Windows Live Essentials-->MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Fotogalleri-->MsiExec.exe /X{5C2F5C1B-9732-4F81-8FBF-6711627DC508}
Windows Live Fotoğraf Galerisi-->MsiExec.exe /X{BD695C2F-3EA0-4DA4-92D5-154072468721}
Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Galeria de Fotos-->MsiExec.exe /X{F7A46527-DF1F-4B0F-9637-98547E189442}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{D07A61E5-A59C-433C-BCBD-22025FA2287B}
Windows Live Mail-->MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11}
Windows Live Mail-->MsiExec.exe /I{10186F1A-6A14-43DF-A404-F0105D09BB07}
Windows Live Mail-->MsiExec.exe /I{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}
Windows Live Mail-->MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}
Windows Live Mail-->MsiExec.exe /I{48F597DD-D397-4CFA-91A0-4C033A0113BD}
Windows Live Mail-->MsiExec.exe /I{63CF7D0C-B6E7-4EE9-8253-816B613CC437}
Windows Live Mail-->MsiExec.exe /I{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}
Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail-->MsiExec.exe /I{924B4D82-1B97-48EB-8F1E-55C4353C22DB}
Windows Live Mail-->MsiExec.exe /I{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{9DA3F03B-2CEE-4344-838E-117861E61FAF}
Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
Windows Live Mail-->MsiExec.exe /I{A0B91308-6666-4249-8FF6-1E11AFD75FE1}
Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail-->MsiExec.exe /I{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}
Windows Live Mail-->MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail-->MsiExec.exe /I{D31169F2-CD71-4337-B783-3E53F29F4CAD}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mail-->MsiExec.exe /I{DBAA2B17-D596-4195-A169-BA2166B0D69B}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh-->MsiExec.exe /I{00884F14-05BD-4D8E-90E5-1ABF78948CA4}
Windows Live Mesh-->MsiExec.exe /I{039480EE-6933-4845-88B8-77FD0C3D059D}
Windows Live Mesh-->MsiExec.exe /I{110668B7-54C6-47C9-BAC4-1CE77F156AF5}
Windows Live Mesh-->MsiExec.exe /I{11417707-1F72-4279-95A3-01E0B898BBF5}
Windows Live Mesh-->MsiExec.exe /I{2C865FB0-051E-4D22-AC62-428E035AEAF0}
Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh-->MsiExec.exe /I{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}
Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh-->MsiExec.exe /I{46872828-6453-4138-BE1C-CE35FBF67978}
Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh-->MsiExec.exe /I{625D45F0-5DCB-48BF-8770-C240A84DAAEB}
Windows Live Mesh-->MsiExec.exe /I{644063FA-ABA3-42AC-A8AC-3EDC0706018B}
Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh-->MsiExec.exe /I{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}
Windows Live Mesh-->MsiExec.exe /I{7496FD31-E5CB-4AE4-82D3-31099558BF6A}
Windows Live Mesh-->MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh-->MsiExec.exe /I{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AB0B2113-5B96-4B95-8AD1-44613384911F}
Windows Live Mesh-->MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}
Windows Live Mesh-->MsiExec.exe /I{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}
Windows Live Messenger-->MsiExec.exe /X{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}
Windows Live Messenger-->MsiExec.exe /X{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}
Windows Live Messenger-->MsiExec.exe /X{0A9256E0-C924-46DE-921B-F6C4548A1C64}
Windows Live Messenger-->MsiExec.exe /X{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}
Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}
Windows Live Messenger-->MsiExec.exe /X{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}
Windows Live Messenger-->MsiExec.exe /X{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}
Windows Live Messenger-->MsiExec.exe /X{39BDD209-5704-480C-9F4A-B69D0370DDBB}
Windows Live Messenger-->MsiExec.exe /X{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}
Windows Live Messenger-->MsiExec.exe /X{4A275FD1-2F24-4274-8C01-813F5AD1A92D}
Windows Live Messenger-->MsiExec.exe /X{50300123-F8FC-4B50-B449-E847D04F1BA2}
Windows Live Messenger-->MsiExec.exe /X{5D90ABE5-8A35-4947-8269-6F40BCE47A95}
Windows Live Messenger-->MsiExec.exe /X{5F6E678A-7E61-448A-86CB-BC2AD1E04138}
Windows Live Messenger-->MsiExec.exe /X{6057E21C-ABE9-4059-AE3E-3BEB9925E660}
Windows Live Messenger-->MsiExec.exe /X{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}
Windows Live Messenger-->MsiExec.exe /X{6986737B-F286-40D1-87AF-938339DCF6AB}
Windows Live Messenger-->MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2}
Windows Live Messenger-->MsiExec.exe /X{6D30E864-46AE-435B-8230-8B5D42B4AE37}
Windows Live Messenger-->MsiExec.exe /X{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}
Windows Live Messenger-->MsiExec.exe /X{709E38A9-7F80-4598-96CC-44B0D553FECE}
Windows Live Messenger-->MsiExec.exe /X{7F6021AE-E688-4D03-843A-C2260482BA0D}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}
Windows Live Messenger-->MsiExec.exe /X{D54A52A8-DF24-4CE8-850B-074CA47DFA74}
Windows Live Messenger-->MsiExec.exe /X{E7688C7D-DE09-4D43-9785-534EDE9BC18E}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live Messenger-->MsiExec.exe /X{EE492B20-FB15-4A98-883C-3054354A11F8}
Windows Live Messenger-->MsiExec.exe /X{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}
Windows Live Messenger-->MsiExec.exe /X{F694D1F7-1F12-4550-9B7A-C871273ABAD5}
Windows Live Messenger-->MsiExec.exe /X{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{133D9D67-D475-4407-AC3C-D558087B2453}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{226F0D93-76DE-4F1C-B14D-DE10443ADB60}
Windows Live Movie Maker-->MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}
Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker-->MsiExec.exe /X{640798A0-A4FB-4C52-AC72-755134767F1E}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}
Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
Windows Live Movie Maker-->MsiExec.exe /X{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}
Windows Live Movie Maker-->MsiExec.exe /X{71527C7C-5289-4CB2-88C9-23344C0FF6C1}
Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker-->MsiExec.exe /X{7465A996-0FCA-4D2D-A52C-F833B0829B5B}
Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}
Windows Live Movie Maker-->MsiExec.exe /X{BF022D76-9F72-4203-B8FA-6522DC66DFDA}
Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Movie Maker-->MsiExec.exe /X{CD442136-9115-4236-9C14-278F6A9DCB3F}
Windows Live Movie Maker-->MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}
Windows Live Movie Maker-->MsiExec.exe /X{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}
Windows Live Movie Maker-->MsiExec.exe /X{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}
Windows Live Movie Maker-->MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF105207-8423-4E13-B0B1-50753170B245}
Windows Live Movie Maker-->MsiExec.exe /X{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{120C160F-F53D-4A15-A873-E79BF5B98B48}
Windows Live Photo Common-->MsiExec.exe /X{168E7302-890A-4138-9109-A225ACAF7AD1}
Windows Live Photo Common-->MsiExec.exe /X{28B9D2D8-4304-483F-AD71-51890A063A74}
Windows Live Photo Common-->MsiExec.exe /X{29373E24-AC72-424E-8F2A-FB0F9436F21F}
Windows Live Photo Common-->MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB}
Windows Live Photo Common-->MsiExec.exe /X{4D83F339-5A5C-4B21-8FD3-5D407B981E72}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{73FC3510-6421-40F7-9503-EDAE4D0CF70D}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}
Windows Live Photo Common-->MsiExec.exe /X{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}
Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common-->MsiExec.exe /X{85373DA7-834E-4850-8AF5-1D99F7526857}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}
Windows Live Photo Common-->MsiExec.exe /X{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}
Windows Live Photo Common-->MsiExec.exe /X{B33B61FE-701F-425F-98AB-2B85725CBF68}
Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common-->MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}
Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}
Windows Live Photo Common-->MsiExec.exe /X{CD7CB1E6-267A-408F-877D-B532AD2C882E}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Common-->MsiExec.exe /X{F0F5D89A-197C-495B-827E-3E98B811CD2E}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live Photo Gallery-->MsiExec.exe /X{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}
Windows Live Photo Gallery-->MsiExec.exe /X{861B1145-7762-4794-B40C-3FF0A389DFE6}
Windows Live Photo Gallery-->MsiExec.exe /X{885F1BCD-C344-4758-85BD-09640CF449A5}
Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live Photo Gallery-->MsiExec.exe /X{CF671BFE-6BA3-44E7-98C1-500D9C51D947}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}
Windows Live Remote Client Resources-->MsiExec.exe /I{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}
Windows Live Remote Client Resources-->MsiExec.exe /I{2C1A6191-9804-4FDC-AB01-6F9183C91A13}
Windows Live Remote Client Resources-->MsiExec.exe /I{2F304EF4-0C31-47F4-8557-0641AAE4197C}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client Resources-->MsiExec.exe /I{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}
Windows Live Remote Client Resources-->MsiExec.exe /I{4C2E49C0-9276-4324-841D-774CCCE5DB48}
Windows Live Remote Client Resources-->MsiExec.exe /I{5F44A3A1-5D24-4708-8776-66B42B174C64}
Windows Live Remote Client Resources-->MsiExec.exe /I{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}
Windows Live Remote Client Resources-->MsiExec.exe /I{692CCE55-9EAE-4F57-A834-092882E7FE0B}
Windows Live Remote Client Resources-->MsiExec.exe /I{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}
Windows Live Remote Client Resources-->MsiExec.exe /I{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client Resources-->MsiExec.exe /I{850B8072-2EA7-4EDC-B930-7FE569495E76}
Windows Live Remote Client Resources-->MsiExec.exe /I{8970AE69-40BE-4058-9916-0ACB1B974A3D}
Windows Live Remote Client Resources-->MsiExec.exe /I{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}
Windows Live Remote Client Resources-->MsiExec.exe /I{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}
Windows Live Remote Client Resources-->MsiExec.exe /I{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}
Windows Live Remote Client Resources-->MsiExec.exe /I{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}
Windows Live Remote Client Resources-->MsiExec.exe /I{B680A663-1A15-47A5-A07C-7DF9A97558B7}
Windows Live Remote Client Resources-->MsiExec.exe /I{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
Windows Live Remote Client Resources-->MsiExec.exe /I{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}
Windows Live Remote Client Resources-->MsiExec.exe /I{C9F05151-95A9-4B9B-B534-1760E2D014A5}
Windows Live Remote Client Resources-->MsiExec.exe /I{CFF3C688-2198-4BC3-A399-598226949C39}
Windows Live Remote Client Resources-->MsiExec.exe /I{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}
Windows Live Remote Client Resources-->MsiExec.exe /I{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}
Windows Live Remote Client Resources-->MsiExec.exe /I{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}
Windows Live Remote Client Resources-->MsiExec.exe /I{ED421F97-E1C3-4E78-9F54-A53888215D58}
Windows Live Remote Client Resources-->MsiExec.exe /I{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{0919C44F-F18A-4E3B-A737-03685272CE72}
Windows Live Remote Service Resources-->MsiExec.exe /I{1553D712-B35F-4A82-BC72-D6B11A94BE3E}
Windows Live Remote Service Resources-->MsiExec.exe /I{1685AE50-97ED-485B-80F6-145071EE14B0}
Windows Live Remote Service Resources-->MsiExec.exe /I{17A4FD95-A507-43F1-BC92-D8572AF8340A}
Windows Live Remote Service Resources-->MsiExec.exe /I{19F09425-3C20-4730-9E2A-FC2E17C9F362}
Windows Live Remote Service Resources-->MsiExec.exe /I{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service Resources-->MsiExec.exe /I{350FD0E7-175A-4F86-84EF-05B77FCD7161}
Windows Live Remote Service Resources-->MsiExec.exe /I{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}
Windows Live Remote Service Resources-->MsiExec.exe /I{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}
Windows Live Remote Service Resources-->MsiExec.exe /I{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5E2CD4FB-4538-4831-8176-05D653C3E6D4}
Windows Live Remote Service Resources-->MsiExec.exe /I{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}
Windows Live Remote Service Resources-->MsiExec.exe /I{61407251-7F7D-4303-810D-226A04D5CFF3}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service Resources-->MsiExec.exe /I{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}
Windows Live Remote Service Resources-->MsiExec.exe /I{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}
Windows Live Remote Service Resources-->MsiExec.exe /I{7AEC844D-448A-455E-A34E-E1032196BBCD}
Windows Live Remote Service Resources-->MsiExec.exe /I{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}
Windows Live Remote Service Resources-->MsiExec.exe /I{97A295A7-8840-4B35-BB61-27A8F4512CA3}
Windows Live Remote Service Resources-->MsiExec.exe /I{9E9C960F-7F47-46D5-A95D-950B354DE2B8}
Windows Live Remote Service Resources-->MsiExec.exe /I{A508D5A2-3AC1-4594-A718-A663D6D3CF11}
Windows Live Remote Service Resources-->MsiExec.exe /I{A679FBE4-BA2D-4514-8834-030982C8B31A}
Windows Live Remote Service Resources-->MsiExec.exe /I{D3E4F422-7E0F-49C7-8B00-F42490D7A385}
Windows Live Remote Service Resources-->MsiExec.exe /I{D930AF5C-5193-4616-887D-B974CEFC4970}
Windows Live Remote Service Resources-->MsiExec.exe /I{EFB20CF5-1A6D-41F3-8895-223346CE6291}
Windows Live Remote Service Resources-->MsiExec.exe /I{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}
Windows Live Remote Service Resources-->MsiExec.exe /I{FAA3933C-6F0D-4350-B66B-9D7F7031343E}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Temel Parçalar-->MsiExec.exe /I{1203DC60-D9BD-44F9-B372-2B8F227E6094}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{128133D3-037A-4C62-B1B7-55666A10587A}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{20381A8A-808E-4A53-B6CD-AD2B85E16365}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{24DF33E0-F924-4D0D-9B96-11F28F0D602D}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{40BFD84C-64CD-42CC-9909-8734C50429C6}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{523DF2BB-3A85-4047-9898-29DC8AEB7E69}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5495E9A4-501A-4D4C-87C9-E80916CA9478}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{7327080F-6673-421F-BBD9-B618F357EEB3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{8CF5D47D-27B7-49D6-A14F-10550B92749D}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D299197D-CDEA-41A6-A363-F532DE4114FD}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{DF71ABBB-B834-41C0-BB58-80B0545D754C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E5DD4723-FE0B-436E-A815-DC23CF902A0B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer Resources-->MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}
Windows Live Writer Resources-->MsiExec.exe /X{2511AAD7-82DF-4B97-B0B3-E1B933317010}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}
Windows Live Writer Resources-->MsiExec.exe /X{3125D9DE-8D7A-4987-95F3-8A42389833D8}
Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources-->MsiExec.exe /X{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}
Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}
Windows Live Writer Resources-->MsiExec.exe /X{6807427D-8D68-4D30-AF5B-0B38F8F948C8}
Windows Live Writer Resources-->MsiExec.exe /X{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}
Windows Live Writer Resources-->MsiExec.exe /X{734104DE-C2BF-412F-BB97-FCCE1EC94229}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}
Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources-->MsiExec.exe /X{7FF11E53-C002-4F40-8D68-6BE751E5DD62}
Windows Live Writer Resources-->MsiExec.exe /X{8E285C75-9BE2-4349-972B-DECDDF472656}
Windows Live Writer Resources-->MsiExec.exe /X{93E464B3-D075-4989-87FD-A828B5C308B1}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources-->MsiExec.exe /X{C29FC15D-E84B-4EEC-8505-4DED94414C59}
Windows Live Writer Resources-->MsiExec.exe /X{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer Resources-->MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}
Windows Live Writer Resources-->MsiExec.exe /X{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}
Windows Live Writer Resources-->MsiExec.exe /X{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}
Windows Live Writer Resources-->MsiExec.exe /X{F52C5BE7-3F57-464E-8A54-908402E43CE8}
Windows Live Writer-->MsiExec.exe /X{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}
Windows Live Writer-->MsiExec.exe /X{1A82AE99-84D3-486D-BAD6-675982603E14}
Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer-->MsiExec.exe /X{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}
Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78}
Windows Live Writer-->MsiExec.exe /X{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}
Windows Live Writer-->MsiExec.exe /X{4D7BAC8A-51B8-4243-8567-1415C4272D13}
Windows Live Writer-->MsiExec.exe /X{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}
Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer-->MsiExec.exe /X{71A81378-79D5-40CC-9BDC-380642D1A87F}
Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer-->MsiExec.exe /X{804DE397-F82C-4867-9085-E0AA539A3294}
Windows Live Writer-->MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{B3BE54A4-8DFE-4593-8E66-56AB7133B812}
Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer-->MsiExec.exe /X{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}
Windows Live Writer-->MsiExec.exe /X{DA29F644-2420-4448-8128-1331BE588999}
Windows Live Writer-->MsiExec.exe /X{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}
Windows Live Writer-->MsiExec.exe /X{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live Writer-->MsiExec.exe /X{E62E0550-C098-43A2-B54B-03FB1E634483}
Windows Live Writer-->MsiExec.exe /X{E8524B28-3BBB-4763-AC83-0E83FE31C350}
Windows Live 影像中心-->MsiExec.exe /X{EEF99142-3357-402C-B298-DEC303E12D92}
Windows Live 程式集-->MsiExec.exe /I{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}
Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
Windows Liven asennustyökalu-->MsiExec.exe /I{8909CFA8-97BF-4077-AC0F-6925243FFE08}
Windows Liven sähköposti-->MsiExec.exe /I{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}
Windows Liven valokuvavalikoima-->MsiExec.exe /X{1A72337E-D126-4BAF-AC89-E6122DB71866}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
World of Tanks v.0.6.7-->"C:\Games\World_of_Tanks\unins000.exe"
Zuma Deluxe-->"C:\Program Files (x86)\Acer Games\Zuma Deluxe\uninstall\uninstaller.exe"
Συλλογή φωτογραφιών του Windows Live-->MsiExec.exe /X{C00C2A91-6CB3-483F-80B3-2958E29468F1}
Основные компоненты Windows Live-->MsiExec.exe /I{E83DC314-C926-4214-AD58-147691D6FE9F}
Почта Windows Live-->MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}
Фотоальбом Windows Live-->MsiExec.exe /X{77F69CA1-E53D-4D77-8BA3-FA07606CC851}
Фотогалерия на Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}
גלריית התמונות של Windows Live-->MsiExec.exe /X{CE929F09-3853-4180-BD90-30764BFF7136}
بريد Windows Live-->MsiExec.exe /I{0A4C4B29-5A9D-4910-A13C-B920D5758744}
معرض صور Windows Live-->MsiExec.exe /X{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}
======System event log======
Computer Name: WIN-LLTP7N0CL1M
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z auto start na disabled.
Record Number: 1957
Source Name: Service Control Manager
Time Written: 20110902082547.382863-000
Event Type: Informace
User: breta-PC\Administrator
Computer Name: WIN-LLTP7N0CL1M
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: running
Record Number: 1956
Source Name: Service Control Manager
Time Written: 20110902082542.546855-000
Event Type: Informace
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 1955
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.749655-000
Event Type: Informace
User: breta-PC\Administrator
Computer Name: WIN-LLTP7N0CL1M
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 1954
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.718455-000
Event Type: Informace
User: breta-PC\Administrator
Computer Name: WIN-LLTP7N0CL1M
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 1953
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.702855-000
Event Type: Informace
User: breta-PC\Administrator
=====Application event log=====
Computer Name: breta-PC
Event Code: 4107
Message: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Record Number: 3120
Source Name: Microsoft-Windows-CAPI2
Time Written: 20110902082744.977658-000
Event Type: Chyba
User:
Computer Name: breta-PC
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.
Record Number: 3119
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110902082652.123377-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: WIN-LLTP7N0CL1M
Event Code: 1003
Message: Služba Windows Search byla spuštěna.
Record Number: 3118
Source Name: Microsoft-Windows-Search
Time Written: 20110902082548.000000-000
Event Type: Informace
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.
Record Number: 3117
Source Name: Microsoft-Windows-Search
Time Written: 20110902082548.000000-000
Event Type: Informace
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 103
Message: Windows (3060) Windows: Databázový stroj zastavil instanci (0).
Record Number: 3116
Source Name: ESENT
Time Written: 20110902082547.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-LLTP7N0CL1M$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x288
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 634
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082549.941268-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 633
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082548.459265-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-LLTP7N0CL1M$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x288
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 632
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082548.459265-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4738
Message: Byl změněn uživatelský účet.
Předmět:
ID zabezpečení: S-1-5-21-2857410691-1841422624-3118752077-500
Název účtu: Administrator
Doména účtu: WIN-LLTP7N0CL1M
ID přihlášení: 0x3e81f
Cílový účet:
ID zabezpečení: S-1-5-21-2857410691-1841422624-3118752077-500
Název účtu: Administrator
Doména účtu: WIN-LLTP7N0CL1M
Změněné atributy:
Název účtu SAM: -
Zobrazovaný název: -
Zaregistrovaný název uživatele: -
Domovský adresář: -
Domovská jednotka: -
Cesta skriptu: -
Cesta profilu: -
Pracovní stanice uživatele: -
Poslední nastavení hesla: -
Vypršení platnosti účtu: -
ID primární skupiny: -
Povolené delegování: -
Původní hodnota UAC: 0x211
Nová hodnota UAC: 0x211
Řízení účtu uživatele: -
Parametry uživatele: -
Historie identifikátoru zabezpečení: -
Přihlašovací hodiny: -
Další informace:
Oprávnění: -
Record Number: 631
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082547.008463-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2857410691-1841422624-3118752077-500
Název účtu: Administrator
Název domény: WIN-LLTP7N0CL1M
ID přihlášení: 0x3e81f
Record Number: 630
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.718455-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomale pc, pada..programy neodpovidaji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: pomale pc, pada..programy neodpovidaji
Dobrý večer 
Vložte mi druhý log s názvem info.txt, který naleznete v C:\rsit\
Vložte mi druhý log s názvem info.txt, který naleznete v C:\rsit\
Napiš mi: chodnik74@gmail.com nebo 
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| 
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. 
Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni 
Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: pomale pc, pada..programy neodpovidaji
info.txt logfile of random's system information tool 1.09 2011-10-30 10:28:54
======Uninstall list======
-->"C:\Program Files (x86)\Acer Games\Game Explorer Categories - main\Uninstall.exe"
-->"C:\Program Files (x86)\InstallShield Installation Information\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
Acer Backup Manager-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409
Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer ePower Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x405 -removeonly
Acer eRecovery Management-->"C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x405 -removeonly
Acer Games-->"C:\Program Files (x86)\Acer Games\Uninstall.exe"
Acer Registration-->C:\Program Files (x86)\Acer\Registration\Uninstall.exe
Acer ScreenSaver-->C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe
Acer Updater-->"C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x405 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe -maintain activex
Adobe Reader X (10.1.1) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Agatha Christie - Death on the Nile-->"C:\Program Files (x86)\Acer Games\Agatha Christie - Death on the Nile\uninstall\uninstaller.exe"
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Backup Manager Basic-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409
BatteryBar (remove only)-->"C:\Program Files\BatteryBar\Uninstall.exe"
Bejeweled 2 Deluxe-->"C:\Program Files (x86)\Acer Games\Bejeweled 2 Deluxe\uninstall\uninstaller.exe"
Bing Bar-->MsiExec.exe /X{C28D96C0-6A90-459E-A077-A6706F4EC0FC}
Broadcom Gigabit NetLink Controller-->MsiExec.exe /X{A84DB02B-9C2B-4272-9D2D-A80E00A56513}
Call of Duty Modern Warfare 2-->"C:\Program Files (x86)\Activision\Modern Warfare 2\unins000.exe"
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops-->"C:\Program Files (x86)\Activision\Call of Duty - Black Ops\unins000.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Corsair Addon-->C:\Program Files (x86)\Corsair Addon\uninstall.exe
Crazy Chicken Kart 2-->"C:\Program Files (x86)\Acer Games\Crazy Chicken Kart 2\uninstall\uninstaller.exe"
CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall
CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
ETDWare PS/2-x64 7.0.6.5_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
FATE-->"C:\Program Files (x86)\Acer Games\FATE\uninstall\uninstaller.exe"
Final Drive: Nitro-->"C:\Program Files (x86)\Acer Games\Final Drive Nitro\uninstall\uninstaller.exe"
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
Galeria de Fotografias do Windows Live-->MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}
Galería fotográfica de Windows Live-->MsiExec.exe /X{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}
Galeria fotogràfica del Windows Live-->MsiExec.exe /X{4736B0ED-F6A1-48EC-A1B7-C053027648F1}
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
GamePark-->"C:\Program Files (x86)\GamePark\unins000.exe"
Garena Classic 2011-->C:\Program Files (x86)\Garena Classic\uninst.exe
Harry Potter and the Deathly Hallows(TM) - Part 2 Demo-->MsiExec.exe /X{8D8E696E-916E-49CE-B2EE-C2346A6FE949}
Chuzzle Deluxe-->"C:\Program Files (x86)\Acer Games\Chuzzle Deluxe\uninstall\uninstaller.exe"
Identity Card-->C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe
Insaniquarium Deluxe-->"C:\Program Files (x86)\Acer Games\Insaniquarium Deluxe\uninstall\uninstaller.exe"
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Jewel Match 3-->"C:\Program Files (x86)\Acer Games\Jewel Match 3\uninstall\uninstaller.exe"
Jewel Quest Solitaire-->"C:\Program Files (x86)\Acer Games\Jewel Quest Solitaire\uninstall\uninstaller.exe"
John Deere Drive Green-->"C:\Program Files (x86)\Acer Games\John Deere Drive Green\uninstall\uninstaller.exe"
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Klikni a spusť 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Klikni a spusť 2010-->MsiExec.exe /I{90140000-006D-0405-1000-0000000FF1CE}
Microsoft Office Starter 2010 - čeština-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Mystery of Mortlake Mansion-->"C:\Program Files (x86)\Acer Games\Mystery of Mortlake Mansion\uninstall\uninstaller.exe"
MyWinLocker 4-->MsiExec.exe /X{39F15B50-A977-4CA6-B1C3-6A8724CDA025}
MyWinLocker Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\setup.exe" -runfromtemp -l0x0405 -removeonly
MyWinLocker Suite-->MsiExec.exe /X{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
MyWinLocker-->MsiExec.exe /I{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
newsXpresso-->"C:\Program Files (x86)\InstallShield Installation Information\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\setup.exe" -runfromtemp -l0x0409 -removeonly
newsXpresso-->MsiExec.exe /X{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}
Nitro PDF Professional-->MsiExec.exe /X{B734F624-8B49-42F9-BB0E-7B2132CEB813}
NTI Media Maker 9-->C:\Program Files (x86)\InstallShield Installation Information\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}\setup.exe -runfromtemp -l0x0409
NVIDIA Graphics Driver 268.00-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
OpenOffice.org 3.2-->MsiExec.exe /I{FAB43061-FEFB-46E8-A159-96710395DB5E}
Penguins!-->"C:\Program Files (x86)\Acer Games\Penguins!\uninstall\uninstaller.exe"
Plants vs. Zombies - Game of the Year-->"C:\Program Files (x86)\Acer Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Polar Bowler-->"C:\Program Files (x86)\Acer Games\Polar Bowler\uninstall\uninstaller.exe"
Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
Raccolta foto di Windows Live-->MsiExec.exe /X{ED16B700-D91F-44B0-867C-7EB5253CA38D}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Shredder-->MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Slingo Deluxe-->"C:\Program Files (x86)\Acer Games\Slingo Deluxe\uninstall\uninstaller.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Torchlight-->"C:\Program Files (x86)\Acer Games\Torchlight\uninstall\uninstaller.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
Virtual Villagers 4 - The Tree of Life-->"C:\Program Files (x86)\Acer Games\Virtual Villagers 4 - The Tree of Life\uninstall\uninstaller.exe"
Wedding Dash-->"C:\Program Files (x86)\Acer Games\Wedding Dash\uninstall\uninstaller.exe"
Welcome Center-->C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe
WildTangent Games App (Acer Games)-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\acer\Uninstall.exe"
Windows Live Argazki Galeria-->MsiExec.exe /X{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{06B05153-97E4-427E-B1A8-E098F6C5E52F}
Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials-->MsiExec.exe /I{17F99FCE-8F03-4439-860A-25C5A5434E18}
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live Essentials-->MsiExec.exe /I{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{43B43577-2514-4CE0-B14A-7E85C17C0453}
Windows Live Essentials-->MsiExec.exe /I{4A04DB63-8F81-4EF4-9D09-61A2057EF419}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}
Windows Live Essentials-->MsiExec.exe /I{7D99B933-E29C-4599-92F0-DAED2AF041E3}
Windows Live Essentials-->MsiExec.exe /I{827D3E4A-0186-48B7-9801-7D1E9DD40C07}
Windows Live Essentials-->MsiExec.exe /I{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}
Windows Live Essentials-->MsiExec.exe /I{ABD534B7-E951-470E-92C2-CD5AF1735726}
Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials-->MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}
Windows Live Essentials-->MsiExec.exe /I{F0F9505B-3ACF-4158-9311-D0285136AA00}
Windows Live Essentials-->MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Fotogalleri-->MsiExec.exe /X{5C2F5C1B-9732-4F81-8FBF-6711627DC508}
Windows Live Fotoğraf Galerisi-->MsiExec.exe /X{BD695C2F-3EA0-4DA4-92D5-154072468721}
Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Galeria de Fotos-->MsiExec.exe /X{F7A46527-DF1F-4B0F-9637-98547E189442}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{D07A61E5-A59C-433C-BCBD-22025FA2287B}
Windows Live Mail-->MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11}
Windows Live Mail-->MsiExec.exe /I{10186F1A-6A14-43DF-A404-F0105D09BB07}
Windows Live Mail-->MsiExec.exe /I{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}
Windows Live Mail-->MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}
Windows Live Mail-->MsiExec.exe /I{48F597DD-D397-4CFA-91A0-4C033A0113BD}
Windows Live Mail-->MsiExec.exe /I{63CF7D0C-B6E7-4EE9-8253-816B613CC437}
Windows Live Mail-->MsiExec.exe /I{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}
Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail-->MsiExec.exe /I{924B4D82-1B97-48EB-8F1E-55C4353C22DB}
Windows Live Mail-->MsiExec.exe /I{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{9DA3F03B-2CEE-4344-838E-117861E61FAF}
Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
Windows Live Mail-->MsiExec.exe /I{A0B91308-6666-4249-8FF6-1E11AFD75FE1}
Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail-->MsiExec.exe /I{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}
Windows Live Mail-->MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail-->MsiExec.exe /I{D31169F2-CD71-4337-B783-3E53F29F4CAD}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mail-->MsiExec.exe /I{DBAA2B17-D596-4195-A169-BA2166B0D69B}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh-->MsiExec.exe /I{00884F14-05BD-4D8E-90E5-1ABF78948CA4}
Windows Live Mesh-->MsiExec.exe /I{039480EE-6933-4845-88B8-77FD0C3D059D}
Windows Live Mesh-->MsiExec.exe /I{110668B7-54C6-47C9-BAC4-1CE77F156AF5}
Windows Live Mesh-->MsiExec.exe /I{11417707-1F72-4279-95A3-01E0B898BBF5}
Windows Live Mesh-->MsiExec.exe /I{2C865FB0-051E-4D22-AC62-428E035AEAF0}
Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh-->MsiExec.exe /I{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}
Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh-->MsiExec.exe /I{46872828-6453-4138-BE1C-CE35FBF67978}
Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh-->MsiExec.exe /I{625D45F0-5DCB-48BF-8770-C240A84DAAEB}
Windows Live Mesh-->MsiExec.exe /I{644063FA-ABA3-42AC-A8AC-3EDC0706018B}
Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh-->MsiExec.exe /I{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}
Windows Live Mesh-->MsiExec.exe /I{7496FD31-E5CB-4AE4-82D3-31099558BF6A}
Windows Live Mesh-->MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh-->MsiExec.exe /I{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AB0B2113-5B96-4B95-8AD1-44613384911F}
Windows Live Mesh-->MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}
Windows Live Mesh-->MsiExec.exe /I{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}
Windows Live Messenger-->MsiExec.exe /X{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}
Windows Live Messenger-->MsiExec.exe /X{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}
Windows Live Messenger-->MsiExec.exe /X{0A9256E0-C924-46DE-921B-F6C4548A1C64}
Windows Live Messenger-->MsiExec.exe /X{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}
Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}
Windows Live Messenger-->MsiExec.exe /X{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}
Windows Live Messenger-->MsiExec.exe /X{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}
Windows Live Messenger-->MsiExec.exe /X{39BDD209-5704-480C-9F4A-B69D0370DDBB}
Windows Live Messenger-->MsiExec.exe /X{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}
Windows Live Messenger-->MsiExec.exe /X{4A275FD1-2F24-4274-8C01-813F5AD1A92D}
Windows Live Messenger-->MsiExec.exe /X{50300123-F8FC-4B50-B449-E847D04F1BA2}
Windows Live Messenger-->MsiExec.exe /X{5D90ABE5-8A35-4947-8269-6F40BCE47A95}
Windows Live Messenger-->MsiExec.exe /X{5F6E678A-7E61-448A-86CB-BC2AD1E04138}
Windows Live Messenger-->MsiExec.exe /X{6057E21C-ABE9-4059-AE3E-3BEB9925E660}
Windows Live Messenger-->MsiExec.exe /X{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}
Windows Live Messenger-->MsiExec.exe /X{6986737B-F286-40D1-87AF-938339DCF6AB}
Windows Live Messenger-->MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2}
Windows Live Messenger-->MsiExec.exe /X{6D30E864-46AE-435B-8230-8B5D42B4AE37}
Windows Live Messenger-->MsiExec.exe /X{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}
Windows Live Messenger-->MsiExec.exe /X{709E38A9-7F80-4598-96CC-44B0D553FECE}
Windows Live Messenger-->MsiExec.exe /X{7F6021AE-E688-4D03-843A-C2260482BA0D}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}
Windows Live Messenger-->MsiExec.exe /X{D54A52A8-DF24-4CE8-850B-074CA47DFA74}
Windows Live Messenger-->MsiExec.exe /X{E7688C7D-DE09-4D43-9785-534EDE9BC18E}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live Messenger-->MsiExec.exe /X{EE492B20-FB15-4A98-883C-3054354A11F8}
Windows Live Messenger-->MsiExec.exe /X{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}
Windows Live Messenger-->MsiExec.exe /X{F694D1F7-1F12-4550-9B7A-C871273ABAD5}
Windows Live Messenger-->MsiExec.exe /X{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{133D9D67-D475-4407-AC3C-D558087B2453}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{226F0D93-76DE-4F1C-B14D-DE10443ADB60}
Windows Live Movie Maker-->MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}
Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker-->MsiExec.exe /X{640798A0-A4FB-4C52-AC72-755134767F1E}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}
Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
Windows Live Movie Maker-->MsiExec.exe /X{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}
Windows Live Movie Maker-->MsiExec.exe /X{71527C7C-5289-4CB2-88C9-23344C0FF6C1}
Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker-->MsiExec.exe /X{7465A996-0FCA-4D2D-A52C-F833B0829B5B}
Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}
Windows Live Movie Maker-->MsiExec.exe /X{BF022D76-9F72-4203-B8FA-6522DC66DFDA}
Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Movie Maker-->MsiExec.exe /X{CD442136-9115-4236-9C14-278F6A9DCB3F}
Windows Live Movie Maker-->MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}
Windows Live Movie Maker-->MsiExec.exe /X{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}
Windows Live Movie Maker-->MsiExec.exe /X{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}
Windows Live Movie Maker-->MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF105207-8423-4E13-B0B1-50753170B245}
Windows Live Movie Maker-->MsiExec.exe /X{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{120C160F-F53D-4A15-A873-E79BF5B98B48}
Windows Live Photo Common-->MsiExec.exe /X{168E7302-890A-4138-9109-A225ACAF7AD1}
Windows Live Photo Common-->MsiExec.exe /X{28B9D2D8-4304-483F-AD71-51890A063A74}
Windows Live Photo Common-->MsiExec.exe /X{29373E24-AC72-424E-8F2A-FB0F9436F21F}
Windows Live Photo Common-->MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB}
Windows Live Photo Common-->MsiExec.exe /X{4D83F339-5A5C-4B21-8FD3-5D407B981E72}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{73FC3510-6421-40F7-9503-EDAE4D0CF70D}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}
Windows Live Photo Common-->MsiExec.exe /X{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}
Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common-->MsiExec.exe /X{85373DA7-834E-4850-8AF5-1D99F7526857}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}
Windows Live Photo Common-->MsiExec.exe /X{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}
Windows Live Photo Common-->MsiExec.exe /X{B33B61FE-701F-425F-98AB-2B85725CBF68}
Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common-->MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}
Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}
Windows Live Photo Common-->MsiExec.exe /X{CD7CB1E6-267A-408F-877D-B532AD2C882E}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Common-->MsiExec.exe /X{F0F5D89A-197C-495B-827E-3E98B811CD2E}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live Photo Gallery-->MsiExec.exe /X{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}
Windows Live Photo Gallery-->MsiExec.exe /X{861B1145-7762-4794-B40C-3FF0A389DFE6}
Windows Live Photo Gallery-->MsiExec.exe /X{885F1BCD-C344-4758-85BD-09640CF449A5}
Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live Photo Gallery-->MsiExec.exe /X{CF671BFE-6BA3-44E7-98C1-500D9C51D947}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}
Windows Live Remote Client Resources-->MsiExec.exe /I{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}
Windows Live Remote Client Resources-->MsiExec.exe /I{2C1A6191-9804-4FDC-AB01-6F9183C91A13}
Windows Live Remote Client Resources-->MsiExec.exe /I{2F304EF4-0C31-47F4-8557-0641AAE4197C}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client Resources-->MsiExec.exe /I{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}
Windows Live Remote Client Resources-->MsiExec.exe /I{4C2E49C0-9276-4324-841D-774CCCE5DB48}
Windows Live Remote Client Resources-->MsiExec.exe /I{5F44A3A1-5D24-4708-8776-66B42B174C64}
Windows Live Remote Client Resources-->MsiExec.exe /I{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}
Windows Live Remote Client Resources-->MsiExec.exe /I{692CCE55-9EAE-4F57-A834-092882E7FE0B}
Windows Live Remote Client Resources-->MsiExec.exe /I{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}
Windows Live Remote Client Resources-->MsiExec.exe /I{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client Resources-->MsiExec.exe /I{850B8072-2EA7-4EDC-B930-7FE569495E76}
Windows Live Remote Client Resources-->MsiExec.exe /I{8970AE69-40BE-4058-9916-0ACB1B974A3D}
Windows Live Remote Client Resources-->MsiExec.exe /I{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}
Windows Live Remote Client Resources-->MsiExec.exe /I{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}
Windows Live Remote Client Resources-->MsiExec.exe /I{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}
Windows Live Remote Client Resources-->MsiExec.exe /I{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}
Windows Live Remote Client Resources-->MsiExec.exe /I{B680A663-1A15-47A5-A07C-7DF9A97558B7}
Windows Live Remote Client Resources-->MsiExec.exe /I{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
Windows Live Remote Client Resources-->MsiExec.exe /I{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}
Windows Live Remote Client Resources-->MsiExec.exe /I{C9F05151-95A9-4B9B-B534-1760E2D014A5}
Windows Live Remote Client Resources-->MsiExec.exe /I{CFF3C688-2198-4BC3-A399-598226949C39}
Windows Live Remote Client Resources-->MsiExec.exe /I{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}
Windows Live Remote Client Resources-->MsiExec.exe /I{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}
Windows Live Remote Client Resources-->MsiExec.exe /I{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}
Windows Live Remote Client Resources-->MsiExec.exe /I{ED421F97-E1C3-4E78-9F54-A53888215D58}
Windows Live Remote Client Resources-->MsiExec.exe /I{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{0919C44F-F18A-4E3B-A737-03685272CE72}
Windows Live Remote Service Resources-->MsiExec.exe /I{1553D712-B35F-4A82-BC72-D6B11A94BE3E}
Windows Live Remote Service Resources-->MsiExec.exe /I{1685AE50-97ED-485B-80F6-145071EE14B0}
Windows Live Remote Service Resources-->MsiExec.exe /I{17A4FD95-A507-43F1-BC92-D8572AF8340A}
Windows Live Remote Service Resources-->MsiExec.exe /I{19F09425-3C20-4730-9E2A-FC2E17C9F362}
Windows Live Remote Service Resources-->MsiExec.exe /I{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service Resources-->MsiExec.exe /I{350FD0E7-175A-4F86-84EF-05B77FCD7161}
Windows Live Remote Service Resources-->MsiExec.exe /I{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}
Windows Live Remote Service Resources-->MsiExec.exe /I{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}
Windows Live Remote Service Resources-->MsiExec.exe /I{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5E2CD4FB-4538-4831-8176-05D653C3E6D4}
Windows Live Remote Service Resources-->MsiExec.exe /I{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}
Windows Live Remote Service Resources-->MsiExec.exe /I{61407251-7F7D-4303-810D-226A04D5CFF3}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service Resources-->MsiExec.exe /I{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}
Windows Live Remote Service Resources-->MsiExec.exe /I{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}
Windows Live Remote Service Resources-->MsiExec.exe /I{7AEC844D-448A-455E-A34E-E1032196BBCD}
Windows Live Remote Service Resources-->MsiExec.exe /I{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}
Windows Live Remote Service Resources-->MsiExec.exe /I{97A295A7-8840-4B35-BB61-27A8F4512CA3}
Windows Live Remote Service Resources-->MsiExec.exe /I{9E9C960F-7F47-46D5-A95D-950B354DE2B8}
Windows Live Remote Service Resources-->MsiExec.exe /I{A508D5A2-3AC1-4594-A718-A663D6D3CF11}
Windows Live Remote Service Resources-->MsiExec.exe /I{A679FBE4-BA2D-4514-8834-030982C8B31A}
Windows Live Remote Service Resources-->MsiExec.exe /I{D3E4F422-7E0F-49C7-8B00-F42490D7A385}
Windows Live Remote Service Resources-->MsiExec.exe /I{D930AF5C-5193-4616-887D-B974CEFC4970}
Windows Live Remote Service Resources-->MsiExec.exe /I{EFB20CF5-1A6D-41F3-8895-223346CE6291}
Windows Live Remote Service Resources-->MsiExec.exe /I{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}
Windows Live Remote Service Resources-->MsiExec.exe /I{FAA3933C-6F0D-4350-B66B-9D7F7031343E}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Temel Parçalar-->MsiExec.exe /I{1203DC60-D9BD-44F9-B372-2B8F227E6094}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{128133D3-037A-4C62-B1B7-55666A10587A}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{20381A8A-808E-4A53-B6CD-AD2B85E16365}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{24DF33E0-F924-4D0D-9B96-11F28F0D602D}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{40BFD84C-64CD-42CC-9909-8734C50429C6}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{523DF2BB-3A85-4047-9898-29DC8AEB7E69}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5495E9A4-501A-4D4C-87C9-E80916CA9478}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{7327080F-6673-421F-BBD9-B618F357EEB3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{8CF5D47D-27B7-49D6-A14F-10550B92749D}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D299197D-CDEA-41A6-A363-F532DE4114FD}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{DF71ABBB-B834-41C0-BB58-80B0545D754C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E5DD4723-FE0B-436E-A815-DC23CF902A0B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer Resources-->MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}
Windows Live Writer Resources-->MsiExec.exe /X{2511AAD7-82DF-4B97-B0B3-E1B933317010}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}
Windows Live Writer Resources-->MsiExec.exe /X{3125D9DE-8D7A-4987-95F3-8A42389833D8}
Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources-->MsiExec.exe /X{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}
Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}
Windows Live Writer Resources-->MsiExec.exe /X{6807427D-8D68-4D30-AF5B-0B38F8F948C8}
Windows Live Writer Resources-->MsiExec.exe /X{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}
Windows Live Writer Resources-->MsiExec.exe /X{734104DE-C2BF-412F-BB97-FCCE1EC94229}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}
Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources-->MsiExec.exe /X{7FF11E53-C002-4F40-8D68-6BE751E5DD62}
Windows Live Writer Resources-->MsiExec.exe /X{8E285C75-9BE2-4349-972B-DECDDF472656}
Windows Live Writer Resources-->MsiExec.exe /X{93E464B3-D075-4989-87FD-A828B5C308B1}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources-->MsiExec.exe /X{C29FC15D-E84B-4EEC-8505-4DED94414C59}
Windows Live Writer Resources-->MsiExec.exe /X{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer Resources-->MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}
Windows Live Writer Resources-->MsiExec.exe /X{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}
Windows Live Writer Resources-->MsiExec.exe /X{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}
Windows Live Writer Resources-->MsiExec.exe /X{F52C5BE7-3F57-464E-8A54-908402E43CE8}
Windows Live Writer-->MsiExec.exe /X{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}
Windows Live Writer-->MsiExec.exe /X{1A82AE99-84D3-486D-BAD6-675982603E14}
Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer-->MsiExec.exe /X{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}
Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78}
Windows Live Writer-->MsiExec.exe /X{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}
Windows Live Writer-->MsiExec.exe /X{4D7BAC8A-51B8-4243-8567-1415C4272D13}
Windows Live Writer-->MsiExec.exe /X{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}
Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer-->MsiExec.exe /X{71A81378-79D5-40CC-9BDC-380642D1A87F}
Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer-->MsiExec.exe /X{804DE397-F82C-4867-9085-E0AA539A3294}
Windows Live Writer-->MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{B3BE54A4-8DFE-4593-8E66-56AB7133B812}
Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer-->MsiExec.exe /X{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}
Windows Live Writer-->MsiExec.exe /X{DA29F644-2420-4448-8128-1331BE588999}
Windows Live Writer-->MsiExec.exe /X{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}
Windows Live Writer-->MsiExec.exe /X{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live Writer-->MsiExec.exe /X{E62E0550-C098-43A2-B54B-03FB1E634483}
Windows Live Writer-->MsiExec.exe /X{E8524B28-3BBB-4763-AC83-0E83FE31C350}
Windows Live 影像中心-->MsiExec.exe /X{EEF99142-3357-402C-B298-DEC303E12D92}
Windows Live 程式集-->MsiExec.exe /I{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}
Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
Windows Liven asennustyökalu-->MsiExec.exe /I{8909CFA8-97BF-4077-AC0F-6925243FFE08}
Windows Liven sähköposti-->MsiExec.exe /I{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}
Windows Liven valokuvavalikoima-->MsiExec.exe /X{1A72337E-D126-4BAF-AC89-E6122DB71866}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
World of Tanks v.0.6.7-->"C:\Games\World_of_Tanks\unins000.exe"
Zuma Deluxe-->"C:\Program Files (x86)\Acer Games\Zuma Deluxe\uninstall\uninstaller.exe"
Συλλογή φωτογραφιών του Windows Live-->MsiExec.exe /X{C00C2A91-6CB3-483F-80B3-2958E29468F1}
Основные компоненты Windows Live-->MsiExec.exe /I{E83DC314-C926-4214-AD58-147691D6FE9F}
Почта Windows Live-->MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}
Фотоальбом Windows Live-->MsiExec.exe /X{77F69CA1-E53D-4D77-8BA3-FA07606CC851}
Фотогалерия на Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}
גלריית התמונות של Windows Live-->MsiExec.exe /X{CE929F09-3853-4180-BD90-30764BFF7136}
بريد Windows Live-->MsiExec.exe /I{0A4C4B29-5A9D-4910-A13C-B920D5758744}
معرض صور Windows Live-->MsiExec.exe /X{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}
======System event log======
Computer Name: WIN-LLTP7N0CL1M
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z auto start na disabled.
Record Number: 1957
Source Name: Service Control Manager
Time Written: 20110902082547.382863-000
Event Type: Informace
User: breta-PC\Administrator
Computer Name: WIN-LLTP7N0CL1M
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: running
Record Number: 1956
Source Name: Service Control Manager
Time Written: 20110902082542.546855-000
Event Type: Informace
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 1955
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.749655-000
Event Type: Informace
User: breta-PC\Administrator
Computer Name: WIN-LLTP7N0CL1M
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 1954
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.718455-000
Event Type: Informace
User: breta-PC\Administrator
Computer Name: WIN-LLTP7N0CL1M
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 1953
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.702855-000
Event Type: Informace
User: breta-PC\Administrator
=====Application event log=====
Computer Name: breta-PC
Event Code: 4107
Message: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Record Number: 3120
Source Name: Microsoft-Windows-CAPI2
Time Written: 20110902082744.977658-000
Event Type: Chyba
User:
Computer Name: breta-PC
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.
Record Number: 3119
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110902082652.123377-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: WIN-LLTP7N0CL1M
Event Code: 1003
Message: Služba Windows Search byla spuštěna.
Record Number: 3118
Source Name: Microsoft-Windows-Search
Time Written: 20110902082548.000000-000
Event Type: Informace
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.
Record Number: 3117
Source Name: Microsoft-Windows-Search
Time Written: 20110902082548.000000-000
Event Type: Informace
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 103
Message: Windows (3060) Windows: Databázový stroj zastavil instanci (0).
Record Number: 3116
Source Name: ESENT
Time Written: 20110902082547.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-LLTP7N0CL1M$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x288
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 634
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082549.941268-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 633
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082548.459265-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-LLTP7N0CL1M$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x288
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 632
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082548.459265-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4738
Message: Byl změněn uživatelský účet.
Předmět:
ID zabezpečení: S-1-5-21-2857410691-1841422624-3118752077-500
Název účtu: Administrator
Doména účtu: WIN-LLTP7N0CL1M
ID přihlášení: 0x3e81f
Cílový účet:
ID zabezpečení: S-1-5-21-2857410691-1841422624-3118752077-500
Název účtu: Administrator
Doména účtu: WIN-LLTP7N0CL1M
Změněné atributy:
Název účtu SAM: -
Zobrazovaný název: -
Zaregistrovaný název uživatele: -
Domovský adresář: -
Domovská jednotka: -
Cesta skriptu: -
Cesta profilu: -
Pracovní stanice uživatele: -
Poslední nastavení hesla: -
Vypršení platnosti účtu: -
ID primární skupiny: -
Povolené delegování: -
Původní hodnota UAC: 0x211
Nová hodnota UAC: 0x211
Řízení účtu uživatele: -
Parametry uživatele: -
Historie identifikátoru zabezpečení: -
Přihlašovací hodiny: -
Další informace:
Oprávnění: -
Record Number: 631
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082547.008463-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2857410691-1841422624-3118752077-500
Název účtu: Administrator
Název domény: WIN-LLTP7N0CL1M
ID přihlášení: 0x3e81f
Record Number: 630
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.718455-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
-----------------EOF-----------------
======Uninstall list======
-->"C:\Program Files (x86)\Acer Games\Game Explorer Categories - main\Uninstall.exe"
-->"C:\Program Files (x86)\InstallShield Installation Information\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
Acer Backup Manager-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409
Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer ePower Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x405 -removeonly
Acer eRecovery Management-->"C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x405 -removeonly
Acer Games-->"C:\Program Files (x86)\Acer Games\Uninstall.exe"
Acer Registration-->C:\Program Files (x86)\Acer\Registration\Uninstall.exe
Acer ScreenSaver-->C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe
Acer Updater-->"C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x405 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe -maintain activex
Adobe Reader X (10.1.1) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Agatha Christie - Death on the Nile-->"C:\Program Files (x86)\Acer Games\Agatha Christie - Death on the Nile\uninstall\uninstaller.exe"
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Backup Manager Basic-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409
BatteryBar (remove only)-->"C:\Program Files\BatteryBar\Uninstall.exe"
Bejeweled 2 Deluxe-->"C:\Program Files (x86)\Acer Games\Bejeweled 2 Deluxe\uninstall\uninstaller.exe"
Bing Bar-->MsiExec.exe /X{C28D96C0-6A90-459E-A077-A6706F4EC0FC}
Broadcom Gigabit NetLink Controller-->MsiExec.exe /X{A84DB02B-9C2B-4272-9D2D-A80E00A56513}
Call of Duty Modern Warfare 2-->"C:\Program Files (x86)\Activision\Modern Warfare 2\unins000.exe"
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops-->"C:\Program Files (x86)\Activision\Call of Duty - Black Ops\unins000.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Corsair Addon-->C:\Program Files (x86)\Corsair Addon\uninstall.exe
Crazy Chicken Kart 2-->"C:\Program Files (x86)\Acer Games\Crazy Chicken Kart 2\uninstall\uninstaller.exe"
CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall
CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
ETDWare PS/2-x64 7.0.6.5_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
FATE-->"C:\Program Files (x86)\Acer Games\FATE\uninstall\uninstaller.exe"
Final Drive: Nitro-->"C:\Program Files (x86)\Acer Games\Final Drive Nitro\uninstall\uninstaller.exe"
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
Galeria de Fotografias do Windows Live-->MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}
Galería fotográfica de Windows Live-->MsiExec.exe /X{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}
Galeria fotogràfica del Windows Live-->MsiExec.exe /X{4736B0ED-F6A1-48EC-A1B7-C053027648F1}
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
GamePark-->"C:\Program Files (x86)\GamePark\unins000.exe"
Garena Classic 2011-->C:\Program Files (x86)\Garena Classic\uninst.exe
Harry Potter and the Deathly Hallows(TM) - Part 2 Demo-->MsiExec.exe /X{8D8E696E-916E-49CE-B2EE-C2346A6FE949}
Chuzzle Deluxe-->"C:\Program Files (x86)\Acer Games\Chuzzle Deluxe\uninstall\uninstaller.exe"
Identity Card-->C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe
Insaniquarium Deluxe-->"C:\Program Files (x86)\Acer Games\Insaniquarium Deluxe\uninstall\uninstaller.exe"
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Jewel Match 3-->"C:\Program Files (x86)\Acer Games\Jewel Match 3\uninstall\uninstaller.exe"
Jewel Quest Solitaire-->"C:\Program Files (x86)\Acer Games\Jewel Quest Solitaire\uninstall\uninstaller.exe"
John Deere Drive Green-->"C:\Program Files (x86)\Acer Games\John Deere Drive Green\uninstall\uninstaller.exe"
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Klikni a spusť 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Klikni a spusť 2010-->MsiExec.exe /I{90140000-006D-0405-1000-0000000FF1CE}
Microsoft Office Starter 2010 - čeština-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Mystery of Mortlake Mansion-->"C:\Program Files (x86)\Acer Games\Mystery of Mortlake Mansion\uninstall\uninstaller.exe"
MyWinLocker 4-->MsiExec.exe /X{39F15B50-A977-4CA6-B1C3-6A8724CDA025}
MyWinLocker Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\setup.exe" -runfromtemp -l0x0405 -removeonly
MyWinLocker Suite-->MsiExec.exe /X{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
MyWinLocker-->MsiExec.exe /I{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
newsXpresso-->"C:\Program Files (x86)\InstallShield Installation Information\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\setup.exe" -runfromtemp -l0x0409 -removeonly
newsXpresso-->MsiExec.exe /X{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}
Nitro PDF Professional-->MsiExec.exe /X{B734F624-8B49-42F9-BB0E-7B2132CEB813}
NTI Media Maker 9-->C:\Program Files (x86)\InstallShield Installation Information\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}\setup.exe -runfromtemp -l0x0409
NVIDIA Graphics Driver 268.00-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
OpenOffice.org 3.2-->MsiExec.exe /I{FAB43061-FEFB-46E8-A159-96710395DB5E}
Penguins!-->"C:\Program Files (x86)\Acer Games\Penguins!\uninstall\uninstaller.exe"
Plants vs. Zombies - Game of the Year-->"C:\Program Files (x86)\Acer Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Polar Bowler-->"C:\Program Files (x86)\Acer Games\Polar Bowler\uninstall\uninstaller.exe"
Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
Raccolta foto di Windows Live-->MsiExec.exe /X{ED16B700-D91F-44B0-867C-7EB5253CA38D}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Shredder-->MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Slingo Deluxe-->"C:\Program Files (x86)\Acer Games\Slingo Deluxe\uninstall\uninstaller.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Torchlight-->"C:\Program Files (x86)\Acer Games\Torchlight\uninstall\uninstaller.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
Virtual Villagers 4 - The Tree of Life-->"C:\Program Files (x86)\Acer Games\Virtual Villagers 4 - The Tree of Life\uninstall\uninstaller.exe"
Wedding Dash-->"C:\Program Files (x86)\Acer Games\Wedding Dash\uninstall\uninstaller.exe"
Welcome Center-->C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe
WildTangent Games App (Acer Games)-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\acer\Uninstall.exe"
Windows Live Argazki Galeria-->MsiExec.exe /X{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{06B05153-97E4-427E-B1A8-E098F6C5E52F}
Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials-->MsiExec.exe /I{17F99FCE-8F03-4439-860A-25C5A5434E18}
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live Essentials-->MsiExec.exe /I{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{43B43577-2514-4CE0-B14A-7E85C17C0453}
Windows Live Essentials-->MsiExec.exe /I{4A04DB63-8F81-4EF4-9D09-61A2057EF419}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}
Windows Live Essentials-->MsiExec.exe /I{7D99B933-E29C-4599-92F0-DAED2AF041E3}
Windows Live Essentials-->MsiExec.exe /I{827D3E4A-0186-48B7-9801-7D1E9DD40C07}
Windows Live Essentials-->MsiExec.exe /I{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}
Windows Live Essentials-->MsiExec.exe /I{ABD534B7-E951-470E-92C2-CD5AF1735726}
Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials-->MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}
Windows Live Essentials-->MsiExec.exe /I{F0F9505B-3ACF-4158-9311-D0285136AA00}
Windows Live Essentials-->MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Fotogalleri-->MsiExec.exe /X{5C2F5C1B-9732-4F81-8FBF-6711627DC508}
Windows Live Fotoğraf Galerisi-->MsiExec.exe /X{BD695C2F-3EA0-4DA4-92D5-154072468721}
Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Galeria de Fotos-->MsiExec.exe /X{F7A46527-DF1F-4B0F-9637-98547E189442}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{D07A61E5-A59C-433C-BCBD-22025FA2287B}
Windows Live Mail-->MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11}
Windows Live Mail-->MsiExec.exe /I{10186F1A-6A14-43DF-A404-F0105D09BB07}
Windows Live Mail-->MsiExec.exe /I{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}
Windows Live Mail-->MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}
Windows Live Mail-->MsiExec.exe /I{48F597DD-D397-4CFA-91A0-4C033A0113BD}
Windows Live Mail-->MsiExec.exe /I{63CF7D0C-B6E7-4EE9-8253-816B613CC437}
Windows Live Mail-->MsiExec.exe /I{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}
Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail-->MsiExec.exe /I{924B4D82-1B97-48EB-8F1E-55C4353C22DB}
Windows Live Mail-->MsiExec.exe /I{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{9DA3F03B-2CEE-4344-838E-117861E61FAF}
Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
Windows Live Mail-->MsiExec.exe /I{A0B91308-6666-4249-8FF6-1E11AFD75FE1}
Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail-->MsiExec.exe /I{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}
Windows Live Mail-->MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail-->MsiExec.exe /I{D31169F2-CD71-4337-B783-3E53F29F4CAD}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mail-->MsiExec.exe /I{DBAA2B17-D596-4195-A169-BA2166B0D69B}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh-->MsiExec.exe /I{00884F14-05BD-4D8E-90E5-1ABF78948CA4}
Windows Live Mesh-->MsiExec.exe /I{039480EE-6933-4845-88B8-77FD0C3D059D}
Windows Live Mesh-->MsiExec.exe /I{110668B7-54C6-47C9-BAC4-1CE77F156AF5}
Windows Live Mesh-->MsiExec.exe /I{11417707-1F72-4279-95A3-01E0B898BBF5}
Windows Live Mesh-->MsiExec.exe /I{2C865FB0-051E-4D22-AC62-428E035AEAF0}
Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh-->MsiExec.exe /I{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}
Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh-->MsiExec.exe /I{46872828-6453-4138-BE1C-CE35FBF67978}
Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh-->MsiExec.exe /I{625D45F0-5DCB-48BF-8770-C240A84DAAEB}
Windows Live Mesh-->MsiExec.exe /I{644063FA-ABA3-42AC-A8AC-3EDC0706018B}
Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh-->MsiExec.exe /I{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}
Windows Live Mesh-->MsiExec.exe /I{7496FD31-E5CB-4AE4-82D3-31099558BF6A}
Windows Live Mesh-->MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh-->MsiExec.exe /I{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AB0B2113-5B96-4B95-8AD1-44613384911F}
Windows Live Mesh-->MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}
Windows Live Mesh-->MsiExec.exe /I{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}
Windows Live Messenger-->MsiExec.exe /X{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}
Windows Live Messenger-->MsiExec.exe /X{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}
Windows Live Messenger-->MsiExec.exe /X{0A9256E0-C924-46DE-921B-F6C4548A1C64}
Windows Live Messenger-->MsiExec.exe /X{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}
Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}
Windows Live Messenger-->MsiExec.exe /X{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}
Windows Live Messenger-->MsiExec.exe /X{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}
Windows Live Messenger-->MsiExec.exe /X{39BDD209-5704-480C-9F4A-B69D0370DDBB}
Windows Live Messenger-->MsiExec.exe /X{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}
Windows Live Messenger-->MsiExec.exe /X{4A275FD1-2F24-4274-8C01-813F5AD1A92D}
Windows Live Messenger-->MsiExec.exe /X{50300123-F8FC-4B50-B449-E847D04F1BA2}
Windows Live Messenger-->MsiExec.exe /X{5D90ABE5-8A35-4947-8269-6F40BCE47A95}
Windows Live Messenger-->MsiExec.exe /X{5F6E678A-7E61-448A-86CB-BC2AD1E04138}
Windows Live Messenger-->MsiExec.exe /X{6057E21C-ABE9-4059-AE3E-3BEB9925E660}
Windows Live Messenger-->MsiExec.exe /X{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}
Windows Live Messenger-->MsiExec.exe /X{6986737B-F286-40D1-87AF-938339DCF6AB}
Windows Live Messenger-->MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2}
Windows Live Messenger-->MsiExec.exe /X{6D30E864-46AE-435B-8230-8B5D42B4AE37}
Windows Live Messenger-->MsiExec.exe /X{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}
Windows Live Messenger-->MsiExec.exe /X{709E38A9-7F80-4598-96CC-44B0D553FECE}
Windows Live Messenger-->MsiExec.exe /X{7F6021AE-E688-4D03-843A-C2260482BA0D}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}
Windows Live Messenger-->MsiExec.exe /X{D54A52A8-DF24-4CE8-850B-074CA47DFA74}
Windows Live Messenger-->MsiExec.exe /X{E7688C7D-DE09-4D43-9785-534EDE9BC18E}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live Messenger-->MsiExec.exe /X{EE492B20-FB15-4A98-883C-3054354A11F8}
Windows Live Messenger-->MsiExec.exe /X{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}
Windows Live Messenger-->MsiExec.exe /X{F694D1F7-1F12-4550-9B7A-C871273ABAD5}
Windows Live Messenger-->MsiExec.exe /X{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{133D9D67-D475-4407-AC3C-D558087B2453}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{226F0D93-76DE-4F1C-B14D-DE10443ADB60}
Windows Live Movie Maker-->MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}
Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker-->MsiExec.exe /X{640798A0-A4FB-4C52-AC72-755134767F1E}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}
Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
Windows Live Movie Maker-->MsiExec.exe /X{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}
Windows Live Movie Maker-->MsiExec.exe /X{71527C7C-5289-4CB2-88C9-23344C0FF6C1}
Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker-->MsiExec.exe /X{7465A996-0FCA-4D2D-A52C-F833B0829B5B}
Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}
Windows Live Movie Maker-->MsiExec.exe /X{BF022D76-9F72-4203-B8FA-6522DC66DFDA}
Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Movie Maker-->MsiExec.exe /X{CD442136-9115-4236-9C14-278F6A9DCB3F}
Windows Live Movie Maker-->MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}
Windows Live Movie Maker-->MsiExec.exe /X{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}
Windows Live Movie Maker-->MsiExec.exe /X{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}
Windows Live Movie Maker-->MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF105207-8423-4E13-B0B1-50753170B245}
Windows Live Movie Maker-->MsiExec.exe /X{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{120C160F-F53D-4A15-A873-E79BF5B98B48}
Windows Live Photo Common-->MsiExec.exe /X{168E7302-890A-4138-9109-A225ACAF7AD1}
Windows Live Photo Common-->MsiExec.exe /X{28B9D2D8-4304-483F-AD71-51890A063A74}
Windows Live Photo Common-->MsiExec.exe /X{29373E24-AC72-424E-8F2A-FB0F9436F21F}
Windows Live Photo Common-->MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB}
Windows Live Photo Common-->MsiExec.exe /X{4D83F339-5A5C-4B21-8FD3-5D407B981E72}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{73FC3510-6421-40F7-9503-EDAE4D0CF70D}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}
Windows Live Photo Common-->MsiExec.exe /X{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}
Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common-->MsiExec.exe /X{85373DA7-834E-4850-8AF5-1D99F7526857}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}
Windows Live Photo Common-->MsiExec.exe /X{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}
Windows Live Photo Common-->MsiExec.exe /X{B33B61FE-701F-425F-98AB-2B85725CBF68}
Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common-->MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}
Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}
Windows Live Photo Common-->MsiExec.exe /X{CD7CB1E6-267A-408F-877D-B532AD2C882E}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Common-->MsiExec.exe /X{F0F5D89A-197C-495B-827E-3E98B811CD2E}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live Photo Gallery-->MsiExec.exe /X{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}
Windows Live Photo Gallery-->MsiExec.exe /X{861B1145-7762-4794-B40C-3FF0A389DFE6}
Windows Live Photo Gallery-->MsiExec.exe /X{885F1BCD-C344-4758-85BD-09640CF449A5}
Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live Photo Gallery-->MsiExec.exe /X{CF671BFE-6BA3-44E7-98C1-500D9C51D947}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}
Windows Live Remote Client Resources-->MsiExec.exe /I{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}
Windows Live Remote Client Resources-->MsiExec.exe /I{2C1A6191-9804-4FDC-AB01-6F9183C91A13}
Windows Live Remote Client Resources-->MsiExec.exe /I{2F304EF4-0C31-47F4-8557-0641AAE4197C}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client Resources-->MsiExec.exe /I{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}
Windows Live Remote Client Resources-->MsiExec.exe /I{4C2E49C0-9276-4324-841D-774CCCE5DB48}
Windows Live Remote Client Resources-->MsiExec.exe /I{5F44A3A1-5D24-4708-8776-66B42B174C64}
Windows Live Remote Client Resources-->MsiExec.exe /I{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}
Windows Live Remote Client Resources-->MsiExec.exe /I{692CCE55-9EAE-4F57-A834-092882E7FE0B}
Windows Live Remote Client Resources-->MsiExec.exe /I{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}
Windows Live Remote Client Resources-->MsiExec.exe /I{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client Resources-->MsiExec.exe /I{850B8072-2EA7-4EDC-B930-7FE569495E76}
Windows Live Remote Client Resources-->MsiExec.exe /I{8970AE69-40BE-4058-9916-0ACB1B974A3D}
Windows Live Remote Client Resources-->MsiExec.exe /I{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}
Windows Live Remote Client Resources-->MsiExec.exe /I{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}
Windows Live Remote Client Resources-->MsiExec.exe /I{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}
Windows Live Remote Client Resources-->MsiExec.exe /I{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}
Windows Live Remote Client Resources-->MsiExec.exe /I{B680A663-1A15-47A5-A07C-7DF9A97558B7}
Windows Live Remote Client Resources-->MsiExec.exe /I{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
Windows Live Remote Client Resources-->MsiExec.exe /I{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}
Windows Live Remote Client Resources-->MsiExec.exe /I{C9F05151-95A9-4B9B-B534-1760E2D014A5}
Windows Live Remote Client Resources-->MsiExec.exe /I{CFF3C688-2198-4BC3-A399-598226949C39}
Windows Live Remote Client Resources-->MsiExec.exe /I{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}
Windows Live Remote Client Resources-->MsiExec.exe /I{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}
Windows Live Remote Client Resources-->MsiExec.exe /I{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}
Windows Live Remote Client Resources-->MsiExec.exe /I{ED421F97-E1C3-4E78-9F54-A53888215D58}
Windows Live Remote Client Resources-->MsiExec.exe /I{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{0919C44F-F18A-4E3B-A737-03685272CE72}
Windows Live Remote Service Resources-->MsiExec.exe /I{1553D712-B35F-4A82-BC72-D6B11A94BE3E}
Windows Live Remote Service Resources-->MsiExec.exe /I{1685AE50-97ED-485B-80F6-145071EE14B0}
Windows Live Remote Service Resources-->MsiExec.exe /I{17A4FD95-A507-43F1-BC92-D8572AF8340A}
Windows Live Remote Service Resources-->MsiExec.exe /I{19F09425-3C20-4730-9E2A-FC2E17C9F362}
Windows Live Remote Service Resources-->MsiExec.exe /I{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service Resources-->MsiExec.exe /I{350FD0E7-175A-4F86-84EF-05B77FCD7161}
Windows Live Remote Service Resources-->MsiExec.exe /I{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}
Windows Live Remote Service Resources-->MsiExec.exe /I{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}
Windows Live Remote Service Resources-->MsiExec.exe /I{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5E2CD4FB-4538-4831-8176-05D653C3E6D4}
Windows Live Remote Service Resources-->MsiExec.exe /I{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}
Windows Live Remote Service Resources-->MsiExec.exe /I{61407251-7F7D-4303-810D-226A04D5CFF3}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service Resources-->MsiExec.exe /I{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}
Windows Live Remote Service Resources-->MsiExec.exe /I{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}
Windows Live Remote Service Resources-->MsiExec.exe /I{7AEC844D-448A-455E-A34E-E1032196BBCD}
Windows Live Remote Service Resources-->MsiExec.exe /I{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}
Windows Live Remote Service Resources-->MsiExec.exe /I{97A295A7-8840-4B35-BB61-27A8F4512CA3}
Windows Live Remote Service Resources-->MsiExec.exe /I{9E9C960F-7F47-46D5-A95D-950B354DE2B8}
Windows Live Remote Service Resources-->MsiExec.exe /I{A508D5A2-3AC1-4594-A718-A663D6D3CF11}
Windows Live Remote Service Resources-->MsiExec.exe /I{A679FBE4-BA2D-4514-8834-030982C8B31A}
Windows Live Remote Service Resources-->MsiExec.exe /I{D3E4F422-7E0F-49C7-8B00-F42490D7A385}
Windows Live Remote Service Resources-->MsiExec.exe /I{D930AF5C-5193-4616-887D-B974CEFC4970}
Windows Live Remote Service Resources-->MsiExec.exe /I{EFB20CF5-1A6D-41F3-8895-223346CE6291}
Windows Live Remote Service Resources-->MsiExec.exe /I{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}
Windows Live Remote Service Resources-->MsiExec.exe /I{FAA3933C-6F0D-4350-B66B-9D7F7031343E}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Temel Parçalar-->MsiExec.exe /I{1203DC60-D9BD-44F9-B372-2B8F227E6094}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{128133D3-037A-4C62-B1B7-55666A10587A}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{20381A8A-808E-4A53-B6CD-AD2B85E16365}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{24DF33E0-F924-4D0D-9B96-11F28F0D602D}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{40BFD84C-64CD-42CC-9909-8734C50429C6}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{523DF2BB-3A85-4047-9898-29DC8AEB7E69}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5495E9A4-501A-4D4C-87C9-E80916CA9478}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{7327080F-6673-421F-BBD9-B618F357EEB3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{8CF5D47D-27B7-49D6-A14F-10550B92749D}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D299197D-CDEA-41A6-A363-F532DE4114FD}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{DF71ABBB-B834-41C0-BB58-80B0545D754C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E5DD4723-FE0B-436E-A815-DC23CF902A0B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer Resources-->MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}
Windows Live Writer Resources-->MsiExec.exe /X{2511AAD7-82DF-4B97-B0B3-E1B933317010}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}
Windows Live Writer Resources-->MsiExec.exe /X{3125D9DE-8D7A-4987-95F3-8A42389833D8}
Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources-->MsiExec.exe /X{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}
Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}
Windows Live Writer Resources-->MsiExec.exe /X{6807427D-8D68-4D30-AF5B-0B38F8F948C8}
Windows Live Writer Resources-->MsiExec.exe /X{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}
Windows Live Writer Resources-->MsiExec.exe /X{734104DE-C2BF-412F-BB97-FCCE1EC94229}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}
Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources-->MsiExec.exe /X{7FF11E53-C002-4F40-8D68-6BE751E5DD62}
Windows Live Writer Resources-->MsiExec.exe /X{8E285C75-9BE2-4349-972B-DECDDF472656}
Windows Live Writer Resources-->MsiExec.exe /X{93E464B3-D075-4989-87FD-A828B5C308B1}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources-->MsiExec.exe /X{C29FC15D-E84B-4EEC-8505-4DED94414C59}
Windows Live Writer Resources-->MsiExec.exe /X{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer Resources-->MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}
Windows Live Writer Resources-->MsiExec.exe /X{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}
Windows Live Writer Resources-->MsiExec.exe /X{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}
Windows Live Writer Resources-->MsiExec.exe /X{F52C5BE7-3F57-464E-8A54-908402E43CE8}
Windows Live Writer-->MsiExec.exe /X{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}
Windows Live Writer-->MsiExec.exe /X{1A82AE99-84D3-486D-BAD6-675982603E14}
Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer-->MsiExec.exe /X{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}
Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78}
Windows Live Writer-->MsiExec.exe /X{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}
Windows Live Writer-->MsiExec.exe /X{4D7BAC8A-51B8-4243-8567-1415C4272D13}
Windows Live Writer-->MsiExec.exe /X{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}
Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer-->MsiExec.exe /X{71A81378-79D5-40CC-9BDC-380642D1A87F}
Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer-->MsiExec.exe /X{804DE397-F82C-4867-9085-E0AA539A3294}
Windows Live Writer-->MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{B3BE54A4-8DFE-4593-8E66-56AB7133B812}
Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer-->MsiExec.exe /X{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}
Windows Live Writer-->MsiExec.exe /X{DA29F644-2420-4448-8128-1331BE588999}
Windows Live Writer-->MsiExec.exe /X{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}
Windows Live Writer-->MsiExec.exe /X{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live Writer-->MsiExec.exe /X{E62E0550-C098-43A2-B54B-03FB1E634483}
Windows Live Writer-->MsiExec.exe /X{E8524B28-3BBB-4763-AC83-0E83FE31C350}
Windows Live 影像中心-->MsiExec.exe /X{EEF99142-3357-402C-B298-DEC303E12D92}
Windows Live 程式集-->MsiExec.exe /I{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}
Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
Windows Liven asennustyökalu-->MsiExec.exe /I{8909CFA8-97BF-4077-AC0F-6925243FFE08}
Windows Liven sähköposti-->MsiExec.exe /I{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}
Windows Liven valokuvavalikoima-->MsiExec.exe /X{1A72337E-D126-4BAF-AC89-E6122DB71866}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
World of Tanks v.0.6.7-->"C:\Games\World_of_Tanks\unins000.exe"
Zuma Deluxe-->"C:\Program Files (x86)\Acer Games\Zuma Deluxe\uninstall\uninstaller.exe"
Συλλογή φωτογραφιών του Windows Live-->MsiExec.exe /X{C00C2A91-6CB3-483F-80B3-2958E29468F1}
Основные компоненты Windows Live-->MsiExec.exe /I{E83DC314-C926-4214-AD58-147691D6FE9F}
Почта Windows Live-->MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}
Фотоальбом Windows Live-->MsiExec.exe /X{77F69CA1-E53D-4D77-8BA3-FA07606CC851}
Фотогалерия на Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}
גלריית התמונות של Windows Live-->MsiExec.exe /X{CE929F09-3853-4180-BD90-30764BFF7136}
بريد Windows Live-->MsiExec.exe /I{0A4C4B29-5A9D-4910-A13C-B920D5758744}
معرض صور Windows Live-->MsiExec.exe /X{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}
======System event log======
Computer Name: WIN-LLTP7N0CL1M
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z auto start na disabled.
Record Number: 1957
Source Name: Service Control Manager
Time Written: 20110902082547.382863-000
Event Type: Informace
User: breta-PC\Administrator
Computer Name: WIN-LLTP7N0CL1M
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: running
Record Number: 1956
Source Name: Service Control Manager
Time Written: 20110902082542.546855-000
Event Type: Informace
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 1955
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.749655-000
Event Type: Informace
User: breta-PC\Administrator
Computer Name: WIN-LLTP7N0CL1M
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 1954
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.718455-000
Event Type: Informace
User: breta-PC\Administrator
Computer Name: WIN-LLTP7N0CL1M
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 1953
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.702855-000
Event Type: Informace
User: breta-PC\Administrator
=====Application event log=====
Computer Name: breta-PC
Event Code: 4107
Message: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Record Number: 3120
Source Name: Microsoft-Windows-CAPI2
Time Written: 20110902082744.977658-000
Event Type: Chyba
User:
Computer Name: breta-PC
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.
Record Number: 3119
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110902082652.123377-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: WIN-LLTP7N0CL1M
Event Code: 1003
Message: Služba Windows Search byla spuštěna.
Record Number: 3118
Source Name: Microsoft-Windows-Search
Time Written: 20110902082548.000000-000
Event Type: Informace
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.
Record Number: 3117
Source Name: Microsoft-Windows-Search
Time Written: 20110902082548.000000-000
Event Type: Informace
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 103
Message: Windows (3060) Windows: Databázový stroj zastavil instanci (0).
Record Number: 3116
Source Name: ESENT
Time Written: 20110902082547.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-LLTP7N0CL1M$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x288
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 634
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082549.941268-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 633
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082548.459265-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-LLTP7N0CL1M$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x288
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 632
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082548.459265-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 4738
Message: Byl změněn uživatelský účet.
Předmět:
ID zabezpečení: S-1-5-21-2857410691-1841422624-3118752077-500
Název účtu: Administrator
Doména účtu: WIN-LLTP7N0CL1M
ID přihlášení: 0x3e81f
Cílový účet:
ID zabezpečení: S-1-5-21-2857410691-1841422624-3118752077-500
Název účtu: Administrator
Doména účtu: WIN-LLTP7N0CL1M
Změněné atributy:
Název účtu SAM: -
Zobrazovaný název: -
Zaregistrovaný název uživatele: -
Domovský adresář: -
Domovská jednotka: -
Cesta skriptu: -
Cesta profilu: -
Pracovní stanice uživatele: -
Poslední nastavení hesla: -
Vypršení platnosti účtu: -
ID primární skupiny: -
Povolené delegování: -
Původní hodnota UAC: 0x211
Nová hodnota UAC: 0x211
Řízení účtu uživatele: -
Parametry uživatele: -
Historie identifikátoru zabezpečení: -
Přihlašovací hodiny: -
Další informace:
Oprávnění: -
Record Number: 631
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110902082547.008463-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-LLTP7N0CL1M
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2857410691-1841422624-3118752077-500
Název účtu: Administrator
Název domény: WIN-LLTP7N0CL1M
ID přihlášení: 0x3e81f
Record Number: 630
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110902082542.718455-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
-----------------EOF-----------------
Re: pomale pc, pada..programy neodpovidaji
ten jsem zde již vložil v uvodu, druhy log nese nazev log a je zde.... Logfile of random's system information tool 1.09 (written by random/random)
Run by breta at 2011-10-30 10:26:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 313 GB (68%) free of 461 GB
Total RAM: 3767 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:51, on 30.10.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\breta.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Corsair Add-on - {B4FBA8C3-2083-4ED8-A35B-148478739826} - C:\Program Files (x86)\Corsair Addon\corsair.DLL
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\breta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2857410691-1841422624-3118752077-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2857410691-1841422624-3118752077-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C57EE067-1884-40E5-BEE5-056EA2CA7DDF}: NameServer = 213.192.40.6,77.48.255.255
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O24 - Desktop Component 0: (no name) - http://mail.centrum.cz/img/js76dfa9/ego.orig.js
--
End of file - 11153 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=4928.00A056E0.1683335240 --ignored=" --type=renderer " /prefetch:3
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=4928.00A53840.674484259 /prefetch:3
taskeng.exe {5E89D8DF-E717-4B9D-95FC-5AAF7D3AD125}
"C:\Users\breta\Documents\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Acer Registration - Reminder Recall task.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{B4FBA8C3-2083-4ED8-A35B-148478739826} - Corsair Add-on - C:\Program Files (x86)\Corsair Addon\corsair.DLL [2011-09-22 797184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-07-23 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-07-23 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-07-23 415256]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-01-05 860040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2011-06-17 266496]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
C:\Users\breta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-20 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-10-30 10:26:32 ----D---- C:\rsit
2011-10-30 10:26:32 ----D---- C:\Program Files\trend micro
2011-10-28 10:17:43 ----D---- C:\Users\breta\AppData\Roaming\Audacity
2011-10-28 07:18:07 ----D---- C:\Users\breta\AppData\Roaming\wargaming.net
2011-10-28 06:47:18 ----D---- C:\Games
2011-10-27 15:07:05 ----D---- C:\Users\breta\AppData\Roaming\Allstar
2011-10-26 13:02:14 ----D---- C:\Program Files (x86)\GamePark
2011-10-19 12:13:10 ----A---- C:\Windows\SYSWOW64\shortcut_ex.dat
2011-10-18 16:34:49 ----D---- C:\Program Files\CCleaner
2011-10-18 16:22:54 ----D---- C:\Program Files (x86)\Corsair Addon
2011-10-18 16:17:37 ----D---- C:\Users\breta\AppData\Roaming\BatteryBar
2011-10-18 16:17:37 ----D---- C:\Program Files\BatteryBar
2011-10-13 18:05:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-13 18:05:19 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-13 18:05:18 ----A---- C:\Windows\system32\iertutil.dll
2011-10-13 18:05:17 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-13 18:05:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-13 18:05:17 ----A---- C:\Windows\system32\url.dll
2011-10-13 18:05:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-13 18:05:16 ----A---- C:\Windows\system32\urlmon.dll
2011-10-13 18:05:15 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-13 18:05:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-13 18:05:14 ----A---- C:\Windows\system32\wininet.dll
2011-10-13 18:05:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-13 18:05:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-10-13 18:05:12 ----A---- C:\Windows\system32\jscript9.dll
2011-10-13 18:05:12 ----A---- C:\Windows\system32\ieui.dll
2011-10-13 18:05:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-10-13 18:05:10 ----A---- C:\Windows\system32\jscript.dll
2011-10-13 18:05:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-13 18:05:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-13 18:05:05 ----A---- C:\Windows\system32\mshtml.dll
2011-10-13 18:05:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-13 18:05:01 ----A---- C:\Windows\system32\ieframe.dll
2011-10-13 17:17:11 ----A---- C:\Windows\system32\win32k.sys
2011-10-13 17:17:01 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-13 17:17:00 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-13 17:16:36 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-13 17:16:36 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-13 17:16:36 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-13 17:16:36 ----A---- C:\Windows\system32\oleacc.dll
2011-10-06 16:29:15 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-10-06 16:29:15 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-10-06 16:29:14 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\aswBoot.exe
2011-10-06 16:29:02 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-10-06 16:29:02 ----A---- C:\Windows\avastSS.scr
2011-10-06 16:28:53 ----D---- C:\ProgramData\AVAST Software
2011-10-06 16:28:53 ----D---- C:\Program Files\AVAST Software
2011-10-03 19:34:38 ----D---- C:\Users\breta\AppData\Roaming\Windows Live Writer
2011-10-03 16:55:51 ----D---- C:\Users\breta\AppData\Roaming\Nitro PDF
2011-10-03 16:55:09 ----A---- C:\Windows\system32\nitrolocalui.dll
2011-10-03 16:55:08 ----A---- C:\Windows\system32\nitrolocalmon.dll
2011-10-03 16:54:51 ----D---- C:\ProgramData\Nitro PDF
2011-10-03 16:54:50 ----D---- C:\Program Files\Common Files\Nitro PDF
2011-10-03 16:54:48 ----D---- C:\Program Files (x86)\Nitro PDF
2011-10-03 16:52:19 ----D---- C:\Users\breta\AppData\Roaming\Downloaded Installations
2011-10-01 21:52:24 ----D---- C:\PFiles
2011-10-01 16:55:07 ----D---- C:\ProgramData\Wild Tangent
======List of files/folders modified in the last 1 month======
2011-10-30 10:28:50 ----D---- C:\Windows\Temp
2011-10-30 10:26:32 ----RD---- C:\Program Files
2011-10-30 10:19:26 ----D---- C:\Windows\SysWOW64
2011-10-30 10:19:23 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-10-30 10:11:50 ----D---- C:\Windows\system32\config
2011-10-30 10:06:29 ----D---- C:\Windows\System32
2011-10-30 10:06:29 ----D---- C:\Windows\inf
2011-10-30 10:06:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-30 10:01:37 ----A---- C:\Windows\SYSWOW64\log.txt
2011-10-28 19:47:31 ----AD---- C:\Windows
2011-10-28 18:41:22 ----D---- C:\Users\breta\AppData\Roaming\SoftGrid Client
2011-10-28 18:40:52 ----D---- C:\Windows\Logs
2011-10-28 15:36:30 ----D---- C:\Windows\Registration
2011-10-28 10:24:55 ----RD---- C:\Program Files (x86)
2011-10-28 10:23:48 ----D---- C:\Windows\Prefetch
2011-10-28 07:08:55 ----SD---- C:\Users\breta\AppData\Roaming\Microsoft
2011-10-28 07:08:04 ----SHD---- C:\Windows\Installer
2011-10-28 07:07:01 ----RSD---- C:\Windows\assembly
2011-10-28 07:06:20 ----SHD---- C:\System Volume Information
2011-10-27 20:36:24 ----D---- C:\Users\breta\AppData\Roaming\Skype
2011-10-27 19:53:59 ----D---- C:\Program Files (x86)\Garena Classic
2011-10-27 16:39:23 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-10-27 16:19:13 ----HD---- C:\ProgramData
2011-10-27 16:10:07 ----A---- C:\Windows\game.ini
2011-10-27 16:03:28 ----D---- C:\Users\breta\AppData\Roaming\DAEMON Tools Lite
2011-10-26 11:40:38 ----D---- C:\Windows\winsxs
2011-10-26 10:26:44 ----D---- C:\Windows\system32\catroot2
2011-10-26 10:26:44 ----D---- C:\Windows\system32\catroot
2011-10-25 23:00:22 ----D---- C:\Windows\Tasks
2011-10-24 20:02:08 ----D---- C:\Windows\system32\NDF
2011-10-20 20:13:55 ----D---- C:\Windows\Microsoft.NET
2011-10-18 18:48:31 ----D---- C:\Windows\system32\Tasks
2011-10-18 18:48:25 ----RD---- C:\Program Files (x86)\Skype
2011-10-18 18:48:20 ----D---- C:\ProgramData\Skype
2011-10-18 18:46:44 ----D---- C:\Windows\Panther
2011-10-18 18:46:43 ----D---- C:\Windows\debug
2011-10-18 15:01:32 ----D---- C:\breta
2011-10-18 15:00:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-18 14:37:29 ----D---- C:\Debatiáda 3.-5. 6. 2011
2011-10-16 08:57:05 ----D---- C:\Windows\system32\wdi
2011-10-15 16:48:27 ----D---- C:\Windows\system32\drivers
2011-10-15 15:41:53 ----SD---- C:\ProgramData\Microsoft
2011-10-14 20:24:41 ----D---- C:\Program Files (x86)\Activision
2011-10-14 17:33:33 ----D---- C:\hry
2011-10-14 17:21:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-13 21:02:43 ----D---- C:\Windows\SYSWOW64\migration
2011-10-13 21:02:43 ----D---- C:\Windows\system32\migration
2011-10-13 21:02:43 ----D---- C:\Windows\ehome
2011-10-13 21:02:43 ----D---- C:\Program Files\Internet Explorer
2011-10-13 21:02:43 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-13 18:12:45 ----A---- C:\Windows\system32\MRT.exe
2011-10-08 20:14:01 ----HD---- C:\ProgramData\EgisTec
2011-10-07 20:29:19 ----D---- C:\ProgramData\WildTangent
2011-10-06 16:26:12 ----D---- C:\ProgramData\McAfee
2011-10-06 16:26:12 ----D---- C:\Program Files\Common Files
2011-10-06 16:24:09 ----D---- C:\Windows\system32\DriverStore
2011-10-03 16:54:48 ----D---- C:\Program Files (x86)\Common Files
2011-10-01 14:21:25 ----D---- C:\Windows\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-04-13 540696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-22 270912]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-21 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-21 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-21 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-20 10603904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Classic\safedrv.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-09-22 243712]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 nlsX86cc;NLS Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-10-27 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-02 655624]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-21 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Run by breta at 2011-10-30 10:26:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 313 GB (68%) free of 461 GB
Total RAM: 3767 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:51, on 30.10.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\breta.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Corsair Add-on - {B4FBA8C3-2083-4ED8-A35B-148478739826} - C:\Program Files (x86)\Corsair Addon\corsair.DLL
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\breta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2857410691-1841422624-3118752077-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2857410691-1841422624-3118752077-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C57EE067-1884-40E5-BEE5-056EA2CA7DDF}: NameServer = 213.192.40.6,77.48.255.255
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O24 - Desktop Component 0: (no name) - http://mail.centrum.cz/img/js76dfa9/ego.orig.js
--
End of file - 11153 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=4928.00A056E0.1683335240 --ignored=" --type=renderer " /prefetch:3
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=4928.00A53840.674484259 /prefetch:3
taskeng.exe {5E89D8DF-E717-4B9D-95FC-5AAF7D3AD125}
"C:\Users\breta\Documents\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Acer Registration - Reminder Recall task.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{B4FBA8C3-2083-4ED8-A35B-148478739826} - Corsair Add-on - C:\Program Files (x86)\Corsair Addon\corsair.DLL [2011-09-22 797184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-07-23 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-07-23 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-07-23 415256]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-01-05 860040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2011-06-17 266496]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
C:\Users\breta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-20 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-10-30 10:26:32 ----D---- C:\rsit
2011-10-30 10:26:32 ----D---- C:\Program Files\trend micro
2011-10-28 10:17:43 ----D---- C:\Users\breta\AppData\Roaming\Audacity
2011-10-28 07:18:07 ----D---- C:\Users\breta\AppData\Roaming\wargaming.net
2011-10-28 06:47:18 ----D---- C:\Games
2011-10-27 15:07:05 ----D---- C:\Users\breta\AppData\Roaming\Allstar
2011-10-26 13:02:14 ----D---- C:\Program Files (x86)\GamePark
2011-10-19 12:13:10 ----A---- C:\Windows\SYSWOW64\shortcut_ex.dat
2011-10-18 16:34:49 ----D---- C:\Program Files\CCleaner
2011-10-18 16:22:54 ----D---- C:\Program Files (x86)\Corsair Addon
2011-10-18 16:17:37 ----D---- C:\Users\breta\AppData\Roaming\BatteryBar
2011-10-18 16:17:37 ----D---- C:\Program Files\BatteryBar
2011-10-13 18:05:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-13 18:05:19 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-13 18:05:18 ----A---- C:\Windows\system32\iertutil.dll
2011-10-13 18:05:17 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-13 18:05:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-13 18:05:17 ----A---- C:\Windows\system32\url.dll
2011-10-13 18:05:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-13 18:05:16 ----A---- C:\Windows\system32\urlmon.dll
2011-10-13 18:05:15 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-13 18:05:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-13 18:05:14 ----A---- C:\Windows\system32\wininet.dll
2011-10-13 18:05:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-13 18:05:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-10-13 18:05:12 ----A---- C:\Windows\system32\jscript9.dll
2011-10-13 18:05:12 ----A---- C:\Windows\system32\ieui.dll
2011-10-13 18:05:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-10-13 18:05:10 ----A---- C:\Windows\system32\jscript.dll
2011-10-13 18:05:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-13 18:05:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-13 18:05:05 ----A---- C:\Windows\system32\mshtml.dll
2011-10-13 18:05:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-13 18:05:01 ----A---- C:\Windows\system32\ieframe.dll
2011-10-13 17:17:11 ----A---- C:\Windows\system32\win32k.sys
2011-10-13 17:17:01 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-13 17:17:00 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-13 17:16:36 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-13 17:16:36 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-13 17:16:36 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-13 17:16:36 ----A---- C:\Windows\system32\oleacc.dll
2011-10-06 16:29:15 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-10-06 16:29:15 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-10-06 16:29:14 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\aswBoot.exe
2011-10-06 16:29:02 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-10-06 16:29:02 ----A---- C:\Windows\avastSS.scr
2011-10-06 16:28:53 ----D---- C:\ProgramData\AVAST Software
2011-10-06 16:28:53 ----D---- C:\Program Files\AVAST Software
2011-10-03 19:34:38 ----D---- C:\Users\breta\AppData\Roaming\Windows Live Writer
2011-10-03 16:55:51 ----D---- C:\Users\breta\AppData\Roaming\Nitro PDF
2011-10-03 16:55:09 ----A---- C:\Windows\system32\nitrolocalui.dll
2011-10-03 16:55:08 ----A---- C:\Windows\system32\nitrolocalmon.dll
2011-10-03 16:54:51 ----D---- C:\ProgramData\Nitro PDF
2011-10-03 16:54:50 ----D---- C:\Program Files\Common Files\Nitro PDF
2011-10-03 16:54:48 ----D---- C:\Program Files (x86)\Nitro PDF
2011-10-03 16:52:19 ----D---- C:\Users\breta\AppData\Roaming\Downloaded Installations
2011-10-01 21:52:24 ----D---- C:\PFiles
2011-10-01 16:55:07 ----D---- C:\ProgramData\Wild Tangent
======List of files/folders modified in the last 1 month======
2011-10-30 10:28:50 ----D---- C:\Windows\Temp
2011-10-30 10:26:32 ----RD---- C:\Program Files
2011-10-30 10:19:26 ----D---- C:\Windows\SysWOW64
2011-10-30 10:19:23 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-10-30 10:11:50 ----D---- C:\Windows\system32\config
2011-10-30 10:06:29 ----D---- C:\Windows\System32
2011-10-30 10:06:29 ----D---- C:\Windows\inf
2011-10-30 10:06:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-30 10:01:37 ----A---- C:\Windows\SYSWOW64\log.txt
2011-10-28 19:47:31 ----AD---- C:\Windows
2011-10-28 18:41:22 ----D---- C:\Users\breta\AppData\Roaming\SoftGrid Client
2011-10-28 18:40:52 ----D---- C:\Windows\Logs
2011-10-28 15:36:30 ----D---- C:\Windows\Registration
2011-10-28 10:24:55 ----RD---- C:\Program Files (x86)
2011-10-28 10:23:48 ----D---- C:\Windows\Prefetch
2011-10-28 07:08:55 ----SD---- C:\Users\breta\AppData\Roaming\Microsoft
2011-10-28 07:08:04 ----SHD---- C:\Windows\Installer
2011-10-28 07:07:01 ----RSD---- C:\Windows\assembly
2011-10-28 07:06:20 ----SHD---- C:\System Volume Information
2011-10-27 20:36:24 ----D---- C:\Users\breta\AppData\Roaming\Skype
2011-10-27 19:53:59 ----D---- C:\Program Files (x86)\Garena Classic
2011-10-27 16:39:23 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-10-27 16:19:13 ----HD---- C:\ProgramData
2011-10-27 16:10:07 ----A---- C:\Windows\game.ini
2011-10-27 16:03:28 ----D---- C:\Users\breta\AppData\Roaming\DAEMON Tools Lite
2011-10-26 11:40:38 ----D---- C:\Windows\winsxs
2011-10-26 10:26:44 ----D---- C:\Windows\system32\catroot2
2011-10-26 10:26:44 ----D---- C:\Windows\system32\catroot
2011-10-25 23:00:22 ----D---- C:\Windows\Tasks
2011-10-24 20:02:08 ----D---- C:\Windows\system32\NDF
2011-10-20 20:13:55 ----D---- C:\Windows\Microsoft.NET
2011-10-18 18:48:31 ----D---- C:\Windows\system32\Tasks
2011-10-18 18:48:25 ----RD---- C:\Program Files (x86)\Skype
2011-10-18 18:48:20 ----D---- C:\ProgramData\Skype
2011-10-18 18:46:44 ----D---- C:\Windows\Panther
2011-10-18 18:46:43 ----D---- C:\Windows\debug
2011-10-18 15:01:32 ----D---- C:\breta
2011-10-18 15:00:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-18 14:37:29 ----D---- C:\Debatiáda 3.-5. 6. 2011
2011-10-16 08:57:05 ----D---- C:\Windows\system32\wdi
2011-10-15 16:48:27 ----D---- C:\Windows\system32\drivers
2011-10-15 15:41:53 ----SD---- C:\ProgramData\Microsoft
2011-10-14 20:24:41 ----D---- C:\Program Files (x86)\Activision
2011-10-14 17:33:33 ----D---- C:\hry
2011-10-14 17:21:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-13 21:02:43 ----D---- C:\Windows\SYSWOW64\migration
2011-10-13 21:02:43 ----D---- C:\Windows\system32\migration
2011-10-13 21:02:43 ----D---- C:\Windows\ehome
2011-10-13 21:02:43 ----D---- C:\Program Files\Internet Explorer
2011-10-13 21:02:43 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-13 18:12:45 ----A---- C:\Windows\system32\MRT.exe
2011-10-08 20:14:01 ----HD---- C:\ProgramData\EgisTec
2011-10-07 20:29:19 ----D---- C:\ProgramData\WildTangent
2011-10-06 16:26:12 ----D---- C:\ProgramData\McAfee
2011-10-06 16:26:12 ----D---- C:\Program Files\Common Files
2011-10-06 16:24:09 ----D---- C:\Windows\system32\DriverStore
2011-10-03 16:54:48 ----D---- C:\Program Files (x86)\Common Files
2011-10-01 14:21:25 ----D---- C:\Windows\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-04-13 540696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-22 270912]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-21 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-21 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-21 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-20 10603904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Classic\safedrv.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-09-22 243712]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 nlsX86cc;NLS Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-10-27 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-02 655624]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-21 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: pomale pc, pada..programy neodpovidaji
Preventivně mrkneme na havěť 
Malwarebytes' Anti-Malware 
Malwarebytes' Anti-Malware
- Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
- Vybereme Úplná kontrola a klikneme na tlačítko Prohledat
- Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
- Objeví se vám log,který mi sem vložte
- NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: pomale pc, pada..programy neodpovidaji
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Verze databáze: 8047
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
30.10.2011 20:14:26
mbam-log-2011-10-30 (20-14-19).txt
Typ kontroly: Úplný test (C:\|Q:\|)
Testované objekty: 361999
Uplynulý čas: 43 minut, 58 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{B4FBA8C3-2083-4ED8-A35B-148478739826} (Redir.ZWink) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\CORSAIR (Redir.ZWink) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Corsair Addon (Redir.ZWink) -> No action taken.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B4FBA8C3-2083-4ED8-A35B-148478739826} (Redir.ZWink) -> Value: {B4FBA8C3-2083-4ED8-A35B-148478739826} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B4FBA8C3-2083-4ED8-A35B-148478739826} (Redir.ZWink) -> Value: {B4FBA8C3-2083-4ED8-A35B-148478739826} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Corsair\search_domain (Redir.ZWink) -> Value: search_domain -> No action taken.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\Qoobox\quarantine\C\program files (x86)\corsair addon\corsair.dll.vir (Redir.ZWink) -> No action taken.
c:\Qoobox\quarantine\C\program files (x86)\corsair addon\uninstall.exe.vir (Redir.ZWink) -> No action taken.
www.malwarebytes.org
Verze databáze: 8047
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
30.10.2011 20:14:26
mbam-log-2011-10-30 (20-14-19).txt
Typ kontroly: Úplný test (C:\|Q:\|)
Testované objekty: 361999
Uplynulý čas: 43 minut, 58 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{B4FBA8C3-2083-4ED8-A35B-148478739826} (Redir.ZWink) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\CORSAIR (Redir.ZWink) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Corsair Addon (Redir.ZWink) -> No action taken.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B4FBA8C3-2083-4ED8-A35B-148478739826} (Redir.ZWink) -> Value: {B4FBA8C3-2083-4ED8-A35B-148478739826} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B4FBA8C3-2083-4ED8-A35B-148478739826} (Redir.ZWink) -> Value: {B4FBA8C3-2083-4ED8-A35B-148478739826} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Corsair\search_domain (Redir.ZWink) -> Value: search_domain -> No action taken.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\Qoobox\quarantine\C\program files (x86)\corsair addon\corsair.dll.vir (Redir.ZWink) -> No action taken.
c:\Qoobox\quarantine\C\program files (x86)\corsair addon\uninstall.exe.vir (Redir.ZWink) -> No action taken.
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: pomale pc, pada..programy neodpovidaji
Nalezené položky dejte smazat.. odinstalujte všechny nepotřebné toolbary..
Vy jste používal Combofix?
Nebezpeči Combofixu
Vy jste používal Combofix? Nebezpeči Combofixu
- Program je primárně určený pro rádce,takže svévolným použitím ztrácíte nárok na pomoc
- Maže stopy po veškeré havěti,takže když ho použijete sami,tak v RSITU nic nejde vidět
- Výsledný log je potřeba doluštit a dočistit,protože Combofix neumí mazat vše
- Combofix může mít chybu,zboří vám systém a pokud nevíte,kam ukládá své zálohy a jak je obnovit,tak vás čeká reinstall systému
- Combofix nekontroluje důležité knihovny(například hall.dll)
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: pomale pc, pada..programy neodpovidaji
pouze na scan......sam do ničeho nechodim......soubory smazany
zde log...
ComboFix 11-10-30.02 - breta 30.10.2011 18:49:18.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2308 [GMT 1:00]
Spuštěný z: c:\users\breta\Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Corsair Addon
c:\program files (x86)\Corsair Addon\corsair.dll
c:\program files (x86)\Corsair Addon\uninstall.exe
c:\programdata\dxsetup.exe
c:\users\Public\Documents\NTILiveUpdateV9.dll
c:\users\Public\Documents\NTIMMV9Acer.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-30 )))))))))))))))))))))))))))))))
.
.
2011-10-30 17:55 . 2011-10-30 17:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-10-30 17:55 . 2011-10-30 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-30 14:41 . 2011-10-30 14:41 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{898FC72A-CF57-4F14-AF95-BC3CF75396AC}\offreg.dll
2011-10-30 09:26 . 2011-10-30 09:28 -------- d-----w- C:\rsit
2011-10-30 09:26 . 2011-10-30 09:28 -------- d-----w- c:\program files\trend micro
2011-10-28 09:17 . 2011-10-28 09:24 -------- d-----w- c:\users\breta\AppData\Roaming\Audacity
2011-10-28 06:18 . 2011-10-28 06:25 -------- d-----w- c:\users\breta\AppData\Roaming\wargaming.net
2011-10-28 05:54 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{898FC72A-CF57-4F14-AF95-BC3CF75396AC}\mpengine.dll
2011-10-28 05:47 . 2011-10-28 05:47 -------- d-----w- C:\Games
2011-10-27 18:15 . 2011-10-30 09:19 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-10-27 14:07 . 2011-10-27 14:07 -------- d-----w- c:\users\breta\AppData\Roaming\Allstar
2011-10-26 12:02 . 2011-10-26 12:02 -------- d-----w- c:\program files (x86)\GamePark
2011-10-26 09:37 . 2011-10-26 09:37 -------- d-----w- c:\users\breta\AppData\Local\CrashRpt
2011-10-18 17:46 . 2011-10-27 15:03 -------- d-sh--w- c:\users\breta\UserData
2011-10-18 15:34 . 2011-10-18 15:34 -------- d-----w- c:\program files\CCleaner
2011-10-18 15:17 . 2011-10-18 15:41 -------- d-----w- c:\users\breta\AppData\Roaming\BatteryBar
2011-10-18 15:17 . 2011-10-18 15:17 -------- d-----w- c:\program files\BatteryBar
2011-10-15 15:13 . 2011-10-15 15:13 -------- d-----w- c:\users\Public\OEM
2011-10-13 16:17 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 16:17 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 16:17 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-13 16:17 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 16:17 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-13 16:16 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 16:16 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 16:16 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-13 16:16 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-06 15:29 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-06 15:29 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-06 15:29 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-06 15:29 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-06 15:29 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-06 15:29 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-06 15:29 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-10-06 15:29 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-06 15:29 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-10-06 15:28 . 2011-10-06 15:28 -------- d-----w- c:\programdata\AVAST Software
2011-10-06 15:28 . 2011-10-06 15:28 -------- d-----w- c:\program files\AVAST Software
2011-10-03 18:34 . 2011-10-16 16:07 -------- d-----w- c:\users\breta\AppData\Local\Windows Live Writer
2011-10-03 18:34 . 2011-10-03 18:49 -------- d-----w- c:\users\breta\AppData\Roaming\Windows Live Writer
2011-10-03 15:55 . 2011-10-30 11:01 -------- d-----w- c:\users\breta\AppData\Roaming\Nitro PDF
2011-10-03 15:55 . 2011-09-24 13:02 17216 ----a-w- c:\windows\system32\nitrolocalui.dll
2011-10-03 15:55 . 2011-09-24 13:02 28992 ----a-w- c:\windows\system32\nitrolocalmon.dll
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\programdata\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files\Common Files\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files (x86)\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
2011-10-03 15:52 . 2011-10-03 15:52 -------- d-----w- c:\users\breta\AppData\Roaming\Downloaded Installations
2011-10-01 20:52 . 2011-10-01 20:52 -------- d-----w- C:\PFiles
2011-10-01 18:53 . 2011-10-01 18:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-10-01 18:53 . 2011-10-01 18:53 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-10-01 15:55 . 2011-10-01 15:55 -------- d-----w- c:\programdata\Wild Tangent
2011-10-01 11:05 . 2011-10-01 11:05 -------- d-----w- c:\users\breta\AppData\Local\EgisTec
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 09:19 . 2011-09-22 18:05 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-30 09:18 . 2011-09-22 18:05 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-10-27 15:39 . 2011-09-22 18:05 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-10-20 15:34 . 2011-09-22 19:57 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-09-28 10:09 . 2011-09-28 10:09 282624 ----a-r- c:\windows\Setup1.exe
2011-09-28 10:09 . 2011-09-28 10:09 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-09-28 10:09 . 2011-09-28 10:09 102400 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2011-09-24 13:03 . 2011-09-24 13:03 68928 ----a-w- c:\windows\SysWow64\NLSSRV32.EXE
2011-09-22 16:38 . 2011-09-22 16:38 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-09-20 21:41 . 2011-09-20 21:41 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-09-20 21:41 . 2011-09-20 21:41 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-09-20 21:41 . 2011-09-20 21:41 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-09-20 21:41 . 2011-09-20 21:41 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-09-20 21:41 . 2011-09-20 21:41 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-09-20 21:41 . 2011-09-20 21:41 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-09-20 21:41 . 2011-09-20 21:41 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-09-20 21:41 . 2011-09-20 21:41 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-09-20 21:41 . 2011-09-20 21:41 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-09-20 21:41 . 2011-09-20 21:41 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-09-20 21:41 . 2011-09-20 21:41 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-09-20 21:41 . 2011-09-20 21:41 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-09-20 21:41 . 2011-09-20 21:41 448512 ----a-w- c:\windows\system32\html.iec
2011-09-20 21:41 . 2011-09-20 21:41 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-09-20 21:41 . 2011-09-20 21:41 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-09-20 21:41 . 2011-09-20 21:41 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-09-20 21:41 . 2011-09-20 21:41 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-20 21:41 . 2011-09-20 21:41 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-09-20 21:41 . 2011-09-20 21:41 222208 ----a-w- c:\windows\system32\msls31.dll
2011-09-20 21:41 . 2011-09-20 21:41 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-20 21:41 . 2011-09-20 21:41 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-09-20 21:41 . 2011-09-20 21:41 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-09-20 21:41 . 2011-09-20 21:41 160256 ----a-w- c:\windows\system32\wextract.exe
2011-09-20 21:41 . 2011-09-20 21:41 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-09-20 21:41 . 2011-09-20 21:41 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-09-20 21:41 . 2011-09-20 21:41 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-20 21:41 . 2011-09-20 21:41 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-09-20 21:41 . 2011-09-20 21:41 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-09-20 21:41 . 2011-09-20 21:41 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-09-20 21:41 . 2011-09-20 21:41 12288 ----a-w- c:\windows\system32\mshta.exe
2011-09-20 21:41 . 2011-09-20 21:41 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-09-20 21:41 . 2011-09-20 21:41 114176 ----a-w- c:\windows\system32\admparse.dll
2011-09-20 21:41 . 2011-09-20 21:41 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-20 21:41 . 2011-09-20 21:41 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-09-20 21:41 . 2011-09-20 21:41 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-09-20 21:41 . 2011-09-20 21:41 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-09-20 19:46 . 2011-09-20 19:46 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-20 18:44 . 2011-09-20 18:44 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-09-20 17:20 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-09-02 08:29 . 2011-09-02 08:29 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2011-09-02 08:29 . 2011-09-02 08:29 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2011-09-02 08:03 . 2011-09-02 08:03 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-09-02 08:03 . 2011-09-02 08:03 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-09-02 08:03 . 2011-09-02 08:03 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2011-06-17 266496]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\breta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-30 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2011-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001Core.job
- c:\users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 17:26]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001UA.job
- c:\users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 17:26]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 860040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60347
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{C57EE067-1884-40E5-BEE5-056EA2CA7DDF}: NameServer = 213.192.40.6,77.48.255.255
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-{B4FBA8C3-2083-4ED8-A35B-148478739826} - c:\program files (x86)\Corsair Addon\corsair.DLL
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Corsair Addon - c:\program files (x86)\Corsair Addon\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-10-30 18:57:49
ComboFix-quarantined-files.txt 2011-10-30 17:57
.
Před spuštěním: Volných bajtů: 329 904 119 808
Po spuštění: Volných bajtů: 333 322 686 464
.
- - End Of File - - 96D69C08624A2B6120D95F6A2688E57C
zde log...
ComboFix 11-10-30.02 - breta 30.10.2011 18:49:18.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2308 [GMT 1:00]
Spuštěný z: c:\users\breta\Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Corsair Addon
c:\program files (x86)\Corsair Addon\corsair.dll
c:\program files (x86)\Corsair Addon\uninstall.exe
c:\programdata\dxsetup.exe
c:\users\Public\Documents\NTILiveUpdateV9.dll
c:\users\Public\Documents\NTIMMV9Acer.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-30 )))))))))))))))))))))))))))))))
.
.
2011-10-30 17:55 . 2011-10-30 17:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-10-30 17:55 . 2011-10-30 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-30 14:41 . 2011-10-30 14:41 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{898FC72A-CF57-4F14-AF95-BC3CF75396AC}\offreg.dll
2011-10-30 09:26 . 2011-10-30 09:28 -------- d-----w- C:\rsit
2011-10-30 09:26 . 2011-10-30 09:28 -------- d-----w- c:\program files\trend micro
2011-10-28 09:17 . 2011-10-28 09:24 -------- d-----w- c:\users\breta\AppData\Roaming\Audacity
2011-10-28 06:18 . 2011-10-28 06:25 -------- d-----w- c:\users\breta\AppData\Roaming\wargaming.net
2011-10-28 05:54 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{898FC72A-CF57-4F14-AF95-BC3CF75396AC}\mpengine.dll
2011-10-28 05:47 . 2011-10-28 05:47 -------- d-----w- C:\Games
2011-10-27 18:15 . 2011-10-30 09:19 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-10-27 14:07 . 2011-10-27 14:07 -------- d-----w- c:\users\breta\AppData\Roaming\Allstar
2011-10-26 12:02 . 2011-10-26 12:02 -------- d-----w- c:\program files (x86)\GamePark
2011-10-26 09:37 . 2011-10-26 09:37 -------- d-----w- c:\users\breta\AppData\Local\CrashRpt
2011-10-18 17:46 . 2011-10-27 15:03 -------- d-sh--w- c:\users\breta\UserData
2011-10-18 15:34 . 2011-10-18 15:34 -------- d-----w- c:\program files\CCleaner
2011-10-18 15:17 . 2011-10-18 15:41 -------- d-----w- c:\users\breta\AppData\Roaming\BatteryBar
2011-10-18 15:17 . 2011-10-18 15:17 -------- d-----w- c:\program files\BatteryBar
2011-10-15 15:13 . 2011-10-15 15:13 -------- d-----w- c:\users\Public\OEM
2011-10-13 16:17 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 16:17 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 16:17 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-13 16:17 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 16:17 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-13 16:16 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 16:16 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 16:16 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-13 16:16 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-06 15:29 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-06 15:29 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-06 15:29 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-06 15:29 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-06 15:29 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-06 15:29 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-06 15:29 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-10-06 15:29 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-06 15:29 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-10-06 15:28 . 2011-10-06 15:28 -------- d-----w- c:\programdata\AVAST Software
2011-10-06 15:28 . 2011-10-06 15:28 -------- d-----w- c:\program files\AVAST Software
2011-10-03 18:34 . 2011-10-16 16:07 -------- d-----w- c:\users\breta\AppData\Local\Windows Live Writer
2011-10-03 18:34 . 2011-10-03 18:49 -------- d-----w- c:\users\breta\AppData\Roaming\Windows Live Writer
2011-10-03 15:55 . 2011-10-30 11:01 -------- d-----w- c:\users\breta\AppData\Roaming\Nitro PDF
2011-10-03 15:55 . 2011-09-24 13:02 17216 ----a-w- c:\windows\system32\nitrolocalui.dll
2011-10-03 15:55 . 2011-09-24 13:02 28992 ----a-w- c:\windows\system32\nitrolocalmon.dll
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\programdata\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files\Common Files\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files (x86)\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
2011-10-03 15:52 . 2011-10-03 15:52 -------- d-----w- c:\users\breta\AppData\Roaming\Downloaded Installations
2011-10-01 20:52 . 2011-10-01 20:52 -------- d-----w- C:\PFiles
2011-10-01 18:53 . 2011-10-01 18:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-10-01 18:53 . 2011-10-01 18:53 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-10-01 15:55 . 2011-10-01 15:55 -------- d-----w- c:\programdata\Wild Tangent
2011-10-01 11:05 . 2011-10-01 11:05 -------- d-----w- c:\users\breta\AppData\Local\EgisTec
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 09:19 . 2011-09-22 18:05 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-30 09:18 . 2011-09-22 18:05 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-10-27 15:39 . 2011-09-22 18:05 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-10-20 15:34 . 2011-09-22 19:57 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-09-28 10:09 . 2011-09-28 10:09 282624 ----a-r- c:\windows\Setup1.exe
2011-09-28 10:09 . 2011-09-28 10:09 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-09-28 10:09 . 2011-09-28 10:09 102400 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2011-09-24 13:03 . 2011-09-24 13:03 68928 ----a-w- c:\windows\SysWow64\NLSSRV32.EXE
2011-09-22 16:38 . 2011-09-22 16:38 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-09-20 21:41 . 2011-09-20 21:41 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-09-20 21:41 . 2011-09-20 21:41 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-09-20 21:41 . 2011-09-20 21:41 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-09-20 21:41 . 2011-09-20 21:41 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-09-20 21:41 . 2011-09-20 21:41 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-09-20 21:41 . 2011-09-20 21:41 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-09-20 21:41 . 2011-09-20 21:41 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-09-20 21:41 . 2011-09-20 21:41 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-09-20 21:41 . 2011-09-20 21:41 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-09-20 21:41 . 2011-09-20 21:41 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-09-20 21:41 . 2011-09-20 21:41 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-09-20 21:41 . 2011-09-20 21:41 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-09-20 21:41 . 2011-09-20 21:41 448512 ----a-w- c:\windows\system32\html.iec
2011-09-20 21:41 . 2011-09-20 21:41 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-09-20 21:41 . 2011-09-20 21:41 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-09-20 21:41 . 2011-09-20 21:41 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-09-20 21:41 . 2011-09-20 21:41 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-20 21:41 . 2011-09-20 21:41 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-09-20 21:41 . 2011-09-20 21:41 222208 ----a-w- c:\windows\system32\msls31.dll
2011-09-20 21:41 . 2011-09-20 21:41 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-20 21:41 . 2011-09-20 21:41 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-09-20 21:41 . 2011-09-20 21:41 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-09-20 21:41 . 2011-09-20 21:41 160256 ----a-w- c:\windows\system32\wextract.exe
2011-09-20 21:41 . 2011-09-20 21:41 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-09-20 21:41 . 2011-09-20 21:41 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-09-20 21:41 . 2011-09-20 21:41 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-20 21:41 . 2011-09-20 21:41 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-09-20 21:41 . 2011-09-20 21:41 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-09-20 21:41 . 2011-09-20 21:41 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-09-20 21:41 . 2011-09-20 21:41 12288 ----a-w- c:\windows\system32\mshta.exe
2011-09-20 21:41 . 2011-09-20 21:41 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-09-20 21:41 . 2011-09-20 21:41 114176 ----a-w- c:\windows\system32\admparse.dll
2011-09-20 21:41 . 2011-09-20 21:41 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-20 21:41 . 2011-09-20 21:41 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-09-20 21:41 . 2011-09-20 21:41 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-09-20 21:41 . 2011-09-20 21:41 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-09-20 19:46 . 2011-09-20 19:46 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-20 18:44 . 2011-09-20 18:44 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-09-20 17:20 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-09-02 08:29 . 2011-09-02 08:29 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2011-09-02 08:29 . 2011-09-02 08:29 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2011-09-02 08:03 . 2011-09-02 08:03 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-09-02 08:03 . 2011-09-02 08:03 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-09-02 08:03 . 2011-09-02 08:03 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2011-06-17 266496]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\breta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-30 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2011-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001Core.job
- c:\users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 17:26]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001UA.job
- c:\users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 17:26]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 860040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60347
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{C57EE067-1884-40E5-BEE5-056EA2CA7DDF}: NameServer = 213.192.40.6,77.48.255.255
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-{B4FBA8C3-2083-4ED8-A35B-148478739826} - c:\program files (x86)\Corsair Addon\corsair.DLL
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Corsair Addon - c:\program files (x86)\Corsair Addon\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-10-30 18:57:49
ComboFix-quarantined-files.txt 2011-10-30 17:57
.
Před spuštěním: Volných bajtů: 329 904 119 808
Po spuštění: Volných bajtů: 333 322 686 464
.
- - End Of File - - 96D69C08624A2B6120D95F6A2688E57C
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: pomale pc, pada..programy neodpovidaji
Jen tak na scan? děláte si srandu? tohle není hračka... 
Naposledy.. na scan si pořiďte SUPERAntispyware a skenujte si s ním aj 10 krát za sebou 
Otevřeme si Poznámkový blok 
Může se stát,že po aplikaci scriptu nenaběhne Windows běžným způsobem.V tomto případě restartujte počítač a při startu mačkejte F8 a zvolte možnost Poslední známá funkční konfigurace
Naposledy.. na scan si pořiďte SUPERAntispyware a skenujte si s ním aj 10 krát za sebou Otevřeme si Poznámkový blok
- (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
- Vložíme do něj následující script:
Kód: Vybrat vše
KillAll:: RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] DDS:: uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60347 mStart Page = hxxp://acer.msn.com Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=- "HotKeysCmds"=- "Persistence"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=- Reboot:: - Soubor uložíme na Plochu jako CFScript.txt
- Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme
- Poté Combofix provede všechny operace a udělá nový log,který sem vložte
Může se stát,že po aplikaci scriptu nenaběhne Windows běžným způsobem.V tomto případě restartujte počítač a při startu mačkejte F8 a zvolte možnost Poslední známá funkční konfiguraceNapiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: pomale pc, pada..programy neodpovidaji
ntb bylo treba restartovat...nic nešlo hlasilo to všechno neplatny klič v registrech..po restartu zmizaly poznamky,ale jinak to vypada ok...jestli ale zmizely i problemy nevim..... log :
ComboFix 11-10-30.02 - breta 30.10.2011 20:46:50.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.1990 [GMT 1:00]
Spuštěný z: c:\users\breta\Documents\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\breta\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-30 )))))))))))))))))))))))))))))))
.
.
2011-10-30 19:52 . 2011-10-30 19:52 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-10-30 19:52 . 2011-10-30 19:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-30 18:24 . 2011-10-30 18:24 -------- d-----w- c:\users\breta\AppData\Roaming\Malwarebytes
2011-10-30 18:23 . 2010-11-29 16:42 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-10-30 18:23 . 2011-10-30 18:23 -------- d-----w- c:\programdata\Malwarebytes
2011-10-30 18:23 . 2010-11-29 16:42 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-30 18:23 . 2011-10-30 19:14 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-30 09:26 . 2011-10-30 09:28 -------- d-----w- C:\rsit
2011-10-30 09:26 . 2011-10-30 09:28 -------- d-----w- c:\program files\trend micro
2011-10-28 09:17 . 2011-10-28 09:24 -------- d-----w- c:\users\breta\AppData\Roaming\Audacity
2011-10-28 06:18 . 2011-10-28 06:25 -------- d-----w- c:\users\breta\AppData\Roaming\wargaming.net
2011-10-28 05:54 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{898FC72A-CF57-4F14-AF95-BC3CF75396AC}\mpengine.dll
2011-10-28 05:47 . 2011-10-28 05:47 -------- d-----w- C:\Games
2011-10-27 18:15 . 2011-10-30 09:19 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-10-27 14:07 . 2011-10-27 14:07 -------- d-----w- c:\users\breta\AppData\Roaming\Allstar
2011-10-26 12:02 . 2011-10-26 12:02 -------- d-----w- c:\program files (x86)\GamePark
2011-10-26 09:37 . 2011-10-26 09:37 -------- d-----w- c:\users\breta\AppData\Local\CrashRpt
2011-10-18 17:46 . 2011-10-27 15:03 -------- d-sh--w- c:\users\breta\UserData
2011-10-18 15:34 . 2011-10-18 15:34 -------- d-----w- c:\program files\CCleaner
2011-10-18 15:17 . 2011-10-30 19:55 -------- d-----w- c:\users\breta\AppData\Roaming\BatteryBar
2011-10-18 15:17 . 2011-10-18 15:17 -------- d-----w- c:\program files\BatteryBar
2011-10-15 15:13 . 2011-10-15 15:13 -------- d-----w- c:\users\Public\OEM
2011-10-13 16:17 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 16:17 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 16:17 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-13 16:17 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 16:17 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-13 16:16 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 16:16 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 16:16 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-13 16:16 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-06 15:29 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-06 15:29 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-06 15:29 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-06 15:29 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-06 15:29 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-06 15:29 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-06 15:29 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-10-06 15:29 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-06 15:29 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-10-06 15:28 . 2011-10-06 15:28 -------- d-----w- c:\programdata\AVAST Software
2011-10-06 15:28 . 2011-10-06 15:28 -------- d-----w- c:\program files\AVAST Software
2011-10-03 18:34 . 2011-10-16 16:07 -------- d-----w- c:\users\breta\AppData\Local\Windows Live Writer
2011-10-03 18:34 . 2011-10-03 18:49 -------- d-----w- c:\users\breta\AppData\Roaming\Windows Live Writer
2011-10-03 15:55 . 2011-10-30 11:01 -------- d-----w- c:\users\breta\AppData\Roaming\Nitro PDF
2011-10-03 15:55 . 2011-09-24 13:02 17216 ----a-w- c:\windows\system32\nitrolocalui.dll
2011-10-03 15:55 . 2011-09-24 13:02 28992 ----a-w- c:\windows\system32\nitrolocalmon.dll
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\programdata\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files\Common Files\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files (x86)\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
2011-10-03 15:52 . 2011-10-03 15:52 -------- d-----w- c:\users\breta\AppData\Roaming\Downloaded Installations
2011-10-01 20:52 . 2011-10-01 20:52 -------- d-----w- C:\PFiles
2011-10-01 18:53 . 2011-10-01 18:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-10-01 18:53 . 2011-10-01 18:53 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-10-01 15:55 . 2011-10-01 15:55 -------- d-----w- c:\programdata\Wild Tangent
2011-10-01 11:05 . 2011-10-01 11:05 -------- d-----w- c:\users\breta\AppData\Local\EgisTec
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 19:56 . 2011-10-30 19:56 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{898FC72A-CF57-4F14-AF95-BC3CF75396AC}\offreg.dll
2011-10-30 09:19 . 2011-09-22 18:05 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-30 09:18 . 2011-09-22 18:05 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-10-27 15:39 . 2011-09-22 18:05 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-10-20 15:34 . 2011-09-22 19:57 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-09-28 10:09 . 2011-09-28 10:09 282624 ----a-r- c:\windows\Setup1.exe
2011-09-28 10:09 . 2011-09-28 10:09 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-09-28 10:09 . 2011-09-28 10:09 102400 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2011-09-24 13:03 . 2011-09-24 13:03 68928 ----a-w- c:\windows\SysWow64\NLSSRV32.EXE
2011-09-22 16:38 . 2011-09-22 16:38 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-09-20 21:41 . 2011-09-20 21:41 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-09-20 21:41 . 2011-09-20 21:41 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-09-20 21:41 . 2011-09-20 21:41 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-09-20 21:41 . 2011-09-20 21:41 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-09-20 21:41 . 2011-09-20 21:41 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-09-20 21:41 . 2011-09-20 21:41 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-09-20 21:41 . 2011-09-20 21:41 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-09-20 21:41 . 2011-09-20 21:41 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-09-20 21:41 . 2011-09-20 21:41 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-09-20 21:41 . 2011-09-20 21:41 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-09-20 21:41 . 2011-09-20 21:41 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-09-20 21:41 . 2011-09-20 21:41 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-09-20 21:41 . 2011-09-20 21:41 448512 ----a-w- c:\windows\system32\html.iec
2011-09-20 21:41 . 2011-09-20 21:41 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-09-20 21:41 . 2011-09-20 21:41 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-09-20 21:41 . 2011-09-20 21:41 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-09-20 21:41 . 2011-09-20 21:41 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-20 21:41 . 2011-09-20 21:41 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-09-20 21:41 . 2011-09-20 21:41 222208 ----a-w- c:\windows\system32\msls31.dll
2011-09-20 21:41 . 2011-09-20 21:41 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-20 21:41 . 2011-09-20 21:41 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-09-20 21:41 . 2011-09-20 21:41 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-09-20 21:41 . 2011-09-20 21:41 160256 ----a-w- c:\windows\system32\wextract.exe
2011-09-20 21:41 . 2011-09-20 21:41 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-09-20 21:41 . 2011-09-20 21:41 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-09-20 21:41 . 2011-09-20 21:41 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-20 21:41 . 2011-09-20 21:41 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-09-20 21:41 . 2011-09-20 21:41 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-09-20 21:41 . 2011-09-20 21:41 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-09-20 21:41 . 2011-09-20 21:41 12288 ----a-w- c:\windows\system32\mshta.exe
2011-09-20 21:41 . 2011-09-20 21:41 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-09-20 21:41 . 2011-09-20 21:41 114176 ----a-w- c:\windows\system32\admparse.dll
2011-09-20 21:41 . 2011-09-20 21:41 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-20 21:41 . 2011-09-20 21:41 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-09-20 21:41 . 2011-09-20 21:41 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-09-20 21:41 . 2011-09-20 21:41 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-09-20 19:46 . 2011-09-20 19:46 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-20 18:44 . 2011-09-20 18:44 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-09-20 17:20 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-09-02 08:29 . 2011-09-02 08:29 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2011-09-02 08:29 . 2011-09-02 08:29 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2011-09-02 08:03 . 2011-09-02 08:03 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-09-02 08:03 . 2011-09-02 08:03 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-09-02 08:03 . 2011-09-02 08:03 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-30_17.55.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-10-30 19:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-10-30 14:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-10-30 14:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-30 19:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-30 14:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-30 19:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-10-30 14:39 . 2011-10-30 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-30 19:53 . 2011-10-30 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-30 14:39 . 2011-10-30 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-30 19:53 . 2011-10-30 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-24 09:41 . 2011-10-30 19:13 243326 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2011-10-30 18:07 616452 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-10-30 17:07 616452 c:\windows\system32\perfh009.dat
+ 2011-09-02 08:31 . 2011-10-30 18:07 631736 c:\windows\system32\perfh005.dat
- 2011-09-02 08:31 . 2011-10-30 17:07 631736 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-10-30 18:07 106574 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-10-30 17:07 106574 c:\windows\system32\perfc009.dat
+ 2011-09-02 08:31 . 2011-10-30 18:07 122100 c:\windows\system32\perfc005.dat
- 2011-09-02 08:31 . 2011-10-30 17:07 122100 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2011-10-30 13:03 273876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-10-30 19:53 273876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-09-20 22:10 . 2011-10-30 19:53 3573020 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2857410691-1841422624-3118752077-1001-8192.dat
- 2011-09-20 22:10 . 2011-10-30 12:27 3573020 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2857410691-1841422624-3118752077-1001-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2011-06-17 266496]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\breta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-30 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001Core.job
- c:\users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 17:26]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001UA.job
- c:\users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 17:26]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 860040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{C57EE067-1884-40E5-BEE5-056EA2CA7DDF}: NameServer = 213.192.40.6,77.48.255.255
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2011-10-30 21:03:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-30 20:03
ComboFix2.txt 2011-10-30 17:57
.
Před spuštěním: Volných bajtů: 333 055 098 880
Po spuštění: Volných bajtů: 332 990 242 816
.
- - End Of File - - 76622DD2EDE10B6426229E8121E45416
hlasilo to všechno neplatny klič v registrech..po restartu zmizaly poznamky,ale jinak to vypada ok...jestli ale zmizely i problemy nevim..... log :ComboFix 11-10-30.02 - breta 30.10.2011 20:46:50.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.1990 [GMT 1:00]
Spuštěný z: c:\users\breta\Documents\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\breta\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-30 )))))))))))))))))))))))))))))))
.
.
2011-10-30 19:52 . 2011-10-30 19:52 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-10-30 19:52 . 2011-10-30 19:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-30 18:24 . 2011-10-30 18:24 -------- d-----w- c:\users\breta\AppData\Roaming\Malwarebytes
2011-10-30 18:23 . 2010-11-29 16:42 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-10-30 18:23 . 2011-10-30 18:23 -------- d-----w- c:\programdata\Malwarebytes
2011-10-30 18:23 . 2010-11-29 16:42 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-30 18:23 . 2011-10-30 19:14 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-30 09:26 . 2011-10-30 09:28 -------- d-----w- C:\rsit
2011-10-30 09:26 . 2011-10-30 09:28 -------- d-----w- c:\program files\trend micro
2011-10-28 09:17 . 2011-10-28 09:24 -------- d-----w- c:\users\breta\AppData\Roaming\Audacity
2011-10-28 06:18 . 2011-10-28 06:25 -------- d-----w- c:\users\breta\AppData\Roaming\wargaming.net
2011-10-28 05:54 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{898FC72A-CF57-4F14-AF95-BC3CF75396AC}\mpengine.dll
2011-10-28 05:47 . 2011-10-28 05:47 -------- d-----w- C:\Games
2011-10-27 18:15 . 2011-10-30 09:19 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-10-27 14:07 . 2011-10-27 14:07 -------- d-----w- c:\users\breta\AppData\Roaming\Allstar
2011-10-26 12:02 . 2011-10-26 12:02 -------- d-----w- c:\program files (x86)\GamePark
2011-10-26 09:37 . 2011-10-26 09:37 -------- d-----w- c:\users\breta\AppData\Local\CrashRpt
2011-10-18 17:46 . 2011-10-27 15:03 -------- d-sh--w- c:\users\breta\UserData
2011-10-18 15:34 . 2011-10-18 15:34 -------- d-----w- c:\program files\CCleaner
2011-10-18 15:17 . 2011-10-30 19:55 -------- d-----w- c:\users\breta\AppData\Roaming\BatteryBar
2011-10-18 15:17 . 2011-10-18 15:17 -------- d-----w- c:\program files\BatteryBar
2011-10-15 15:13 . 2011-10-15 15:13 -------- d-----w- c:\users\Public\OEM
2011-10-13 16:17 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 16:17 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 16:17 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-13 16:17 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 16:17 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-13 16:16 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 16:16 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 16:16 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-13 16:16 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-06 15:29 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-06 15:29 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-06 15:29 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-06 15:29 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-06 15:29 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-06 15:29 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-06 15:29 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-10-06 15:29 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-06 15:29 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-10-06 15:28 . 2011-10-06 15:28 -------- d-----w- c:\programdata\AVAST Software
2011-10-06 15:28 . 2011-10-06 15:28 -------- d-----w- c:\program files\AVAST Software
2011-10-03 18:34 . 2011-10-16 16:07 -------- d-----w- c:\users\breta\AppData\Local\Windows Live Writer
2011-10-03 18:34 . 2011-10-03 18:49 -------- d-----w- c:\users\breta\AppData\Roaming\Windows Live Writer
2011-10-03 15:55 . 2011-10-30 11:01 -------- d-----w- c:\users\breta\AppData\Roaming\Nitro PDF
2011-10-03 15:55 . 2011-09-24 13:02 17216 ----a-w- c:\windows\system32\nitrolocalui.dll
2011-10-03 15:55 . 2011-09-24 13:02 28992 ----a-w- c:\windows\system32\nitrolocalmon.dll
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\programdata\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files\Common Files\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files (x86)\Nitro PDF
2011-10-03 15:54 . 2011-10-03 15:54 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
2011-10-03 15:52 . 2011-10-03 15:52 -------- d-----w- c:\users\breta\AppData\Roaming\Downloaded Installations
2011-10-01 20:52 . 2011-10-01 20:52 -------- d-----w- C:\PFiles
2011-10-01 18:53 . 2011-10-01 18:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-10-01 18:53 . 2011-10-01 18:53 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-10-01 15:55 . 2011-10-01 15:55 -------- d-----w- c:\programdata\Wild Tangent
2011-10-01 11:05 . 2011-10-01 11:05 -------- d-----w- c:\users\breta\AppData\Local\EgisTec
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 19:56 . 2011-10-30 19:56 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{898FC72A-CF57-4F14-AF95-BC3CF75396AC}\offreg.dll
2011-10-30 09:19 . 2011-09-22 18:05 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-30 09:18 . 2011-09-22 18:05 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-10-27 15:39 . 2011-09-22 18:05 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-10-20 15:34 . 2011-09-22 19:57 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-09-28 10:09 . 2011-09-28 10:09 282624 ----a-r- c:\windows\Setup1.exe
2011-09-28 10:09 . 2011-09-28 10:09 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-09-28 10:09 . 2011-09-28 10:09 102400 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2011-09-24 13:03 . 2011-09-24 13:03 68928 ----a-w- c:\windows\SysWow64\NLSSRV32.EXE
2011-09-22 16:38 . 2011-09-22 16:38 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-09-20 21:41 . 2011-09-20 21:41 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-09-20 21:41 . 2011-09-20 21:41 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-09-20 21:41 . 2011-09-20 21:41 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-09-20 21:41 . 2011-09-20 21:41 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-09-20 21:41 . 2011-09-20 21:41 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-09-20 21:41 . 2011-09-20 21:41 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-09-20 21:41 . 2011-09-20 21:41 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-09-20 21:41 . 2011-09-20 21:41 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-09-20 21:41 . 2011-09-20 21:41 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-09-20 21:41 . 2011-09-20 21:41 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-09-20 21:41 . 2011-09-20 21:41 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-09-20 21:41 . 2011-09-20 21:41 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-09-20 21:41 . 2011-09-20 21:41 448512 ----a-w- c:\windows\system32\html.iec
2011-09-20 21:41 . 2011-09-20 21:41 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-09-20 21:41 . 2011-09-20 21:41 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-09-20 21:41 . 2011-09-20 21:41 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-09-20 21:41 . 2011-09-20 21:41 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-20 21:41 . 2011-09-20 21:41 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-09-20 21:41 . 2011-09-20 21:41 222208 ----a-w- c:\windows\system32\msls31.dll
2011-09-20 21:41 . 2011-09-20 21:41 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-20 21:41 . 2011-09-20 21:41 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-09-20 21:41 . 2011-09-20 21:41 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-09-20 21:41 . 2011-09-20 21:41 160256 ----a-w- c:\windows\system32\wextract.exe
2011-09-20 21:41 . 2011-09-20 21:41 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-09-20 21:41 . 2011-09-20 21:41 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-09-20 21:41 . 2011-09-20 21:41 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-20 21:41 . 2011-09-20 21:41 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-09-20 21:41 . 2011-09-20 21:41 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-09-20 21:41 . 2011-09-20 21:41 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-09-20 21:41 . 2011-09-20 21:41 12288 ----a-w- c:\windows\system32\mshta.exe
2011-09-20 21:41 . 2011-09-20 21:41 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-09-20 21:41 . 2011-09-20 21:41 114176 ----a-w- c:\windows\system32\admparse.dll
2011-09-20 21:41 . 2011-09-20 21:41 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-20 21:41 . 2011-09-20 21:41 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-09-20 21:41 . 2011-09-20 21:41 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-09-20 21:41 . 2011-09-20 21:41 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-09-20 19:46 . 2011-09-20 19:46 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-20 18:44 . 2011-09-20 18:44 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-09-20 17:20 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-09-02 08:29 . 2011-09-02 08:29 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2011-09-02 08:29 . 2011-09-02 08:29 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2011-09-02 08:29 . 2011-09-02 08:29 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2011-09-02 08:03 . 2011-09-02 08:03 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-09-02 08:03 . 2011-09-02 08:03 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-09-02 08:03 . 2011-09-02 08:03 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-30_17.55.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-10-30 19:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-10-30 14:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-10-30 14:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-30 19:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-30 14:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-30 19:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-10-30 14:39 . 2011-10-30 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-30 19:53 . 2011-10-30 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-30 14:39 . 2011-10-30 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-30 19:53 . 2011-10-30 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-24 09:41 . 2011-10-30 19:13 243326 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2011-10-30 18:07 616452 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-10-30 17:07 616452 c:\windows\system32\perfh009.dat
+ 2011-09-02 08:31 . 2011-10-30 18:07 631736 c:\windows\system32\perfh005.dat
- 2011-09-02 08:31 . 2011-10-30 17:07 631736 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-10-30 18:07 106574 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-10-30 17:07 106574 c:\windows\system32\perfc009.dat
+ 2011-09-02 08:31 . 2011-10-30 18:07 122100 c:\windows\system32\perfc005.dat
- 2011-09-02 08:31 . 2011-10-30 17:07 122100 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2011-10-30 13:03 273876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-10-30 19:53 273876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-09-20 22:10 . 2011-10-30 19:53 3573020 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2857410691-1841422624-3118752077-1001-8192.dat
- 2011-09-20 22:10 . 2011-10-30 12:27 3573020 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2857410691-1841422624-3118752077-1001-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2011-06-17 266496]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\breta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-30 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001Core.job
- c:\users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 17:26]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001UA.job
- c:\users\breta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 17:26]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 860040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{C57EE067-1884-40E5-BEE5-056EA2CA7DDF}: NameServer = 213.192.40.6,77.48.255.255
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2011-10-30 21:03:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-30 20:03
ComboFix2.txt 2011-10-30 17:57
.
Před spuštěním: Volných bajtů: 333 055 098 880
Po spuštění: Volných bajtů: 332 990 242 816
.
- - End Of File - - 76622DD2EDE10B6426229E8121E45416
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: pomale pc, pada..programy neodpovidaji
Stáhněte si TDSSKiller
- Spuste program a klikněte na Start Scan
- Pokud program najde infikekci,tak ji bude lecit (Cure), povolte léčení kliknutím na tlačítko Continue
- Pokud program najde podezrely soubor (suspicious),bude ho chtít přeskočit (Skip), povolte přeskočení kliknutim na tlačítko Continue
- Po dokončení skenování bude možná potřeba restartovat počítač,ten povolíte programu kliknutím na tlačítko Reboot now
- Po restartování počítače na vás vyskočí log(pokud se tak nestane,tak ho najdete na disku,kde máte nainstalovaná systém s názvem TDSSKiller.xxxx_log.txt) a vložte mi sem jeho obsah
- Pokud nebude program požadovat restartování počítače,klikněte na tlačítko Close a následně na Report , čímž se Vám vytvoří log a jeho obsah mu sem vložte
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Uninstall a dejte enter 
T-Cleaner
- Spustíme,zmáčkneme klávesu A a potvrdíme ENTER(některé antiviry mohou detekovat utilitu jako vir-jedá se o falešný poplach,proto IGNOROVAT nebo dočasně vypnout antivir )
- po použití T-Cleaner smažte
TFC
- Stáhneme a spustíme program
- Klikneme na Start a potvrdíme OK
- Program začne uklízet,poté restartuje pc
- po použití program smažte
Údržba PC:
1)Čištění dočasných složek + neplatné registry
- Stáhneme a nainstalujeme program
- Spustíme program
- ČISTIČ
Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše a odškrkneme volbu Zbytky souborů v paměti
Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
>Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner - Registry
>Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
>Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
>opakujte dokud nebude registr bez problémů - Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)
Defraggler
- Stáhneme a nainstalujeme program
- Spustíme program
- Vybereme disk ( C:,D:..prostě který používáme)
- Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
- Proveďte se všemi používanými disky
- Provádíme 1x za měsíc
FileHippo.com Update Checker
- Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
- Spustíme program
- Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
- Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
>X Updates Detected..to jsou dostupné aktualizace..
> klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
> X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní - Provádíme 1x za 14 dní nebo jednou za měsíc
Jak se chová PC + nový RSITNapiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: pomale pc, pada..programy neodpovidaji
ccleaner použivam defragmentaci taky
log z kasperskeho : 21:30:38.0282 4580 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
21:30:38.0624 4580 ============================================================
21:30:38.0624 4580 Current date / time: 2011/10/30 21:30:38.0624
21:30:38.0624 4580 SystemInfo:
21:30:38.0624 4580
21:30:38.0624 4580 OS Version: 6.1.7601 ServicePack: 1.0
21:30:38.0624 4580 Product type: Workstation
21:30:38.0624 4580 ComputerName: BRETA-PC
21:30:38.0640 4580 UserName: breta
21:30:38.0640 4580 Windows directory: C:\Windows
21:30:38.0640 4580 System windows directory: C:\Windows
21:30:38.0640 4580 Running under WOW64
21:30:38.0640 4580 Processor architecture: Intel x64
21:30:38.0640 4580 Number of processors: 2
21:30:38.0640 4580 Page size: 0x1000
21:30:38.0640 4580 Boot type: Normal boot
21:30:38.0640 4580 ============================================================
21:30:43.0052 4580 Initialize success
21:30:45.0409 4600 ============================================================
21:30:45.0409 4600 Scan started
21:30:45.0409 4600 Mode: Manual;
21:30:45.0409 4600 ============================================================
21:30:46.0808 4600 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:30:46.0814 4600 1394ohci - ok
21:30:46.0896 4600 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:30:46.0901 4600 ACPI - ok
21:30:46.0957 4600 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:30:46.0959 4600 AcpiPmi - ok
21:30:47.0104 4600 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:30:47.0111 4600 adp94xx - ok
21:30:47.0176 4600 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:30:47.0182 4600 adpahci - ok
21:30:47.0424 4600 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:30:47.0429 4600 adpu320 - ok
21:30:47.0705 4600 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:30:47.0721 4600 AFD - ok
21:30:47.0986 4600 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:30:48.0002 4600 agp440 - ok
21:30:48.0126 4600 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:30:48.0126 4600 aliide - ok
21:30:48.0173 4600 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:30:48.0173 4600 amdide - ok
21:30:48.0220 4600 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:30:48.0220 4600 AmdK8 - ok
21:30:48.0407 4600 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:30:48.0407 4600 AmdPPM - ok
21:30:48.0470 4600 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:30:48.0470 4600 amdsata - ok
21:30:48.0548 4600 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:30:48.0548 4600 amdsbs - ok
21:30:48.0626 4600 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:30:48.0626 4600 amdxata - ok
21:30:48.0672 4600 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:30:48.0672 4600 AppID - ok
21:30:48.0785 4600 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:30:48.0788 4600 arc - ok
21:30:48.0831 4600 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:30:48.0833 4600 arcsas - ok
21:30:48.0917 4600 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
21:30:48.0917 4600 aswFsBlk - ok
21:30:48.0995 4600 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
21:30:48.0996 4600 aswMonFlt - ok
21:30:49.0066 4600 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
21:30:49.0067 4600 aswRdr - ok
21:30:49.0156 4600 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
21:30:49.0159 4600 aswSnx - ok
21:30:49.0398 4600 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
21:30:49.0402 4600 aswSP - ok
21:30:49.0626 4600 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
21:30:49.0628 4600 aswTdi - ok
21:30:49.0817 4600 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:30:49.0817 4600 AsyncMac - ok
21:30:49.0926 4600 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:30:49.0926 4600 atapi - ok
21:30:50.0269 4600 athr (de9fb3dade8fd39ae2c587df22d36b8e) C:\Windows\system32\DRIVERS\athrx.sys
21:30:50.0332 4600 athr - ok
21:30:50.0492 4600 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:30:50.0499 4600 b06bdrv - ok
21:30:50.0560 4600 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:30:50.0566 4600 b57nd60a - ok
21:30:50.0692 4600 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:30:50.0693 4600 Beep - ok
21:30:50.0747 4600 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
21:30:50.0748 4600 blbdrive - ok
21:30:50.0793 4600 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:30:50.0796 4600 bowser - ok
21:30:50.0883 4600 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:30:50.0885 4600 BrFiltLo - ok
21:30:50.0915 4600 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:30:50.0916 4600 BrFiltUp - ok
21:30:50.0991 4600 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:30:50.0997 4600 Brserid - ok
21:30:51.0058 4600 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:30:51.0059 4600 BrSerWdm - ok
21:30:51.0114 4600 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:30:51.0116 4600 BrUsbMdm - ok
21:30:51.0155 4600 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:30:51.0157 4600 BrUsbSer - ok
21:30:51.0238 4600 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
21:30:51.0240 4600 BthEnum - ok
21:30:51.0301 4600 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:30:51.0316 4600 BTHMODEM - ok
21:30:51.0504 4600 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:30:51.0519 4600 BthPan - ok
21:30:51.0660 4600 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
21:30:51.0691 4600 BTHPORT - ok
21:30:51.0769 4600 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
21:30:51.0769 4600 BTHUSB - ok
21:30:51.0831 4600 catchme - ok
21:30:51.0925 4600 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:30:51.0925 4600 cdfs - ok
21:30:52.0003 4600 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:30:52.0003 4600 cdrom - ok
21:30:52.0125 4600 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:30:52.0128 4600 circlass - ok
21:30:52.0173 4600 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:30:52.0182 4600 CLFS - ok
21:30:52.0295 4600 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:30:52.0297 4600 CmBatt - ok
21:30:52.0326 4600 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:30:52.0329 4600 cmdide - ok
21:30:52.0382 4600 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:30:52.0392 4600 CNG - ok
21:30:52.0409 4600 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:30:52.0410 4600 Compbatt - ok
21:30:52.0464 4600 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:30:52.0466 4600 CompositeBus - ok
21:30:52.0550 4600 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:30:52.0552 4600 crcdisk - ok
21:30:52.0699 4600 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:30:52.0703 4600 DfsC - ok
21:30:52.0750 4600 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:30:52.0752 4600 discache - ok
21:30:52.0795 4600 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:30:52.0798 4600 Disk - ok
21:30:52.0866 4600 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:30:52.0868 4600 drmkaud - ok
21:30:52.0984 4600 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:30:52.0988 4600 dtsoftbus01 - ok
21:30:53.0058 4600 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:30:53.0074 4600 DXGKrnl - ok
21:30:53.0214 4600 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:30:53.0323 4600 ebdrv - ok
21:30:53.0479 4600 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:30:53.0510 4600 elxstor - ok
21:30:53.0542 4600 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:30:53.0542 4600 ErrDev - ok
21:30:53.0635 4600 ETD (0975bf32399a24117e317b5bf1d5d0aa) C:\Windows\system32\DRIVERS\ETD.sys
21:30:53.0635 4600 ETD - ok
21:30:53.0713 4600 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:30:53.0729 4600 exfat - ok
21:30:53.0776 4600 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:30:53.0776 4600 fastfat - ok
21:30:53.0822 4600 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:30:53.0838 4600 fdc - ok
21:30:53.0900 4600 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:30:53.0900 4600 FileInfo - ok
21:30:53.0932 4600 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:30:53.0932 4600 Filetrace - ok
21:30:53.0978 4600 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:30:53.0994 4600 flpydisk - ok
21:30:54.0056 4600 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:30:54.0056 4600 FltMgr - ok
21:30:54.0103 4600 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:30:54.0103 4600 FsDepends - ok
21:30:54.0134 4600 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:30:54.0134 4600 Fs_Rec - ok
21:30:54.0272 4600 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:30:54.0278 4600 fvevol - ok
21:30:54.0323 4600 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:30:54.0327 4600 gagp30kx - ok
21:30:54.0423 4600 GGSAFERDriver - ok
21:30:54.0518 4600 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:30:54.0521 4600 hcw85cir - ok
21:30:54.0587 4600 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:30:54.0596 4600 HdAudAddService - ok
21:30:54.0672 4600 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:30:54.0675 4600 HDAudBus - ok
21:30:54.0739 4600 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
21:30:54.0741 4600 HECIx64 - ok
21:30:54.0871 4600 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:30:54.0875 4600 HidBatt - ok
21:30:54.0962 4600 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:30:54.0967 4600 HidBth - ok
21:30:55.0017 4600 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:30:55.0020 4600 HidIr - ok
21:30:55.0165 4600 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:30:55.0168 4600 HidUsb - ok
21:30:55.0222 4600 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:30:55.0226 4600 HpSAMD - ok
21:30:55.0271 4600 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:30:55.0306 4600 HTTP - ok
21:30:55.0318 4600 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:30:55.0320 4600 hwpolicy - ok
21:30:55.0337 4600 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:30:55.0340 4600 i8042prt - ok
21:30:55.0414 4600 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\drivers\iaStor.sys
21:30:55.0421 4600 iaStor - ok
21:30:55.0547 4600 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:30:55.0557 4600 iaStorV - ok
21:30:55.0944 4600 igfx (31569a2e836c12014148bf7342716946) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:30:56.0178 4600 igfx - ok
21:30:56.0271 4600 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:30:56.0274 4600 iirsp - ok
21:30:56.0351 4600 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
21:30:56.0353 4600 Impcd - ok
21:30:56.0478 4600 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
21:30:56.0478 4600 IntcAzAudAddService - ok
21:30:56.0671 4600 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:30:56.0678 4600 IntcDAud - ok
21:30:56.0744 4600 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:30:56.0747 4600 intelide - ok
21:30:56.0786 4600 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:30:56.0787 4600 intelppm - ok
21:30:56.0846 4600 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:30:56.0858 4600 IpFilterDriver - ok
21:30:56.0900 4600 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:30:56.0905 4600 IPMIDRV - ok
21:30:56.0933 4600 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:30:56.0937 4600 IPNAT - ok
21:30:56.0983 4600 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:30:56.0986 4600 IRENUM - ok
21:30:57.0038 4600 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:30:57.0043 4600 isapnp - ok
21:30:57.0099 4600 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:30:57.0106 4600 iScsiPrt - ok
21:30:57.0179 4600 k57nd60a (37e053a2cf8f0082b689ed74106e0cec) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:30:57.0185 4600 k57nd60a - ok
21:30:57.0281 4600 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:30:57.0283 4600 kbdclass - ok
21:30:57.0339 4600 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:30:57.0344 4600 kbdhid - ok
21:30:57.0397 4600 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:30:57.0401 4600 KSecDD - ok
21:30:57.0444 4600 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:30:57.0455 4600 KSecPkg - ok
21:30:57.0504 4600 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:30:57.0506 4600 ksthunk - ok
21:30:57.0686 4600 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:30:57.0689 4600 lltdio - ok
21:30:57.0892 4600 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:30:57.0892 4600 LSI_FC - ok
21:30:57.0954 4600 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:30:57.0954 4600 LSI_SAS - ok
21:30:58.0001 4600 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:30:58.0001 4600 LSI_SAS2 - ok
21:30:58.0079 4600 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:30:58.0094 4600 LSI_SCSI - ok
21:30:58.0126 4600 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:30:58.0141 4600 luafv - ok
21:30:58.0188 4600 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:30:58.0188 4600 megasas - ok
21:30:58.0282 4600 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:30:58.0297 4600 MegaSR - ok
21:30:58.0391 4600 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:30:58.0406 4600 Modem - ok
21:30:58.0453 4600 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:30:58.0453 4600 monitor - ok
21:30:58.0500 4600 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:30:58.0500 4600 mouclass - ok
21:30:58.0594 4600 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:30:58.0594 4600 mouhid - ok
21:30:58.0640 4600 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:30:58.0640 4600 mountmgr - ok
21:30:58.0687 4600 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:30:58.0703 4600 mpio - ok
21:30:58.0734 4600 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:30:58.0734 4600 mpsdrv - ok
21:30:58.0781 4600 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:30:58.0796 4600 MRxDAV - ok
21:30:58.0828 4600 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:30:58.0843 4600 mrxsmb - ok
21:30:58.0890 4600 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:30:58.0906 4600 mrxsmb10 - ok
21:30:58.0952 4600 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:30:58.0952 4600 mrxsmb20 - ok
21:30:58.0999 4600 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:30:58.0999 4600 msahci - ok
21:30:59.0046 4600 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:30:59.0046 4600 msdsm - ok
21:30:59.0093 4600 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:30:59.0093 4600 Msfs - ok
21:30:59.0140 4600 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:30:59.0140 4600 mshidkmdf - ok
21:30:59.0171 4600 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:30:59.0171 4600 msisadrv - ok
21:30:59.0264 4600 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:30:59.0264 4600 MSKSSRV - ok
21:30:59.0296 4600 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:30:59.0311 4600 MSPCLOCK - ok
21:30:59.0342 4600 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:30:59.0342 4600 MSPQM - ok
21:30:59.0389 4600 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:30:59.0389 4600 MsRPC - ok
21:30:59.0436 4600 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:30:59.0436 4600 mssmbios - ok
21:30:59.0498 4600 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:30:59.0498 4600 MSTEE - ok
21:30:59.0530 4600 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:30:59.0530 4600 MTConfig - ok
21:30:59.0576 4600 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:30:59.0576 4600 Mup - ok
21:30:59.0608 4600 mwlPSDFilter (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:30:59.0608 4600 mwlPSDFilter - ok
21:30:59.0686 4600 mwlPSDNServ (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:30:59.0686 4600 mwlPSDNServ - ok
21:30:59.0795 4600 mwlPSDVDisk (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:30:59.0795 4600 mwlPSDVDisk - ok
21:30:59.0920 4600 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:30:59.0920 4600 NativeWifiP - ok
21:31:00.0013 4600 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:31:00.0060 4600 NDIS - ok
21:31:00.0154 4600 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:31:00.0154 4600 NdisCap - ok
21:31:00.0200 4600 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:31:00.0200 4600 NdisTapi - ok
21:31:00.0247 4600 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:31:00.0247 4600 Ndisuio - ok
21:31:00.0294 4600 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:31:00.0294 4600 NdisWan - ok
21:31:00.0325 4600 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:31:00.0325 4600 NDProxy - ok
21:31:00.0372 4600 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:31:00.0372 4600 NetBIOS - ok
21:31:00.0403 4600 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:31:00.0419 4600 NetBT - ok
21:31:00.0512 4600 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:31:00.0512 4600 nfrd960 - ok
21:31:00.0668 4600 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:31:00.0668 4600 Npfs - ok
21:31:00.0700 4600 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:31:00.0700 4600 nsiproxy - ok
21:31:00.0778 4600 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:31:00.0824 4600 Ntfs - ok
21:31:00.0965 4600 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
21:31:00.0965 4600 NTIDrvr - ok
21:31:00.0996 4600 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:31:00.0996 4600 Null - ok
21:31:01.0511 4600 nvlddmkm (73dc184af4d2addc41b37344636d2cc7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:31:01.0589 4600 nvlddmkm - ok
21:31:01.0682 4600 nvpciflt (477a3cf725c4040f77eb9e2c17b922a0) C:\Windows\system32\DRIVERS\nvpciflt.sys
21:31:01.0682 4600 nvpciflt - ok
21:31:01.0745 4600 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:31:01.0745 4600 nvraid - ok
21:31:01.0807 4600 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:31:01.0807 4600 nvstor - ok
21:31:01.0916 4600 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:31:01.0916 4600 nv_agp - ok
21:31:01.0963 4600 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:31:01.0963 4600 ohci1394 - ok
21:31:02.0041 4600 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:31:02.0057 4600 Parport - ok
21:31:02.0088 4600 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:31:02.0088 4600 partmgr - ok
21:31:02.0166 4600 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:31:02.0166 4600 pci - ok
21:31:02.0213 4600 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:31:02.0213 4600 pciide - ok
21:31:02.0275 4600 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:31:02.0275 4600 pcmcia - ok
21:31:02.0322 4600 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:31:02.0322 4600 pcw - ok
21:31:02.0400 4600 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:31:02.0416 4600 PEAUTH - ok
21:31:02.0634 4600 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:31:02.0634 4600 PptpMiniport - ok
21:31:02.0681 4600 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:31:02.0696 4600 Processor - ok
21:31:02.0774 4600 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:31:02.0774 4600 Psched - ok
21:31:02.0884 4600 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:31:02.0946 4600 ql2300 - ok
21:31:03.0040 4600 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:31:03.0040 4600 ql40xx - ok
21:31:03.0086 4600 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:31:03.0086 4600 QWAVEdrv - ok
21:31:03.0118 4600 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:31:03.0118 4600 RasAcd - ok
21:31:03.0196 4600 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:31:03.0196 4600 RasAgileVpn - ok
21:31:03.0242 4600 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:31:03.0258 4600 Rasl2tp - ok
21:31:03.0336 4600 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:31:03.0336 4600 RasPppoe - ok
21:31:03.0430 4600 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:31:03.0430 4600 RasSstp - ok
21:31:03.0476 4600 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:31:03.0476 4600 rdbss - ok
21:31:03.0523 4600 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:31:03.0523 4600 rdpbus - ok
21:31:03.0586 4600 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:31:03.0586 4600 RDPCDD - ok
21:31:03.0617 4600 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:31:03.0617 4600 RDPENCDD - ok
21:31:03.0648 4600 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:31:03.0648 4600 RDPREFMP - ok
21:31:03.0695 4600 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:31:03.0710 4600 RDPWD - ok
21:31:03.0757 4600 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:31:03.0773 4600 rdyboost - ok
21:31:03.0851 4600 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:31:03.0851 4600 RFCOMM - ok
21:31:03.0976 4600 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:31:03.0991 4600 rspndr - ok
21:31:04.0085 4600 RSUSBSTOR (0e3dcf76f11dc431b088a2dfd7265cda) C:\Windows\System32\Drivers\RtsUStor.sys
21:31:04.0085 4600 RSUSBSTOR - ok
21:31:04.0147 4600 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:31:04.0163 4600 sbp2port - ok
21:31:04.0210 4600 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:31:04.0210 4600 scfilter - ok
21:31:04.0272 4600 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:31:04.0272 4600 secdrv - ok
21:31:04.0334 4600 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:31:04.0334 4600 Serenum - ok
21:31:04.0433 4600 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:31:04.0445 4600 Serial - ok
21:31:04.0505 4600 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:31:04.0509 4600 sermouse - ok
21:31:04.0558 4600 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:31:04.0560 4600 sffdisk - ok
21:31:04.0591 4600 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:31:04.0594 4600 sffp_mmc - ok
21:31:04.0624 4600 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:31:04.0626 4600 sffp_sd - ok
21:31:04.0699 4600 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:31:04.0702 4600 sfloppy - ok
21:31:04.0822 4600 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys
21:31:04.0831 4600 Sftfs - ok
21:31:04.0886 4600 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:31:04.0888 4600 Sftplay - ok
21:31:04.0937 4600 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:31:04.0939 4600 Sftredir - ok
21:31:04.0985 4600 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys
21:31:04.0986 4600 Sftvol - ok
21:31:05.0075 4600 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:31:05.0078 4600 SiSRaid2 - ok
21:31:05.0121 4600 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:31:05.0128 4600 SiSRaid4 - ok
21:31:05.0175 4600 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:31:05.0179 4600 Smb - ok
21:31:05.0242 4600 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:31:05.0243 4600 spldr - ok
21:31:05.0356 4600 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:31:05.0372 4600 srv - ok
21:31:05.0434 4600 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:31:05.0465 4600 srv2 - ok
21:31:05.0543 4600 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:31:05.0543 4600 srvnet - ok
21:31:05.0621 4600 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:31:05.0637 4600 stexstor - ok
21:31:05.0715 4600 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:31:05.0715 4600 swenum - ok
21:31:05.0871 4600 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
21:31:05.0927 4600 Tcpip - ok
21:31:06.0215 4600 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
21:31:06.0229 4600 TCPIP6 - ok
21:31:06.0374 4600 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:31:06.0384 4600 tcpipreg - ok
21:31:06.0462 4600 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:31:06.0467 4600 TDPIPE - ok
21:31:06.0495 4600 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:31:06.0500 4600 TDTCP - ok
21:31:06.0564 4600 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:31:06.0571 4600 tdx - ok
21:31:06.0630 4600 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:31:06.0632 4600 TermDD - ok
21:31:06.0749 4600 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:31:06.0751 4600 tssecsrv - ok
21:31:06.0811 4600 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:31:06.0820 4600 TsUsbFlt - ok
21:31:06.0848 4600 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:31:06.0868 4600 TsUsbGD - ok
21:31:06.0951 4600 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:31:06.0956 4600 tunnel - ok
21:31:06.0992 4600 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:31:07.0007 4600 uagp35 - ok
21:31:07.0023 4600 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
21:31:07.0023 4600 UBHelper - ok
21:31:07.0070 4600 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:31:07.0085 4600 udfs - ok
21:31:07.0132 4600 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:31:07.0148 4600 uliagpkx - ok
21:31:07.0179 4600 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:31:07.0195 4600 umbus - ok
21:31:07.0226 4600 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:31:07.0241 4600 UmPass - ok
21:31:07.0304 4600 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:31:07.0304 4600 usbccgp - ok
21:31:07.0351 4600 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:31:07.0351 4600 usbcir - ok
21:31:07.0413 4600 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:31:07.0413 4600 usbehci - ok
21:31:07.0475 4600 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
21:31:07.0522 4600 usbhub - ok
21:31:07.0585 4600 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:31:07.0585 4600 usbohci - ok
21:31:07.0616 4600 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:31:07.0631 4600 usbprint - ok
21:31:07.0678 4600 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:31:07.0678 4600 USBSTOR - ok
21:31:07.0709 4600 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:31:07.0709 4600 usbuhci - ok
21:31:07.0787 4600 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
21:31:07.0803 4600 usbvideo - ok
21:31:07.0881 4600 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:31:07.0881 4600 vdrvroot - ok
21:31:07.0928 4600 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:31:07.0928 4600 vga - ok
21:31:07.0975 4600 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:31:07.0990 4600 VgaSave - ok
21:31:08.0037 4600 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:31:08.0037 4600 vhdmp - ok
21:31:08.0084 4600 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:31:08.0084 4600 viaide - ok
21:31:08.0131 4600 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:31:08.0131 4600 volmgr - ok
21:31:08.0177 4600 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:31:08.0177 4600 volmgrx - ok
21:31:08.0240 4600 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:31:08.0255 4600 volsnap - ok
21:31:08.0349 4600 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:31:08.0365 4600 vsmraid - ok
21:31:08.0411 4600 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:31:08.0411 4600 vwifibus - ok
21:31:08.0458 4600 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:31:08.0458 4600 vwififlt - ok
21:31:08.0521 4600 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:31:08.0521 4600 WacomPen - ok
21:31:08.0586 4600 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:31:08.0590 4600 WANARP - ok
21:31:08.0610 4600 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:31:08.0613 4600 Wanarpv6 - ok
21:31:08.0684 4600 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:31:08.0686 4600 Wd - ok
21:31:08.0755 4600 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:31:08.0786 4600 Wdf01000 - ok
21:31:08.0892 4600 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:31:08.0895 4600 WfpLwf - ok
21:31:08.0947 4600 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:31:08.0950 4600 WIMMount - ok
21:31:09.0069 4600 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:31:09.0071 4600 WmiAcpi - ok
21:31:09.0171 4600 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:31:09.0174 4600 ws2ifsl - ok
21:31:09.0237 4600 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:31:09.0242 4600 WudfPf - ok
21:31:09.0315 4600 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:31:09.0320 4600 WUDFRd - ok
21:31:09.0373 4600 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:31:09.0397 4600 \Device\Harddisk0\DR0 - ok
21:31:09.0408 4600 Boot (0x1200) (2f754091f9d8aa76e0444bfe590c0552) \Device\Harddisk0\DR0\Partition0
21:31:09.0419 4600 \Device\Harddisk0\DR0\Partition0 - ok
21:31:09.0427 4600 Boot (0x1200) (38741f954417beff056a770c625bb18a) \Device\Harddisk0\DR0\Partition1
21:31:09.0430 4600 \Device\Harddisk0\DR0\Partition1 - ok
21:31:09.0431 4600 ============================================================
21:31:09.0431 4600 Scan finished
21:31:09.0431 4600 ============================================================
21:31:09.0448 1444 Detected object count: 0
21:31:09.0448 1444 Actual detected object count: 0
defragmentaci taky log z kasperskeho : 21:30:38.0282 4580 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
21:30:38.0624 4580 ============================================================
21:30:38.0624 4580 Current date / time: 2011/10/30 21:30:38.0624
21:30:38.0624 4580 SystemInfo:
21:30:38.0624 4580
21:30:38.0624 4580 OS Version: 6.1.7601 ServicePack: 1.0
21:30:38.0624 4580 Product type: Workstation
21:30:38.0624 4580 ComputerName: BRETA-PC
21:30:38.0640 4580 UserName: breta
21:30:38.0640 4580 Windows directory: C:\Windows
21:30:38.0640 4580 System windows directory: C:\Windows
21:30:38.0640 4580 Running under WOW64
21:30:38.0640 4580 Processor architecture: Intel x64
21:30:38.0640 4580 Number of processors: 2
21:30:38.0640 4580 Page size: 0x1000
21:30:38.0640 4580 Boot type: Normal boot
21:30:38.0640 4580 ============================================================
21:30:43.0052 4580 Initialize success
21:30:45.0409 4600 ============================================================
21:30:45.0409 4600 Scan started
21:30:45.0409 4600 Mode: Manual;
21:30:45.0409 4600 ============================================================
21:30:46.0808 4600 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:30:46.0814 4600 1394ohci - ok
21:30:46.0896 4600 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:30:46.0901 4600 ACPI - ok
21:30:46.0957 4600 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:30:46.0959 4600 AcpiPmi - ok
21:30:47.0104 4600 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:30:47.0111 4600 adp94xx - ok
21:30:47.0176 4600 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:30:47.0182 4600 adpahci - ok
21:30:47.0424 4600 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:30:47.0429 4600 adpu320 - ok
21:30:47.0705 4600 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:30:47.0721 4600 AFD - ok
21:30:47.0986 4600 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:30:48.0002 4600 agp440 - ok
21:30:48.0126 4600 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:30:48.0126 4600 aliide - ok
21:30:48.0173 4600 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:30:48.0173 4600 amdide - ok
21:30:48.0220 4600 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:30:48.0220 4600 AmdK8 - ok
21:30:48.0407 4600 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:30:48.0407 4600 AmdPPM - ok
21:30:48.0470 4600 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:30:48.0470 4600 amdsata - ok
21:30:48.0548 4600 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:30:48.0548 4600 amdsbs - ok
21:30:48.0626 4600 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:30:48.0626 4600 amdxata - ok
21:30:48.0672 4600 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:30:48.0672 4600 AppID - ok
21:30:48.0785 4600 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:30:48.0788 4600 arc - ok
21:30:48.0831 4600 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:30:48.0833 4600 arcsas - ok
21:30:48.0917 4600 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
21:30:48.0917 4600 aswFsBlk - ok
21:30:48.0995 4600 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
21:30:48.0996 4600 aswMonFlt - ok
21:30:49.0066 4600 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
21:30:49.0067 4600 aswRdr - ok
21:30:49.0156 4600 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
21:30:49.0159 4600 aswSnx - ok
21:30:49.0398 4600 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
21:30:49.0402 4600 aswSP - ok
21:30:49.0626 4600 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
21:30:49.0628 4600 aswTdi - ok
21:30:49.0817 4600 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:30:49.0817 4600 AsyncMac - ok
21:30:49.0926 4600 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:30:49.0926 4600 atapi - ok
21:30:50.0269 4600 athr (de9fb3dade8fd39ae2c587df22d36b8e) C:\Windows\system32\DRIVERS\athrx.sys
21:30:50.0332 4600 athr - ok
21:30:50.0492 4600 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:30:50.0499 4600 b06bdrv - ok
21:30:50.0560 4600 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:30:50.0566 4600 b57nd60a - ok
21:30:50.0692 4600 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:30:50.0693 4600 Beep - ok
21:30:50.0747 4600 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
21:30:50.0748 4600 blbdrive - ok
21:30:50.0793 4600 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:30:50.0796 4600 bowser - ok
21:30:50.0883 4600 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:30:50.0885 4600 BrFiltLo - ok
21:30:50.0915 4600 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:30:50.0916 4600 BrFiltUp - ok
21:30:50.0991 4600 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:30:50.0997 4600 Brserid - ok
21:30:51.0058 4600 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:30:51.0059 4600 BrSerWdm - ok
21:30:51.0114 4600 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:30:51.0116 4600 BrUsbMdm - ok
21:30:51.0155 4600 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:30:51.0157 4600 BrUsbSer - ok
21:30:51.0238 4600 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
21:30:51.0240 4600 BthEnum - ok
21:30:51.0301 4600 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:30:51.0316 4600 BTHMODEM - ok
21:30:51.0504 4600 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:30:51.0519 4600 BthPan - ok
21:30:51.0660 4600 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
21:30:51.0691 4600 BTHPORT - ok
21:30:51.0769 4600 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
21:30:51.0769 4600 BTHUSB - ok
21:30:51.0831 4600 catchme - ok
21:30:51.0925 4600 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:30:51.0925 4600 cdfs - ok
21:30:52.0003 4600 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:30:52.0003 4600 cdrom - ok
21:30:52.0125 4600 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:30:52.0128 4600 circlass - ok
21:30:52.0173 4600 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:30:52.0182 4600 CLFS - ok
21:30:52.0295 4600 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:30:52.0297 4600 CmBatt - ok
21:30:52.0326 4600 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:30:52.0329 4600 cmdide - ok
21:30:52.0382 4600 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:30:52.0392 4600 CNG - ok
21:30:52.0409 4600 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:30:52.0410 4600 Compbatt - ok
21:30:52.0464 4600 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:30:52.0466 4600 CompositeBus - ok
21:30:52.0550 4600 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:30:52.0552 4600 crcdisk - ok
21:30:52.0699 4600 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:30:52.0703 4600 DfsC - ok
21:30:52.0750 4600 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:30:52.0752 4600 discache - ok
21:30:52.0795 4600 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:30:52.0798 4600 Disk - ok
21:30:52.0866 4600 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:30:52.0868 4600 drmkaud - ok
21:30:52.0984 4600 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:30:52.0988 4600 dtsoftbus01 - ok
21:30:53.0058 4600 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:30:53.0074 4600 DXGKrnl - ok
21:30:53.0214 4600 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:30:53.0323 4600 ebdrv - ok
21:30:53.0479 4600 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:30:53.0510 4600 elxstor - ok
21:30:53.0542 4600 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:30:53.0542 4600 ErrDev - ok
21:30:53.0635 4600 ETD (0975bf32399a24117e317b5bf1d5d0aa) C:\Windows\system32\DRIVERS\ETD.sys
21:30:53.0635 4600 ETD - ok
21:30:53.0713 4600 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:30:53.0729 4600 exfat - ok
21:30:53.0776 4600 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:30:53.0776 4600 fastfat - ok
21:30:53.0822 4600 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:30:53.0838 4600 fdc - ok
21:30:53.0900 4600 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:30:53.0900 4600 FileInfo - ok
21:30:53.0932 4600 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:30:53.0932 4600 Filetrace - ok
21:30:53.0978 4600 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:30:53.0994 4600 flpydisk - ok
21:30:54.0056 4600 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:30:54.0056 4600 FltMgr - ok
21:30:54.0103 4600 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:30:54.0103 4600 FsDepends - ok
21:30:54.0134 4600 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:30:54.0134 4600 Fs_Rec - ok
21:30:54.0272 4600 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:30:54.0278 4600 fvevol - ok
21:30:54.0323 4600 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:30:54.0327 4600 gagp30kx - ok
21:30:54.0423 4600 GGSAFERDriver - ok
21:30:54.0518 4600 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:30:54.0521 4600 hcw85cir - ok
21:30:54.0587 4600 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:30:54.0596 4600 HdAudAddService - ok
21:30:54.0672 4600 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:30:54.0675 4600 HDAudBus - ok
21:30:54.0739 4600 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
21:30:54.0741 4600 HECIx64 - ok
21:30:54.0871 4600 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:30:54.0875 4600 HidBatt - ok
21:30:54.0962 4600 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:30:54.0967 4600 HidBth - ok
21:30:55.0017 4600 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:30:55.0020 4600 HidIr - ok
21:30:55.0165 4600 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:30:55.0168 4600 HidUsb - ok
21:30:55.0222 4600 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:30:55.0226 4600 HpSAMD - ok
21:30:55.0271 4600 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:30:55.0306 4600 HTTP - ok
21:30:55.0318 4600 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:30:55.0320 4600 hwpolicy - ok
21:30:55.0337 4600 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:30:55.0340 4600 i8042prt - ok
21:30:55.0414 4600 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\drivers\iaStor.sys
21:30:55.0421 4600 iaStor - ok
21:30:55.0547 4600 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:30:55.0557 4600 iaStorV - ok
21:30:55.0944 4600 igfx (31569a2e836c12014148bf7342716946) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:30:56.0178 4600 igfx - ok
21:30:56.0271 4600 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:30:56.0274 4600 iirsp - ok
21:30:56.0351 4600 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
21:30:56.0353 4600 Impcd - ok
21:30:56.0478 4600 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
21:30:56.0478 4600 IntcAzAudAddService - ok
21:30:56.0671 4600 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:30:56.0678 4600 IntcDAud - ok
21:30:56.0744 4600 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:30:56.0747 4600 intelide - ok
21:30:56.0786 4600 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:30:56.0787 4600 intelppm - ok
21:30:56.0846 4600 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:30:56.0858 4600 IpFilterDriver - ok
21:30:56.0900 4600 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:30:56.0905 4600 IPMIDRV - ok
21:30:56.0933 4600 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:30:56.0937 4600 IPNAT - ok
21:30:56.0983 4600 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:30:56.0986 4600 IRENUM - ok
21:30:57.0038 4600 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:30:57.0043 4600 isapnp - ok
21:30:57.0099 4600 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:30:57.0106 4600 iScsiPrt - ok
21:30:57.0179 4600 k57nd60a (37e053a2cf8f0082b689ed74106e0cec) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:30:57.0185 4600 k57nd60a - ok
21:30:57.0281 4600 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:30:57.0283 4600 kbdclass - ok
21:30:57.0339 4600 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:30:57.0344 4600 kbdhid - ok
21:30:57.0397 4600 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:30:57.0401 4600 KSecDD - ok
21:30:57.0444 4600 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:30:57.0455 4600 KSecPkg - ok
21:30:57.0504 4600 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:30:57.0506 4600 ksthunk - ok
21:30:57.0686 4600 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:30:57.0689 4600 lltdio - ok
21:30:57.0892 4600 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:30:57.0892 4600 LSI_FC - ok
21:30:57.0954 4600 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:30:57.0954 4600 LSI_SAS - ok
21:30:58.0001 4600 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:30:58.0001 4600 LSI_SAS2 - ok
21:30:58.0079 4600 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:30:58.0094 4600 LSI_SCSI - ok
21:30:58.0126 4600 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:30:58.0141 4600 luafv - ok
21:30:58.0188 4600 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:30:58.0188 4600 megasas - ok
21:30:58.0282 4600 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:30:58.0297 4600 MegaSR - ok
21:30:58.0391 4600 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:30:58.0406 4600 Modem - ok
21:30:58.0453 4600 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:30:58.0453 4600 monitor - ok
21:30:58.0500 4600 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:30:58.0500 4600 mouclass - ok
21:30:58.0594 4600 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:30:58.0594 4600 mouhid - ok
21:30:58.0640 4600 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:30:58.0640 4600 mountmgr - ok
21:30:58.0687 4600 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:30:58.0703 4600 mpio - ok
21:30:58.0734 4600 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:30:58.0734 4600 mpsdrv - ok
21:30:58.0781 4600 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:30:58.0796 4600 MRxDAV - ok
21:30:58.0828 4600 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:30:58.0843 4600 mrxsmb - ok
21:30:58.0890 4600 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:30:58.0906 4600 mrxsmb10 - ok
21:30:58.0952 4600 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:30:58.0952 4600 mrxsmb20 - ok
21:30:58.0999 4600 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:30:58.0999 4600 msahci - ok
21:30:59.0046 4600 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:30:59.0046 4600 msdsm - ok
21:30:59.0093 4600 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:30:59.0093 4600 Msfs - ok
21:30:59.0140 4600 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:30:59.0140 4600 mshidkmdf - ok
21:30:59.0171 4600 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:30:59.0171 4600 msisadrv - ok
21:30:59.0264 4600 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:30:59.0264 4600 MSKSSRV - ok
21:30:59.0296 4600 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:30:59.0311 4600 MSPCLOCK - ok
21:30:59.0342 4600 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:30:59.0342 4600 MSPQM - ok
21:30:59.0389 4600 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:30:59.0389 4600 MsRPC - ok
21:30:59.0436 4600 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:30:59.0436 4600 mssmbios - ok
21:30:59.0498 4600 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:30:59.0498 4600 MSTEE - ok
21:30:59.0530 4600 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:30:59.0530 4600 MTConfig - ok
21:30:59.0576 4600 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:30:59.0576 4600 Mup - ok
21:30:59.0608 4600 mwlPSDFilter (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:30:59.0608 4600 mwlPSDFilter - ok
21:30:59.0686 4600 mwlPSDNServ (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:30:59.0686 4600 mwlPSDNServ - ok
21:30:59.0795 4600 mwlPSDVDisk (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:30:59.0795 4600 mwlPSDVDisk - ok
21:30:59.0920 4600 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:30:59.0920 4600 NativeWifiP - ok
21:31:00.0013 4600 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:31:00.0060 4600 NDIS - ok
21:31:00.0154 4600 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:31:00.0154 4600 NdisCap - ok
21:31:00.0200 4600 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:31:00.0200 4600 NdisTapi - ok
21:31:00.0247 4600 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:31:00.0247 4600 Ndisuio - ok
21:31:00.0294 4600 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:31:00.0294 4600 NdisWan - ok
21:31:00.0325 4600 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:31:00.0325 4600 NDProxy - ok
21:31:00.0372 4600 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:31:00.0372 4600 NetBIOS - ok
21:31:00.0403 4600 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:31:00.0419 4600 NetBT - ok
21:31:00.0512 4600 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:31:00.0512 4600 nfrd960 - ok
21:31:00.0668 4600 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:31:00.0668 4600 Npfs - ok
21:31:00.0700 4600 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:31:00.0700 4600 nsiproxy - ok
21:31:00.0778 4600 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:31:00.0824 4600 Ntfs - ok
21:31:00.0965 4600 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
21:31:00.0965 4600 NTIDrvr - ok
21:31:00.0996 4600 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:31:00.0996 4600 Null - ok
21:31:01.0511 4600 nvlddmkm (73dc184af4d2addc41b37344636d2cc7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:31:01.0589 4600 nvlddmkm - ok
21:31:01.0682 4600 nvpciflt (477a3cf725c4040f77eb9e2c17b922a0) C:\Windows\system32\DRIVERS\nvpciflt.sys
21:31:01.0682 4600 nvpciflt - ok
21:31:01.0745 4600 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:31:01.0745 4600 nvraid - ok
21:31:01.0807 4600 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:31:01.0807 4600 nvstor - ok
21:31:01.0916 4600 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:31:01.0916 4600 nv_agp - ok
21:31:01.0963 4600 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:31:01.0963 4600 ohci1394 - ok
21:31:02.0041 4600 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:31:02.0057 4600 Parport - ok
21:31:02.0088 4600 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:31:02.0088 4600 partmgr - ok
21:31:02.0166 4600 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:31:02.0166 4600 pci - ok
21:31:02.0213 4600 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:31:02.0213 4600 pciide - ok
21:31:02.0275 4600 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:31:02.0275 4600 pcmcia - ok
21:31:02.0322 4600 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:31:02.0322 4600 pcw - ok
21:31:02.0400 4600 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:31:02.0416 4600 PEAUTH - ok
21:31:02.0634 4600 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:31:02.0634 4600 PptpMiniport - ok
21:31:02.0681 4600 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:31:02.0696 4600 Processor - ok
21:31:02.0774 4600 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:31:02.0774 4600 Psched - ok
21:31:02.0884 4600 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:31:02.0946 4600 ql2300 - ok
21:31:03.0040 4600 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:31:03.0040 4600 ql40xx - ok
21:31:03.0086 4600 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:31:03.0086 4600 QWAVEdrv - ok
21:31:03.0118 4600 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:31:03.0118 4600 RasAcd - ok
21:31:03.0196 4600 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:31:03.0196 4600 RasAgileVpn - ok
21:31:03.0242 4600 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:31:03.0258 4600 Rasl2tp - ok
21:31:03.0336 4600 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:31:03.0336 4600 RasPppoe - ok
21:31:03.0430 4600 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:31:03.0430 4600 RasSstp - ok
21:31:03.0476 4600 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:31:03.0476 4600 rdbss - ok
21:31:03.0523 4600 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:31:03.0523 4600 rdpbus - ok
21:31:03.0586 4600 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:31:03.0586 4600 RDPCDD - ok
21:31:03.0617 4600 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:31:03.0617 4600 RDPENCDD - ok
21:31:03.0648 4600 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:31:03.0648 4600 RDPREFMP - ok
21:31:03.0695 4600 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:31:03.0710 4600 RDPWD - ok
21:31:03.0757 4600 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:31:03.0773 4600 rdyboost - ok
21:31:03.0851 4600 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:31:03.0851 4600 RFCOMM - ok
21:31:03.0976 4600 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:31:03.0991 4600 rspndr - ok
21:31:04.0085 4600 RSUSBSTOR (0e3dcf76f11dc431b088a2dfd7265cda) C:\Windows\System32\Drivers\RtsUStor.sys
21:31:04.0085 4600 RSUSBSTOR - ok
21:31:04.0147 4600 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:31:04.0163 4600 sbp2port - ok
21:31:04.0210 4600 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:31:04.0210 4600 scfilter - ok
21:31:04.0272 4600 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:31:04.0272 4600 secdrv - ok
21:31:04.0334 4600 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:31:04.0334 4600 Serenum - ok
21:31:04.0433 4600 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:31:04.0445 4600 Serial - ok
21:31:04.0505 4600 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:31:04.0509 4600 sermouse - ok
21:31:04.0558 4600 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:31:04.0560 4600 sffdisk - ok
21:31:04.0591 4600 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:31:04.0594 4600 sffp_mmc - ok
21:31:04.0624 4600 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:31:04.0626 4600 sffp_sd - ok
21:31:04.0699 4600 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:31:04.0702 4600 sfloppy - ok
21:31:04.0822 4600 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys
21:31:04.0831 4600 Sftfs - ok
21:31:04.0886 4600 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:31:04.0888 4600 Sftplay - ok
21:31:04.0937 4600 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:31:04.0939 4600 Sftredir - ok
21:31:04.0985 4600 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys
21:31:04.0986 4600 Sftvol - ok
21:31:05.0075 4600 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:31:05.0078 4600 SiSRaid2 - ok
21:31:05.0121 4600 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:31:05.0128 4600 SiSRaid4 - ok
21:31:05.0175 4600 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:31:05.0179 4600 Smb - ok
21:31:05.0242 4600 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:31:05.0243 4600 spldr - ok
21:31:05.0356 4600 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:31:05.0372 4600 srv - ok
21:31:05.0434 4600 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:31:05.0465 4600 srv2 - ok
21:31:05.0543 4600 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:31:05.0543 4600 srvnet - ok
21:31:05.0621 4600 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:31:05.0637 4600 stexstor - ok
21:31:05.0715 4600 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:31:05.0715 4600 swenum - ok
21:31:05.0871 4600 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
21:31:05.0927 4600 Tcpip - ok
21:31:06.0215 4600 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
21:31:06.0229 4600 TCPIP6 - ok
21:31:06.0374 4600 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:31:06.0384 4600 tcpipreg - ok
21:31:06.0462 4600 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:31:06.0467 4600 TDPIPE - ok
21:31:06.0495 4600 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:31:06.0500 4600 TDTCP - ok
21:31:06.0564 4600 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:31:06.0571 4600 tdx - ok
21:31:06.0630 4600 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:31:06.0632 4600 TermDD - ok
21:31:06.0749 4600 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:31:06.0751 4600 tssecsrv - ok
21:31:06.0811 4600 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:31:06.0820 4600 TsUsbFlt - ok
21:31:06.0848 4600 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:31:06.0868 4600 TsUsbGD - ok
21:31:06.0951 4600 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:31:06.0956 4600 tunnel - ok
21:31:06.0992 4600 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:31:07.0007 4600 uagp35 - ok
21:31:07.0023 4600 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
21:31:07.0023 4600 UBHelper - ok
21:31:07.0070 4600 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:31:07.0085 4600 udfs - ok
21:31:07.0132 4600 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:31:07.0148 4600 uliagpkx - ok
21:31:07.0179 4600 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:31:07.0195 4600 umbus - ok
21:31:07.0226 4600 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:31:07.0241 4600 UmPass - ok
21:31:07.0304 4600 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:31:07.0304 4600 usbccgp - ok
21:31:07.0351 4600 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:31:07.0351 4600 usbcir - ok
21:31:07.0413 4600 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:31:07.0413 4600 usbehci - ok
21:31:07.0475 4600 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
21:31:07.0522 4600 usbhub - ok
21:31:07.0585 4600 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:31:07.0585 4600 usbohci - ok
21:31:07.0616 4600 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:31:07.0631 4600 usbprint - ok
21:31:07.0678 4600 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:31:07.0678 4600 USBSTOR - ok
21:31:07.0709 4600 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:31:07.0709 4600 usbuhci - ok
21:31:07.0787 4600 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
21:31:07.0803 4600 usbvideo - ok
21:31:07.0881 4600 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:31:07.0881 4600 vdrvroot - ok
21:31:07.0928 4600 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:31:07.0928 4600 vga - ok
21:31:07.0975 4600 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:31:07.0990 4600 VgaSave - ok
21:31:08.0037 4600 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:31:08.0037 4600 vhdmp - ok
21:31:08.0084 4600 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:31:08.0084 4600 viaide - ok
21:31:08.0131 4600 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:31:08.0131 4600 volmgr - ok
21:31:08.0177 4600 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:31:08.0177 4600 volmgrx - ok
21:31:08.0240 4600 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:31:08.0255 4600 volsnap - ok
21:31:08.0349 4600 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:31:08.0365 4600 vsmraid - ok
21:31:08.0411 4600 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:31:08.0411 4600 vwifibus - ok
21:31:08.0458 4600 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:31:08.0458 4600 vwififlt - ok
21:31:08.0521 4600 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:31:08.0521 4600 WacomPen - ok
21:31:08.0586 4600 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:31:08.0590 4600 WANARP - ok
21:31:08.0610 4600 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:31:08.0613 4600 Wanarpv6 - ok
21:31:08.0684 4600 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:31:08.0686 4600 Wd - ok
21:31:08.0755 4600 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:31:08.0786 4600 Wdf01000 - ok
21:31:08.0892 4600 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:31:08.0895 4600 WfpLwf - ok
21:31:08.0947 4600 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:31:08.0950 4600 WIMMount - ok
21:31:09.0069 4600 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:31:09.0071 4600 WmiAcpi - ok
21:31:09.0171 4600 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:31:09.0174 4600 ws2ifsl - ok
21:31:09.0237 4600 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:31:09.0242 4600 WudfPf - ok
21:31:09.0315 4600 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:31:09.0320 4600 WUDFRd - ok
21:31:09.0373 4600 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:31:09.0397 4600 \Device\Harddisk0\DR0 - ok
21:31:09.0408 4600 Boot (0x1200) (2f754091f9d8aa76e0444bfe590c0552) \Device\Harddisk0\DR0\Partition0
21:31:09.0419 4600 \Device\Harddisk0\DR0\Partition0 - ok
21:31:09.0427 4600 Boot (0x1200) (38741f954417beff056a770c625bb18a) \Device\Harddisk0\DR0\Partition1
21:31:09.0430 4600 \Device\Harddisk0\DR0\Partition1 - ok
21:31:09.0431 4600 ============================================================
21:31:09.0431 4600 Scan finished
21:31:09.0431 4600 ============================================================
21:31:09.0448 1444 Detected object count: 0
21:31:09.0448 1444 Actual detected object count: 0
Re: pomale pc, pada..programy neodpovidaji
log z rsit...pro dnešek dekuji, jak reaguje počitač napišu zitra
Logfile of random's system information tool 1.09 (written by random/random)
Run by breta at 2011-10-30 21:33:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 327 GB (71%) free of 461 GB
Total RAM: 3767 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:05, on 30.10.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\breta.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKUS\S-1-5-21-2857410691-1841422624-3118752077-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2857410691-1841422624-3118752077-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C57EE067-1884-40E5-BEE5-056EA2CA7DDF}: NameServer = 213.192.40.6,77.48.255.255
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O24 - Desktop Component 0: (no name) - http://mail.centrum.cz/img/js76dfa9/ego.orig.js
--
End of file - 9900 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
winlogon.exe
"C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=1964.012356E0.593401272 --ignored=" --type=renderer " /prefetch:3
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=1964.07445580.287011109 /prefetch:3
taskeng.exe {31B62C4C-F4DB-4156-BDF1-BCD311C27916}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
taskeng.exe {43603FE6-93A6-4EC3-82F3-C7A500C67892}
"C:\Users\breta\Documents\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Acer Registration - Reminder Recall task.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-01-05 860040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2011-06-17 266496]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
C:\Users\breta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-20 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-09-20 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2011-10-30 21:33:55 ----D---- C:\rsit
2011-10-30 21:30:38 ----A---- C:\TDSSKiller.2.6.14.0_30.10.2011_21.30.38_log.txt
2011-10-30 21:03:32 ----A---- C:\ComboFix.txt
2011-10-30 20:55:19 ----SHD---- C:\$RECYCLE.BIN
2011-10-30 19:24:46 ----D---- C:\Users\breta\AppData\Roaming\Malwarebytes
2011-10-30 19:23:23 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-10-30 19:23:22 ----D---- C:\ProgramData\Malwarebytes
2011-10-30 19:23:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-10-30 19:23:17 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-30 10:26:32 ----D---- C:\Program Files\trend micro
2011-10-28 10:17:43 ----D---- C:\Users\breta\AppData\Roaming\Audacity
2011-10-28 07:18:07 ----D---- C:\Users\breta\AppData\Roaming\wargaming.net
2011-10-28 06:47:18 ----D---- C:\Games
2011-10-27 15:07:05 ----D---- C:\Users\breta\AppData\Roaming\Allstar
2011-10-26 13:02:14 ----D---- C:\Program Files (x86)\GamePark
2011-10-19 12:13:10 ----A---- C:\Windows\SYSWOW64\shortcut_ex.dat
2011-10-18 16:34:49 ----D---- C:\Program Files\CCleaner
2011-10-18 16:17:37 ----D---- C:\Users\breta\AppData\Roaming\BatteryBar
2011-10-18 16:17:37 ----D---- C:\Program Files\BatteryBar
2011-10-13 18:05:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-13 18:05:19 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-13 18:05:18 ----A---- C:\Windows\system32\iertutil.dll
2011-10-13 18:05:17 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-13 18:05:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-13 18:05:17 ----A---- C:\Windows\system32\url.dll
2011-10-13 18:05:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-13 18:05:16 ----A---- C:\Windows\system32\urlmon.dll
2011-10-13 18:05:15 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-13 18:05:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-13 18:05:14 ----A---- C:\Windows\system32\wininet.dll
2011-10-13 18:05:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-13 18:05:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-10-13 18:05:12 ----A---- C:\Windows\system32\jscript9.dll
2011-10-13 18:05:12 ----A---- C:\Windows\system32\ieui.dll
2011-10-13 18:05:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-10-13 18:05:10 ----A---- C:\Windows\system32\jscript.dll
2011-10-13 18:05:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-13 18:05:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-13 18:05:05 ----A---- C:\Windows\system32\mshtml.dll
2011-10-13 18:05:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-13 18:05:01 ----A---- C:\Windows\system32\ieframe.dll
2011-10-13 17:17:11 ----A---- C:\Windows\system32\win32k.sys
2011-10-13 17:17:01 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-13 17:17:00 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-13 17:16:36 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-13 17:16:36 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-13 17:16:36 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-13 17:16:36 ----A---- C:\Windows\system32\oleacc.dll
2011-10-06 16:29:15 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-10-06 16:29:15 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-10-06 16:29:14 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\aswBoot.exe
2011-10-06 16:29:02 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-10-06 16:29:02 ----A---- C:\Windows\avastSS.scr
2011-10-06 16:28:53 ----D---- C:\ProgramData\AVAST Software
2011-10-06 16:28:53 ----D---- C:\Program Files\AVAST Software
2011-10-03 19:34:38 ----D---- C:\Users\breta\AppData\Roaming\Windows Live Writer
2011-10-03 16:55:51 ----D---- C:\Users\breta\AppData\Roaming\Nitro PDF
2011-10-03 16:55:09 ----A---- C:\Windows\system32\nitrolocalui.dll
2011-10-03 16:55:08 ----A---- C:\Windows\system32\nitrolocalmon.dll
2011-10-03 16:54:51 ----D---- C:\ProgramData\Nitro PDF
2011-10-03 16:54:50 ----D---- C:\Program Files\Common Files\Nitro PDF
2011-10-03 16:54:48 ----D---- C:\Program Files (x86)\Nitro PDF
2011-10-03 16:52:19 ----D---- C:\Users\breta\AppData\Roaming\Downloaded Installations
2011-10-01 21:52:24 ----D---- C:\PFiles
2011-10-01 16:55:07 ----D---- C:\ProgramData\Wild Tangent
======List of files/folders modified in the last 1 month======
2011-10-30 21:34:04 ----D---- C:\Windows\Temp
2011-10-30 21:31:58 ----D---- C:\Windows\System32
2011-10-30 21:31:58 ----D---- C:\Windows\inf
2011-10-30 21:31:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-30 21:30:42 ----D---- C:\Windows\system32\drivers
2011-10-30 21:29:47 ----AD---- C:\Windows
2011-10-30 21:27:58 ----D---- C:\Windows\system32\config
2011-10-30 21:27:32 ----A---- C:\Windows\SYSWOW64\log.txt
2011-10-30 21:24:38 ----SHD---- C:\System Volume Information
2011-10-30 20:55:16 ----A---- C:\Windows\system.ini
2011-10-30 20:54:55 ----D---- C:\Windows\system32\drivers\etc
2011-10-30 20:49:54 ----D---- C:\Windows\SYSWOW64\drivers
2011-10-30 20:49:54 ----D---- C:\Windows\SysWOW64
2011-10-30 20:49:54 ----D---- C:\Windows\AppPatch
2011-10-30 20:49:52 ----D---- C:\Program Files\Common Files
2011-10-30 20:49:52 ----D---- C:\Program Files (x86)\Common Files
2011-10-30 19:23:22 ----D---- C:\ProgramData
2011-10-30 19:23:17 ----RD---- C:\Program Files (x86)
2011-10-30 19:03:21 ----D---- C:\Users\breta\AppData\Roaming\Skype
2011-10-30 13:26:55 ----D---- C:\Users\breta\AppData\Roaming\SoftGrid Client
2011-10-30 10:26:32 ----RD---- C:\Program Files
2011-10-30 10:19:23 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-10-28 18:40:52 ----D---- C:\Windows\Logs
2011-10-28 15:36:30 ----D---- C:\Windows\Registration
2011-10-28 10:23:48 ----D---- C:\Windows\Prefetch
2011-10-28 07:08:55 ----SD---- C:\Users\breta\AppData\Roaming\Microsoft
2011-10-28 07:08:04 ----SHD---- C:\Windows\Installer
2011-10-28 07:07:01 ----RSD---- C:\Windows\assembly
2011-10-27 19:53:59 ----D---- C:\Program Files (x86)\Garena Classic
2011-10-27 16:39:23 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-10-27 16:10:07 ----A---- C:\Windows\game.ini
2011-10-27 16:03:28 ----D---- C:\Users\breta\AppData\Roaming\DAEMON Tools Lite
2011-10-26 11:40:38 ----D---- C:\Windows\winsxs
2011-10-26 10:26:44 ----D---- C:\Windows\system32\catroot2
2011-10-26 10:26:44 ----D---- C:\Windows\system32\catroot
2011-10-25 23:00:22 ----D---- C:\Windows\Tasks
2011-10-24 20:02:08 ----D---- C:\Windows\system32\NDF
2011-10-20 20:13:55 ----D---- C:\Windows\Microsoft.NET
2011-10-18 18:48:31 ----D---- C:\Windows\system32\Tasks
2011-10-18 18:48:25 ----RD---- C:\Program Files (x86)\Skype
2011-10-18 18:48:20 ----D---- C:\ProgramData\Skype
2011-10-18 18:46:44 ----D---- C:\Windows\Panther
2011-10-18 18:46:43 ----D---- C:\Windows\debug
2011-10-18 15:01:32 ----D---- C:\breta
2011-10-18 15:00:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-18 14:37:29 ----D---- C:\Debatiáda 3.-5. 6. 2011
2011-10-16 08:57:05 ----D---- C:\Windows\system32\wdi
2011-10-15 15:41:53 ----SD---- C:\ProgramData\Microsoft
2011-10-14 20:24:41 ----D---- C:\Program Files (x86)\Activision
2011-10-14 17:33:33 ----D---- C:\hry
2011-10-14 17:21:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-13 21:02:43 ----D---- C:\Windows\SYSWOW64\migration
2011-10-13 21:02:43 ----D---- C:\Windows\system32\migration
2011-10-13 21:02:43 ----D---- C:\Windows\ehome
2011-10-13 21:02:43 ----D---- C:\Program Files\Internet Explorer
2011-10-13 21:02:43 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-13 18:12:45 ----A---- C:\Windows\system32\MRT.exe
2011-10-08 20:14:01 ----HD---- C:\ProgramData\EgisTec
2011-10-07 20:29:19 ----D---- C:\ProgramData\WildTangent
2011-10-06 16:26:12 ----D---- C:\ProgramData\McAfee
2011-10-06 16:24:09 ----D---- C:\Windows\system32\DriverStore
2011-10-01 14:21:25 ----D---- C:\Windows\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-04-13 540696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-22 270912]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-21 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-21 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-21 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-20 10603904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Classic\safedrv.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-09-22 243712]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 nlsX86cc;NLS Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-10-27 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-02 655624]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-21 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by breta at 2011-10-30 21:33:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 327 GB (71%) free of 461 GB
Total RAM: 3767 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:05, on 30.10.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\breta.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKUS\S-1-5-21-2857410691-1841422624-3118752077-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2857410691-1841422624-3118752077-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C57EE067-1884-40E5-BEE5-056EA2CA7DDF}: NameServer = 213.192.40.6,77.48.255.255
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O24 - Desktop Component 0: (no name) - http://mail.centrum.cz/img/js76dfa9/ego.orig.js
--
End of file - 9900 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
winlogon.exe
"C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=1964.012356E0.593401272 --ignored=" --type=renderer " /prefetch:3
"C:\Users\breta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=1964.07445580.287011109 /prefetch:3
taskeng.exe {31B62C4C-F4DB-4156-BDF1-BCD311C27916}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
taskeng.exe {43603FE6-93A6-4EC3-82F3-C7A500C67892}
"C:\Users\breta\Documents\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Acer Registration - Reminder Recall task.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857410691-1841422624-3118752077-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-01-05 860040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2011-06-17 266496]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
C:\Users\breta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-20 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-09-20 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2011-10-30 21:33:55 ----D---- C:\rsit
2011-10-30 21:30:38 ----A---- C:\TDSSKiller.2.6.14.0_30.10.2011_21.30.38_log.txt
2011-10-30 21:03:32 ----A---- C:\ComboFix.txt
2011-10-30 20:55:19 ----SHD---- C:\$RECYCLE.BIN
2011-10-30 19:24:46 ----D---- C:\Users\breta\AppData\Roaming\Malwarebytes
2011-10-30 19:23:23 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-10-30 19:23:22 ----D---- C:\ProgramData\Malwarebytes
2011-10-30 19:23:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-10-30 19:23:17 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-30 10:26:32 ----D---- C:\Program Files\trend micro
2011-10-28 10:17:43 ----D---- C:\Users\breta\AppData\Roaming\Audacity
2011-10-28 07:18:07 ----D---- C:\Users\breta\AppData\Roaming\wargaming.net
2011-10-28 06:47:18 ----D---- C:\Games
2011-10-27 15:07:05 ----D---- C:\Users\breta\AppData\Roaming\Allstar
2011-10-26 13:02:14 ----D---- C:\Program Files (x86)\GamePark
2011-10-19 12:13:10 ----A---- C:\Windows\SYSWOW64\shortcut_ex.dat
2011-10-18 16:34:49 ----D---- C:\Program Files\CCleaner
2011-10-18 16:17:37 ----D---- C:\Users\breta\AppData\Roaming\BatteryBar
2011-10-18 16:17:37 ----D---- C:\Program Files\BatteryBar
2011-10-13 18:05:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-13 18:05:19 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-13 18:05:18 ----A---- C:\Windows\system32\iertutil.dll
2011-10-13 18:05:17 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-13 18:05:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-13 18:05:17 ----A---- C:\Windows\system32\url.dll
2011-10-13 18:05:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-13 18:05:16 ----A---- C:\Windows\system32\urlmon.dll
2011-10-13 18:05:15 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-13 18:05:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-13 18:05:14 ----A---- C:\Windows\system32\wininet.dll
2011-10-13 18:05:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-13 18:05:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-10-13 18:05:12 ----A---- C:\Windows\system32\jscript9.dll
2011-10-13 18:05:12 ----A---- C:\Windows\system32\ieui.dll
2011-10-13 18:05:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-10-13 18:05:10 ----A---- C:\Windows\system32\jscript.dll
2011-10-13 18:05:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-13 18:05:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-13 18:05:05 ----A---- C:\Windows\system32\mshtml.dll
2011-10-13 18:05:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-13 18:05:01 ----A---- C:\Windows\system32\ieframe.dll
2011-10-13 17:17:11 ----A---- C:\Windows\system32\win32k.sys
2011-10-13 17:17:01 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-13 17:17:00 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-13 17:16:36 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-13 17:16:36 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-13 17:16:36 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-13 17:16:36 ----A---- C:\Windows\system32\oleacc.dll
2011-10-06 16:29:15 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-10-06 16:29:15 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-10-06 16:29:14 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-10-06 16:29:13 ----A---- C:\Windows\system32\aswBoot.exe
2011-10-06 16:29:02 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-10-06 16:29:02 ----A---- C:\Windows\avastSS.scr
2011-10-06 16:28:53 ----D---- C:\ProgramData\AVAST Software
2011-10-06 16:28:53 ----D---- C:\Program Files\AVAST Software
2011-10-03 19:34:38 ----D---- C:\Users\breta\AppData\Roaming\Windows Live Writer
2011-10-03 16:55:51 ----D---- C:\Users\breta\AppData\Roaming\Nitro PDF
2011-10-03 16:55:09 ----A---- C:\Windows\system32\nitrolocalui.dll
2011-10-03 16:55:08 ----A---- C:\Windows\system32\nitrolocalmon.dll
2011-10-03 16:54:51 ----D---- C:\ProgramData\Nitro PDF
2011-10-03 16:54:50 ----D---- C:\Program Files\Common Files\Nitro PDF
2011-10-03 16:54:48 ----D---- C:\Program Files (x86)\Nitro PDF
2011-10-03 16:52:19 ----D---- C:\Users\breta\AppData\Roaming\Downloaded Installations
2011-10-01 21:52:24 ----D---- C:\PFiles
2011-10-01 16:55:07 ----D---- C:\ProgramData\Wild Tangent
======List of files/folders modified in the last 1 month======
2011-10-30 21:34:04 ----D---- C:\Windows\Temp
2011-10-30 21:31:58 ----D---- C:\Windows\System32
2011-10-30 21:31:58 ----D---- C:\Windows\inf
2011-10-30 21:31:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-30 21:30:42 ----D---- C:\Windows\system32\drivers
2011-10-30 21:29:47 ----AD---- C:\Windows
2011-10-30 21:27:58 ----D---- C:\Windows\system32\config
2011-10-30 21:27:32 ----A---- C:\Windows\SYSWOW64\log.txt
2011-10-30 21:24:38 ----SHD---- C:\System Volume Information
2011-10-30 20:55:16 ----A---- C:\Windows\system.ini
2011-10-30 20:54:55 ----D---- C:\Windows\system32\drivers\etc
2011-10-30 20:49:54 ----D---- C:\Windows\SYSWOW64\drivers
2011-10-30 20:49:54 ----D---- C:\Windows\SysWOW64
2011-10-30 20:49:54 ----D---- C:\Windows\AppPatch
2011-10-30 20:49:52 ----D---- C:\Program Files\Common Files
2011-10-30 20:49:52 ----D---- C:\Program Files (x86)\Common Files
2011-10-30 19:23:22 ----D---- C:\ProgramData
2011-10-30 19:23:17 ----RD---- C:\Program Files (x86)
2011-10-30 19:03:21 ----D---- C:\Users\breta\AppData\Roaming\Skype
2011-10-30 13:26:55 ----D---- C:\Users\breta\AppData\Roaming\SoftGrid Client
2011-10-30 10:26:32 ----RD---- C:\Program Files
2011-10-30 10:19:23 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-10-28 18:40:52 ----D---- C:\Windows\Logs
2011-10-28 15:36:30 ----D---- C:\Windows\Registration
2011-10-28 10:23:48 ----D---- C:\Windows\Prefetch
2011-10-28 07:08:55 ----SD---- C:\Users\breta\AppData\Roaming\Microsoft
2011-10-28 07:08:04 ----SHD---- C:\Windows\Installer
2011-10-28 07:07:01 ----RSD---- C:\Windows\assembly
2011-10-27 19:53:59 ----D---- C:\Program Files (x86)\Garena Classic
2011-10-27 16:39:23 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-10-27 16:10:07 ----A---- C:\Windows\game.ini
2011-10-27 16:03:28 ----D---- C:\Users\breta\AppData\Roaming\DAEMON Tools Lite
2011-10-26 11:40:38 ----D---- C:\Windows\winsxs
2011-10-26 10:26:44 ----D---- C:\Windows\system32\catroot2
2011-10-26 10:26:44 ----D---- C:\Windows\system32\catroot
2011-10-25 23:00:22 ----D---- C:\Windows\Tasks
2011-10-24 20:02:08 ----D---- C:\Windows\system32\NDF
2011-10-20 20:13:55 ----D---- C:\Windows\Microsoft.NET
2011-10-18 18:48:31 ----D---- C:\Windows\system32\Tasks
2011-10-18 18:48:25 ----RD---- C:\Program Files (x86)\Skype
2011-10-18 18:48:20 ----D---- C:\ProgramData\Skype
2011-10-18 18:46:44 ----D---- C:\Windows\Panther
2011-10-18 18:46:43 ----D---- C:\Windows\debug
2011-10-18 15:01:32 ----D---- C:\breta
2011-10-18 15:00:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-18 14:37:29 ----D---- C:\Debatiáda 3.-5. 6. 2011
2011-10-16 08:57:05 ----D---- C:\Windows\system32\wdi
2011-10-15 15:41:53 ----SD---- C:\ProgramData\Microsoft
2011-10-14 20:24:41 ----D---- C:\Program Files (x86)\Activision
2011-10-14 17:33:33 ----D---- C:\hry
2011-10-14 17:21:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-13 21:02:43 ----D---- C:\Windows\SYSWOW64\migration
2011-10-13 21:02:43 ----D---- C:\Windows\system32\migration
2011-10-13 21:02:43 ----D---- C:\Windows\ehome
2011-10-13 21:02:43 ----D---- C:\Program Files\Internet Explorer
2011-10-13 21:02:43 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-13 18:12:45 ----A---- C:\Windows\system32\MRT.exe
2011-10-08 20:14:01 ----HD---- C:\ProgramData\EgisTec
2011-10-07 20:29:19 ----D---- C:\ProgramData\WildTangent
2011-10-06 16:26:12 ----D---- C:\ProgramData\McAfee
2011-10-06 16:24:09 ----D---- C:\Windows\system32\DriverStore
2011-10-01 14:21:25 ----D---- C:\Windows\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-04-13 540696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-22 270912]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-21 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-21 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-21 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-20 10603904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Classic\safedrv.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-09-22 243712]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 nlsX86cc;NLS Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-10-27 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-02 655624]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-21 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: pomale pc, pada..programy neodpovidaji
Pokračujte dále..
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: pomale pc, pada..programy neodpovidaji
Fajn, pokračujeme zítra
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Přispějete na provoz fóra?