LOG.txt :
Logfile of random's system information tool 1.09 (written by random/random)
Run by msi at 2012-02-09 22:24:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (22%) free of 177 GB
Total RAM: 2815 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:24:31, on 9.2.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\trend micro\msi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\msi\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Fusion Utility Service (AMDFusionSVC) - Advanced Micro Devices - C:\Program Files (x86)\AMD\Fusion Utility for Mobility\FusionSVC.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10792 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k NetworkService
"C:\Program Files (x86)\AMD\Fusion Utility for Mobility\FusionSVC.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"taskhost.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\System Control Manager\MSIService.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
ACDaemon.exe -i
ArcCon.ac 328224 0
"C:\windows\system32\calc.exe"
"C:\Users\msi\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\msi\AppData\Roaming\Mozilla\Firefox\Profiles\43vyxf7a.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198]
"Description"=15.0.0.198
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsjsrealplayerplugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\msi\AppData\Roaming\Mozilla\Firefox\Profiles\43vyxf7a.default\extensions\
{1392b8d2-5c05-419f-a8f6-b9f15a596612}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - C:\Program Files (x86)\Freecorder\prxtbFree.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-12 425680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-07-17 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files (x86)\Freecorder\prxtbFree.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-05-04 10804256]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-01-07 1894696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PlayNC Launcher"= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Akamai NetSession Interface"=C:\Users\msi\AppData\Local\Akamai\netsession_win.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe [2012-02-02 327680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2011-06-15 404568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\windows\FixCamera.exe [2007-02-12 20480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service]
C:\Program Files (x86)\Freecorder\FLVSrvc.exe [2011-03-24 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Game Fire]
C:\Program Files (x86)\Smart PC Utilities\Game Fire\GFTray.exe /START []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-06-07 421160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU]
C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2012-01-31 438272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5]
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe [2011-02-24 1277952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-01-13 460872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-02-07 3087440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2011-08-11 1242448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-12 296056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
C:\windows\tsnp2std.exe [2007-02-13 262144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^msi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^android-notifier-desktop.lnk]
C:\PROGRA~2\ANDROI~1\ANDROI~1.EXE [2010-10-06 608523]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"MGSysCtrl"=C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2010-01-08 2396160]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-25 343168]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
C:\Users\msi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"msacm.ac3filter"=ac3filter64.acm
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2012-02-09 22:24:24 ----D---- C:\rsit
2012-02-09 22:24:24 ----D---- C:\Program Files\trend micro
2012-02-07 14:45:11 ----D---- C:\IgnitedGames
2012-02-07 13:38:39 ----D---- C:\Program Files (x86)\ROSH
2012-02-07 13:38:17 ----D---- C:\ROSH
2012-02-06 14:43:50 ----D---- C:\ProgramData\media center programs
2012-02-06 14:43:45 ----D---- C:\Program Files (x86)\Funcom
2012-02-04 12:10:30 ----D---- C:\RebirthEvolution
2012-02-04 11:26:50 ----D---- C:\Program Files (x86)\Cheat Engine 6.1
2012-02-03 10:29:56 ----A---- C:\windows\SYSWOW64\xfcodec.dll
2012-02-03 10:29:56 ----A---- C:\windows\system32\xfcodec64.dll
2012-02-02 13:50:54 ----D---- C:\Program Files (x86)\Gameforge4D
2012-01-31 15:52:58 ----D---- C:\ProgramData\Nexon
2012-01-31 15:16:34 ----D---- C:\Program Files (x86)\BandiMPEG1
2012-01-31 15:07:45 ----D---- C:\ProgramData\NexonEU
2012-01-31 11:19:36 ----D---- C:\Download
2012-01-31 11:19:24 ----D---- C:\Nexon
2012-01-31 11:19:24 ----A---- C:\windows\SYSWOW64\nxEuUninstall.bat
2012-01-31 11:19:24 ----A---- C:\windows\NEXON_EU_DownloaderUpdater.exe
2012-01-30 19:33:14 ----D---- C:\ProgramData\IObit
2012-01-30 19:33:14 ----D---- C:\Program Files (x86)\IObit
2012-01-20 12:12:49 ----RA---- C:\windows\SYSWOW64\tmpCA23.tmp
2012-01-20 12:12:49 ----D---- C:\Program Files (x86)\OpenAL
2012-01-20 12:12:49 ----A---- C:\windows\SYSWOW64\wrap_oal.dll
2012-01-20 12:12:49 ----A---- C:\windows\SYSWOW64\OpenAL32.dll
2012-01-20 12:12:49 ----A---- C:\windows\system32\wrap_oal.dll
2012-01-20 12:12:49 ----A---- C:\windows\system32\OpenAL32.dll
2012-01-20 12:00:50 ----D---- C:\Program Files\Bohemia Interactive
2012-01-20 11:27:16 ----D---- C:\Program Files (x86)\Battlestations Midway
2012-01-20 10:57:33 ----D---- C:\Program Files (x86)\Cenega
2012-01-20 10:54:53 ----A---- C:\windows\tmp2Level.ini
2012-01-20 10:54:53 ----A---- C:\windows\level.ini
2012-01-16 20:48:49 ----A---- C:\windows\system32\schannel.dll
2012-01-16 20:48:47 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2012-01-16 20:48:41 ----A---- C:\windows\SYSWOW64\schannel.dll
2012-01-16 20:48:41 ----A---- C:\windows\system32\lsasrv.dll
2012-01-16 20:48:40 ----A---- C:\windows\system32\drivers\cng.sys
2012-01-16 20:48:39 ----A---- C:\windows\SYSWOW64\webio.dll
2012-01-16 20:48:39 ----A---- C:\windows\system32\webio.dll
2012-01-16 20:48:39 ----A---- C:\windows\system32\sspicli.dll
2012-01-16 20:48:39 ----A---- C:\windows\system32\lsass.exe
2012-01-16 20:48:39 ----A---- C:\windows\system32\drivers\ksecdd.sys
2012-01-16 20:48:38 ----A---- C:\windows\SYSWOW64\secur32.dll
2012-01-16 20:48:38 ----A---- C:\windows\system32\secur32.dll
2012-01-16 20:48:37 ----A---- C:\windows\SYSWOW64\sspicli.dll
2012-01-16 20:48:37 ----A---- C:\windows\system32\sspisrv.dll
2012-01-13 07:36:27 ----A---- C:\windows\FixCamera.exe
2012-01-13 07:36:27 ----A---- C:\windows\amcap.exe
2012-01-13 07:36:25 ----A---- C:\windows\vsnp2std.exe
2012-01-13 07:36:25 ----A---- C:\windows\tsnp2std.exe
2012-01-13 07:36:24 ----A---- C:\windows\snp2std.src
2012-01-13 07:36:24 ----A---- C:\windows\snp2std.ini
2012-01-13 07:36:22 ----A---- C:\windows\SYSWOW64\drivers\snp2sxp.sys
2012-01-13 07:36:22 ----A---- C:\windows\SYSWOW64\drivers\sncamd.sys
2012-01-13 07:36:21 ----A---- C:\windows\SYSWOW64\vsnp2std.dll
2012-01-13 07:36:21 ----A---- C:\windows\SYSWOW64\rsnp2std.dll
2012-01-13 07:36:20 ----A---- C:\windows\system32\csnp2std.dll
2012-01-11 20:41:47 ----A---- C:\windows\SYSWOW64\quartz.dll
2012-01-11 20:41:47 ----A---- C:\windows\system32\quartz.dll
2012-01-11 20:41:45 ----A---- C:\windows\SYSWOW64\qdvd.dll
2012-01-11 20:41:45 ----A---- C:\windows\system32\qdvd.dll
2012-01-11 20:41:42 ----A---- C:\windows\SYSWOW64\ntdll.dll
2012-01-11 20:41:42 ----A---- C:\windows\system32\ntdll.dll
2012-01-11 20:41:39 ----A---- C:\windows\SYSWOW64\packager.dll
2012-01-11 20:41:39 ----A---- C:\windows\system32\packager.dll
======List of files/folders modified in the last 1 month======
2012-02-09 22:24:24 ----RD---- C:\Program Files
2012-02-09 22:24:22 ----D---- C:\windows\Temp
2012-02-09 21:52:54 ----D---- C:\windows\system32\config
2012-02-09 21:44:12 ----SHD---- C:\windows\Installer
2012-02-09 21:44:12 ----SHD---- C:\Config.Msi
2012-02-09 21:44:11 ----RD---- C:\Program Files (x86)
2012-02-09 21:42:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-02-09 21:41:41 ----SHD---- C:\System Volume Information
2012-02-09 21:38:24 ----D---- C:\Users\msi\AppData\Roaming\Xfire
2012-02-09 18:53:34 ----D---- C:\windows\pss
2012-02-09 18:50:04 ----D---- C:\windows\system32\Tasks
2012-02-09 17:23:45 ----D---- C:\Users\msi\AppData\Roaming\dvdcss
2012-02-07 21:27:36 ----D---- C:\windows\System32
2012-02-07 21:27:36 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-02-07 21:27:35 ----D---- C:\windows\inf
2012-02-07 13:56:41 ----D---- C:\windows\Downloaded Program Files
2012-02-07 13:38:45 ----D---- C:\ProgramData\PMB Files
2012-02-06 14:43:54 ----HD---- C:\windows\msdownld.tmp
2012-02-06 14:43:51 ----D---- C:\windows\Logs
2012-02-06 14:43:50 ----HD---- C:\ProgramData
2012-02-06 14:25:13 ----D---- C:\Program Files (x86)\NCsoft
2012-02-06 11:02:35 ----D---- C:\ProgramData\Xfire
2012-02-06 11:02:35 ----D---- C:\Program Files (x86)\Xfire
2012-02-06 00:37:53 ----D---- C:\windows\SYSWOW64\drivers
2012-02-04 11:27:22 ----D---- C:\windows\Prefetch
2012-02-03 21:01:24 ----D---- C:\windows\system32\drivers
2012-02-01 12:47:07 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-31 22:46:19 ----D---- C:\Windows
2012-01-31 18:39:22 ----D---- C:\Users\msi\AppData\Roaming\DAEMON Tools Lite
2012-01-31 18:39:08 ----D---- C:\windows\debug
2012-01-31 15:16:39 ----D---- C:\windows\SysWOW64
2012-01-30 21:00:48 ----RSD---- C:\windows\assembly
2012-01-30 21:00:41 ----RSD---- C:\windows\Fonts
2012-01-29 17:01:06 ----D---- C:\windows\system32\catroot2
2012-01-28 14:43:22 ----D---- C:\Users\msi\AppData\Roaming\Skype
2012-01-27 00:52:58 ----N---- C:\windows\system32\MpSigStub.exe
2012-01-26 21:32:49 ----D---- C:\Program Files (x86)\Opera
2012-01-18 13:52:38 ----D---- C:\Users\msi\AppData\Roaming\DivX
2012-01-16 20:58:04 ----D---- C:\windows\winsxs
2012-01-16 12:13:28 ----D---- C:\windows\system32\catroot
2012-01-16 12:08:10 ----A---- C:\windows\win.ini
2012-01-13 07:37:18 ----D---- C:\windows\system32\DriverStore
2012-01-13 07:36:23 ----D---- C:\windows\twain_32
2012-01-13 07:36:20 ----D---- C:\Program Files (x86)\Common Files
2012-01-11 21:07:56 ----D---- C:\windows\ehome
2012-01-11 21:04:12 ----A---- C:\windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-05 270912]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R3 amdiox64;AMD IO Driver; C:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-26 10496512]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-26 326656]
R3 AmdLLD64;AMD Low Level Device Driver; C:\windows\system32\DRIVERS\AmdLLD64.sys [2009-04-22 47672]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-05-04 2363936]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2011-12-10 23152]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-02-08 855328]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-01-07 302128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Andbus;LGE Android Platform Composite USB Device; C:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
S3 andnetadb;ADB Interface DriverNet; C:\windows\System32\Drivers\lgandnetadb.sys [2011-02-23 31744]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2011-02-23 29696]
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port; C:\windows\system32\DRIVERS\lgandnetgps64.sys [2011-02-23 28672]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys [2011-02-23 37376]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\windows\system32\DRIVERS\lgandnetndis64.sys [2011-02-23 90624]
S3 androidusb;ADB Interface Driver; C:\windows\System32\Drivers\lgandadb.sys [2010-08-02 31744]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 dump_wmimmc;dump_wmimmc; \??\C:\ALT1Games\TROY\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 EUCR;EUCR; C:\windows\system32\DRIVERS\EUCR6SK.SYS [2009-12-04 87888]
S3 lmimirr;lmimirr; C:\windows\system32\DRIVERS\lmimirr.sys []
S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files (x86)\msi\msi Software Install\MGHwCtrl.sys []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\msi\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 NPPTNT2;NPPTNT2; \??\C:\windows\syswow64\npptNT2.sys [2009-04-06 4682]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\msi\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 scrambler;scrambler; \??\C:\windows\system32\drivers\scrambler.sys []
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 smserial;smserial; C:\windows\system32\DRIVERS\SmSerl64.sys [2009-06-10 1227776]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary; C:\windows\system32\DRIVERS\zghsmdm.sys [2011-01-13 122624]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-26 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-25 361984]
R2 AMDFusionSVC;AMD Fusion Utility Service; C:\Program Files (x86)\AMD\Fusion Utility for Mobility\FusionSVC.exe [2009-09-02 383544]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 934176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 npggsvc;nProtect GameGuard Service; C:\windows\syswow64\GameMon.des [2011-05-13 4006192]
S3 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [2010-01-27 44432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-27 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-06-29 1255736]
-----------------EOF-----------------
Zdá se mi, že občas je zatížení procesoru větší než bývávalo....
Děkuji velmi pěkně ....
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Ještě INFO.txt :
INFO.txt :
info.txt logfile of random's system information tool 1.09 2012-02-09 22:24:37
======Uninstall list======
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
4Story CZ 3.6.66-->"C:\Program Files (x86)\Gameforge4D\4Story_CZ\unins000.exe"
AC3Filter 1.63b-->"C:\Program Files (x86)\AC3Filter\unins000.exe"
ACR version 0.001-->"C:\Program Files (x86)\ACR\unins000.exe"
Adobe Flash Player 11 ActiveX 64-bit-->C:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin 64-bit-->C:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe -maintain plugin
Adobe Reader X (10.1.2) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Age of Conan: Unchained-->"C:\Program Files (x86)\Funcom\Age of Conan\unins000.exe"
Alice Greenfingers-->"C:\Program Files (x86)\MSI Game Corner\Alice Greenfingers\Uninstall.exe" "C:\Program Files (x86)\MSI Game Corner\Alice Greenfingers\install.log"
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{49DADDE6-41A1-5A2B-C518-0EBE12261352} REBOOT=ReallySuppress
AMD Fusion Media Explorer-->MsiExec.exe /X{2D943F95-2C76-4951-9AEF-0977AF5DE11A}
AMD Media Foundation Decoders-->MsiExec.exe /X{443A416C-BD21-9746-78C4-8139DFAA18B7}
Android Notifier Desktop-->C:\Program Files (x86)\Android Notifier Desktop\uninstall.exe
Anti-Twin (Installation 16.12.2011)-->"C:\Program Files (x86)\AntiTwin\uninstall.exe" /uninst "UninstallKey=Anti-Twin 2011-12-16 15.12.09"
Apple Application Support-->MsiExec.exe /I{B3575D00-27EF-49C2-B9E0-14B3D954E992}
Apple Mobile Device Support-->MsiExec.exe /I{439760BC-7737-4386-9B1D-A90A3E8A22EA}
Apple Software Update-->MsiExec.exe /I{C6579A65-9CAE-4B31-8B6B-3306E0630A66}
ArcSoft Magic-i Visual Effects 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8E90189A-A5D4-4C0E-A908-06C4236F98EE}\Setup.exe" -l0x9
ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1AlbumPage
ArcSoft Print Creations - Brochures & Flyers-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Brochure
ArcSoft Print Creations - Funhouse II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1HouseFun
ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Funhouse
ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1GreetingCard
ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1PhotoBook
ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Calendar
ArcSoft Print Creations - Photo Prints-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1PhotoPrint
ArcSoft Print Creations - Poster Creator-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Poster
ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1ScrapBook
ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Slimline
ArcSoft Print Creations-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9
ArcSoft WebCam Companion 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{25478065-4CB1-448C-80E4-8C4529017EE3}\Setup.exe" -l0x9
ArmA 2 Free Uninstall-->C:\Program Files (x86)\Bohemia Interactive\ArmA 2 Free\UnInstall.exe
ArmA Uninstall-->C:\Program files\Bohemia Interactive\ArmA\UnInstall.exe
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{3E62B27C-342F-4B44-9331-CA4BC59A586F}
Audacity 1.3.12 (Unicode)-->"C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe"
AudioConverter Studio 6.2-->"C:\Program Files (x86)\AudioConverter Studio\unins000.exe"
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Avi2Dvd 0.6.4-->C:\Program Files (x86)\Avi2Dvd\uninst.exe
AviSynth 2.5-->"C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe"
Balíček ovladače systému Windows - AMD (amdsata) HDC (10/07/2009 1.2.0.164)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst64.exe /u C:\windows\System32\DriverStore\FileRepository\amdsata.inf_amd64_neutral_04eb0a122fcc1628\amdsata.inf
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_amd64_neutral_73c28da64803cefc\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\windows\System32\DriverStore\FileRepository\nokbtmdm.inf_amd64_neutral_13826104cd8e800f\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\windows\system32\DRVSTORE\pccsmcfdx6_8A3BAB842294F8D9255C3CF2A3B1CECAEEB8EA7E\pccsmcfdx64.inf
Bandisoft MPEG-1 Decoder-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"
Battlestations Midway-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3FEDF39A-4BA9-41F0-80EE-D4B5642F4D45}\setup.exe" -l0x9
BattlEye Uninstall-->C:\Program files\Bohemia Interactive\ArmA\BattlEye\UnInstallBE.exe
Bonjour-->MsiExec.exe /X{0E543634-7E25-4B8F-8D5B-97880E5E5088}
BurnRecovery-->MsiExec.exe /I{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}
Call of Juarez-->C:\Program Files (x86)\InstallShield Installation Information\{D25D5844-0975-4CB2-A853-6BD781F4435E}\setup.exe -runfromtemp -l0x0405
Catalyst Control Center - Branding-->MsiExec.exe /I{0E33EC53-22CE-426C-A88B-2AAC231BAC85}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CloneSpy 2.62-->"C:\Program Files (x86)\CloneSpy\CSUninstall.exe"
Conduit Engine-->C:\PROGRA~2\CONDUI~1\ConduitEngineUninstall.exe
CoreAAC Audio Decoder (remove only)-->"C:\windows\system32\CoreAAC-uninstall.exe"
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
Euro Truck Simulator-->C:\Program Files (x86)\Euro Truck Simulator\Uninstal_EuroTruckSimulator.exe
ffdshow [rev 3299] [2010-03-03]-->"C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Filters\ffdshow\unins000.exe"
FormatFactory 2.70-->C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
Free Screen Recorder v2.9-->"C:\Program Files (x86)\Free Screen Recorder\unins000.exe"
FreeCommander 2009.02b-->"C:\Program Files (x86)\FreeCommander\unins000.exe"
Freecorder 5-->"C:\Program Files (x86)\Freecorder\uninstall.exe" "/U:C:\Program Files (x86)\Freecorder\Uninstall\uninstallFC5.xml"
Freecorder Toolbar-->C:\PROGRA~2\FREECO~2\UNINST~1.EXE
Fusion Utility for Mobility-->MsiExec.exe /I{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}
GIMP 2.6.11-->"C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Groove Monkee Sample Pack-->"C:\Program Files (x86)\Groove Monkee\UninstallSamples.exe"
Guitar Pro 6-->"C:\Program Files (x86)\Guitar Pro 6\unins000.exe"
Haali Media Splitter-->"C:\Program Files (x86)\Haali\MatroskaSplitter\uninstall.exe"
High-Definition Video Playback 10-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Cheat Engine 6.1-->"C:\Program Files (x86)\Cheat Engine 6.1\unins000.exe"
Chicken Invaders 2-->"C:\Program Files (x86)\MSI Game Corner\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\MSI Game Corner\Chicken Invaders 2\install.log"
Ignite-->"C:\Program Files (x86)\Just A Game GmbH\Ignite\unins000.exe"
ImageShack Uploader 2.2.0-->MsiExec.exe /X{8BCD7AE7-F713-4D50-BAB9-7839B9386870}
Install(GE)-->C:\Program Files (x86)\InstallShield Installation Information\{F916C6DF-2601-4385-9500-C45FF398D4CB}\setup.exe -runfromtemp -l0x0007 -removeonly
iTunes-->MsiExec.exe /I{BCF07271-A853-4D3A-B668-4B752174CAA8}
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LAME v3.98.3 for Audacity-->"C:\Program Files (x86)\Lame For Audacity\unins000.exe"
LG SP USB Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E2AE8456-CCFE-46C0-8629-71CC507660FC}\setup.exe" -l0x5 -removeonly
LG United Mobile Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}\setup.exe" -runfromtemp -l0x0405 LG -removeonly
LG USB WML Modem Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBA0CA60-8BF2-4381-B819-74F020E165A9}\setup.exe" -l0x9 LG -removeonly
Lineage® II: Freya (High Five)-->"C:\Program Files (x86)\InstallShield Installation Information\{21040472-F8DF-48A9-A093-2986C1495670}\setup.exe" -runfromtemp -l0x0409 -removeonly
Live Update 5-->"C:\Program Files (x86)\MSI\Live Update 5\unins000.exe"
Luminance HDR 2.1.0-->"C:\Program Files (x86)\Luminance HDR\unins000.exe"
MAGIX Screenshare-->C:\Program Files (x86)\MAGIX\PCVisit\unwise.exe
Mahjong Escape Ancient China-->"C:\Program Files (x86)\MSI Game Corner\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files (x86)\MSI Game Corner\Mahjong Escape Ancient China\install.log"
Malwarebytes Anti-Malware verze 1.60.1.1000-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-0016-0402-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (Estonian) 2007-->MsiExec.exe /X{90120000-0016-0425-0000-0000000FF1CE}
Microsoft Office Excel MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0016-040E-0000-0000000FF1CE}
Microsoft Office Excel MUI (Latvian) 2007-->MsiExec.exe /X{90120000-0016-0426-0000-0000000FF1CE}
Microsoft Office Excel MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-0016-0427-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-00A1-0402-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Estonian) 2007-->MsiExec.exe /X{90120000-00A1-0425-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-00A1-040E-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Latvian) 2007-->MsiExec.exe /X{90120000-00A1-0426-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-00A1-0427-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2007-->MsiExec.exe /X{90120000-00A1-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-0018-0402-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Estonian) 2007-->MsiExec.exe /X{90120000-0018-0425-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0018-040E-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Latvian) 2007-->MsiExec.exe /X{90120000-0018-0426-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-0018-0427-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Proof (Bulgarian) 2007-->MsiExec.exe /X{90120000-001F-0402-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Estonian) 2007-->MsiExec.exe /X{90120000-001F-0425-0000-0000000FF1CE}
Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Latvian) 2007-->MsiExec.exe /X{90120000-001F-0426-0000-0000000FF1CE}
Microsoft Office Proof (Lithuanian) 2007-->MsiExec.exe /X{90120000-001F-0427-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007-->MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Bulgarian) 2007-->MsiExec.exe /X{90120000-002C-0402-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (Estonian) 2007-->MsiExec.exe /X{90120000-002C-0425-0000-0000000FF1CE}
Microsoft Office Proofing (Hungarian) 2007-->MsiExec.exe /X{90120000-002C-040E-0000-0000000FF1CE}
Microsoft Office Proofing (Latvian) 2007-->MsiExec.exe /X{90120000-002C-0426-0000-0000000FF1CE}
Microsoft Office Proofing (Lithuanian) 2007-->MsiExec.exe /X{90120000-002C-0427-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-002A-0402-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2007-->MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Estonian) 2007-->MsiExec.exe /X{90120000-002A-0425-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-002A-040E-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Latvian) 2007-->MsiExec.exe /X{90120000-002A-0426-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-002A-0427-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Slovak) 2007-->MsiExec.exe /X{90120000-002A-041B-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-006E-0402-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (Estonian) 2007-->MsiExec.exe /X{90120000-006E-0425-0000-0000000FF1CE}
Microsoft Office Shared MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-006E-040E-0000-0000000FF1CE}
Microsoft Office Shared MUI (Latvian) 2007-->MsiExec.exe /X{90120000-006E-0426-0000-0000000FF1CE}
Microsoft Office Shared MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-006E-0427-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-001B-0402-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Estonian) 2007-->MsiExec.exe /X{90120000-001B-0425-0000-0000000FF1CE}
Microsoft Office Word MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-001B-040E-0000-0000000FF1CE}
Microsoft Office Word MUI (Latvian) 2007-->MsiExec.exe /X{90120000-001B-0426-0000-0000000FF1CE}
Microsoft Office Word MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-001B-0427-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Works-->MsiExec.exe /I{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}
Mozilla Firefox 9.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSI Game Corner Console-->"C:\Program Files (x86)\MSI Game Corner\Game Console\unins000.exe"
msi Software Install-->MsiExec.exe /I{07690F1C-04B1-4060-9691-6748ED1826B9}
MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
NCsoft Launcher-->C:\Program Files (x86)\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
Nexon Game Manager-->"C:\ProgramData\NexonEU\NGM\NGM.exe" -mode:uninstall -dll:ngm.nexoneu.com/cbangm/NGM/Bin/NGMDll.dll -game:0 -locale:EU -load_from_local
Nokia Connectivity Cable Driver-->MsiExec.exe /I{2D99A593-C841-43A7-B7C9-D6F3AE70B756}
Nokia PC Suite-->C:\ProgramData\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
Nokia PC Suite-->MsiExec.exe /I{D0D14551-3A2D-433B-861F-F4DCE5422759}
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
Opera 11.61-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
PC Connectivity Solution-->MsiExec.exe /I{C373F7C4-05D2-4047-96D1-6AF30661C6AA}
PSPad editor-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Rebirth Evolution verze 2.8-->"C:\RebirthEvolution\unins000.exe"
Rosh Online-->C:\IgnitedGames\ROSH\uninst.exe
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Sniper Elite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A979B2D8-E3EE-4523-A26C-4AF0A6809280}\setup.exe"
SpecOps-->C:\windows\IsUninst.exe -f"C:\Program Files (x86)\Zombie\SpecOps\Uninst.isu"
STDU Viewer version 1.5.635.0-->"C:\Program Files (x86)\STDU Viewer\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Control Manager-->C:\Program Files (x86)\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
The Godfather -->C:\Program Files (x86)\Electronic Arts\The Godfather The Game\Odinstalovat.exe
The Godfather™ The Game-->C:\Program Files (x86)\Electronic Arts\The Godfather The Game\EAUninstall.exe
TROY-->"C:\Program Files (x86)\InstallShield Installation Information\{F2EF7534-C748-480E-B2B1-04F6C299BEBE}\setup.exe" -runfromtemp -l0x0009 -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft Office Word 2007 (KB974631)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D53FB73-9826-4541-B2E0-A239C6EBA718}
Update for Microsoft Office Word 2007 (KB974631)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {34726474-50D6-49FC-B8AC-35411459D27A}
Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Office System 2007 Setup (KB929722)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
USB2.0 PC Camera (SN9C201&202)-->C:\Program Files (x86)\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\setup.exe -runfromtemp -l0x0009 -removeonly -u
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
VertrigoServ (remove only)-->C:\Program Files (x86)\VertrigoServ\Uninstall.exe
Vindictus EU-->"C:\ProgramData\NexonEU\NGM\NGM.exe" -mode:uninstall -game:50339851 -locale:EU
Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64)-->C:\PROGRA~1\DIFX\3BD8E4BC84D41A4F\DPInst.exe /u C:\windows\System32\DriverStore\FileRepository\eucr6sk.inf_amd64_neutral_1db5ff7160922dbc\eucr6sk.inf
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}
Windows Live Fotogalerie-->MsiExec.exe /X{1D097338-B4FA-4F29-9C43-8D7A970A007E}
Windows Live Mail-->MsiExec.exe /I{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}
Windows Live Messenger-->MsiExec.exe /X{71E40B32-5173-4538-8996-5822DD18E8D4}
Windows Live Movie Maker-->MsiExec.exe /X{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}
Windows Live Sync-->MsiExec.exe /X{068B46A0-8858-4CEB-80BC-A4AE787A05FC}
Windows Live Writer-->MsiExec.exe /X{479A749B-1684-4881-8266-BF8DD22251E7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files (x86)\WinRAR 3.61 Multi\Uninstall.exe
Xfire (remove only)-->"C:\Program Files (x86)\Xfire\uninst.exe"
Xvid 1.2.2 final uninstall-->"C:\Program Files (x86)\Xvid\unins000.exe"
======System event log======
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby Brána Windows Firewall byl změněn na: Spuštěno
Record Number: 159460
Source Name: Service Control Manager
Time Written: 20111029131458.558889-000
Event Type: Informace
User:
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby Služba BFE (Base Filtering Engine) byl změněn na: Spuštěno
Record Number: 159459
Source Name: Service Control Manager
Time Written: 20111029131458.449688-000
Event Type: Informace
User:
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby Služba zařazování tisku byl změněn na: Spuštěno
Record Number: 159458
Source Name: Service Control Manager
Time Written: 20111029131458.215688-000
Event Type: Informace
User:
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby Plánovač úloh byl změněn na: Spuštěno
Record Number: 159457
Source Name: Service Control Manager
Time Written: 20111029131458.137688-000
Event Type: Informace
User:
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby avast! Antivirus byl změněn na: Spuštěno
Record Number: 159456
Source Name: Service Control Manager
Time Written: 20111029131457.888087-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: WIN-EUATJ0NAE9A
Event Code: 1
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.
Record Number: 909
Source Name: SecurityCenter
Time Written: 20100608174810.000000-000
Event Type: Informace
User:
Computer Name: WIN-EUATJ0NAE9A
Event Code: 900
Message: Služba Ochrana softwaru se spouští.
Record Number: 908
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100608174808.000000-000
Event Type: Informace
User:
Computer Name: WIN-EUATJ0NAE9A
Event Code: 1003
Message: Služba Windows Search byla spuštěna.
Record Number: 907
Source Name: Microsoft-Windows-Search
Time Written: 20100608174717.000000-000
Event Type: Informace
User:
Computer Name: WIN-EUATJ0NAE9A
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.
Record Number: 906
Source Name: Microsoft-Windows-Search
Time Written: 20100608174714.000000-000
Event Type: Informace
User:
Computer Name: WIN-EUATJ0NAE9A
Event Code: 103
Message: Windows (2172) Windows: Databázový stroj zastavil instanci (0).
Record Number: 905
Source Name: ESENT
Time Written: 20100608174714.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: msi-msi
Event Code: 5061
Message: Kryptografická operace.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 35090
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194709.763950-000
Event Type: Úspěšný audit
User:
Computer Name: msi-msi
Event Code: 5058
Message: Operace se souborem klíče.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cd727209bd5d9aec45cb725a73e8bc65_b9b04158-1546-44c8-b521-8e910ebdedef
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 35089
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194709.763950-000
Event Type: Úspěšný audit
User:
Computer Name: msi-msi
Event Code: 5061
Message: Kryptografická operace.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 35088
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194650.839067-000
Event Type: Úspěšný audit
User:
Computer Name: msi-msi
Event Code: 5058
Message: Operace se souborem klíče.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cd727209bd5d9aec45cb725a73e8bc65_b9b04158-1546-44c8-b521-8e910ebdedef
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 35087
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194650.838067-000
Event Type: Úspěšný audit
User:
Computer Name: msi-msi
Event Code: 5061
Message: Kryptografická operace.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 35086
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194052.847825-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\Fusion Media Explorer\;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0603
"configsetroot"=%SystemRoot%\ConfigSetRoot
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
-----------------EOF-----------------
INFO.txt :
info.txt logfile of random's system information tool 1.09 2012-02-09 22:24:37
======Uninstall list======
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
4Story CZ 3.6.66-->"C:\Program Files (x86)\Gameforge4D\4Story_CZ\unins000.exe"
AC3Filter 1.63b-->"C:\Program Files (x86)\AC3Filter\unins000.exe"
ACR version 0.001-->"C:\Program Files (x86)\ACR\unins000.exe"
Adobe Flash Player 11 ActiveX 64-bit-->C:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin 64-bit-->C:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe -maintain plugin
Adobe Reader X (10.1.2) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Age of Conan: Unchained-->"C:\Program Files (x86)\Funcom\Age of Conan\unins000.exe"
Alice Greenfingers-->"C:\Program Files (x86)\MSI Game Corner\Alice Greenfingers\Uninstall.exe" "C:\Program Files (x86)\MSI Game Corner\Alice Greenfingers\install.log"
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{49DADDE6-41A1-5A2B-C518-0EBE12261352} REBOOT=ReallySuppress
AMD Fusion Media Explorer-->MsiExec.exe /X{2D943F95-2C76-4951-9AEF-0977AF5DE11A}
AMD Media Foundation Decoders-->MsiExec.exe /X{443A416C-BD21-9746-78C4-8139DFAA18B7}
Android Notifier Desktop-->C:\Program Files (x86)\Android Notifier Desktop\uninstall.exe
Anti-Twin (Installation 16.12.2011)-->"C:\Program Files (x86)\AntiTwin\uninstall.exe" /uninst "UninstallKey=Anti-Twin 2011-12-16 15.12.09"
Apple Application Support-->MsiExec.exe /I{B3575D00-27EF-49C2-B9E0-14B3D954E992}
Apple Mobile Device Support-->MsiExec.exe /I{439760BC-7737-4386-9B1D-A90A3E8A22EA}
Apple Software Update-->MsiExec.exe /I{C6579A65-9CAE-4B31-8B6B-3306E0630A66}
ArcSoft Magic-i Visual Effects 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8E90189A-A5D4-4C0E-A908-06C4236F98EE}\Setup.exe" -l0x9
ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1AlbumPage
ArcSoft Print Creations - Brochures & Flyers-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Brochure
ArcSoft Print Creations - Funhouse II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1HouseFun
ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Funhouse
ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1GreetingCard
ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1PhotoBook
ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Calendar
ArcSoft Print Creations - Photo Prints-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1PhotoPrint
ArcSoft Print Creations - Poster Creator-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Poster
ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1ScrapBook
ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9 -1Slimline
ArcSoft Print Creations-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}\Setup.exe" -l0x9
ArcSoft WebCam Companion 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{25478065-4CB1-448C-80E4-8C4529017EE3}\Setup.exe" -l0x9
ArmA 2 Free Uninstall-->C:\Program Files (x86)\Bohemia Interactive\ArmA 2 Free\UnInstall.exe
ArmA Uninstall-->C:\Program files\Bohemia Interactive\ArmA\UnInstall.exe
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{3E62B27C-342F-4B44-9331-CA4BC59A586F}
Audacity 1.3.12 (Unicode)-->"C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe"
AudioConverter Studio 6.2-->"C:\Program Files (x86)\AudioConverter Studio\unins000.exe"
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Avi2Dvd 0.6.4-->C:\Program Files (x86)\Avi2Dvd\uninst.exe
AviSynth 2.5-->"C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe"
Balíček ovladače systému Windows - AMD (amdsata) HDC (10/07/2009 1.2.0.164)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst64.exe /u C:\windows\System32\DriverStore\FileRepository\amdsata.inf_amd64_neutral_04eb0a122fcc1628\amdsata.inf
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_amd64_neutral_73c28da64803cefc\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\windows\System32\DriverStore\FileRepository\nokbtmdm.inf_amd64_neutral_13826104cd8e800f\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\windows\system32\DRVSTORE\pccsmcfdx6_8A3BAB842294F8D9255C3CF2A3B1CECAEEB8EA7E\pccsmcfdx64.inf
Bandisoft MPEG-1 Decoder-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"
Battlestations Midway-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3FEDF39A-4BA9-41F0-80EE-D4B5642F4D45}\setup.exe" -l0x9
BattlEye Uninstall-->C:\Program files\Bohemia Interactive\ArmA\BattlEye\UnInstallBE.exe
Bonjour-->MsiExec.exe /X{0E543634-7E25-4B8F-8D5B-97880E5E5088}
BurnRecovery-->MsiExec.exe /I{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}
Call of Juarez-->C:\Program Files (x86)\InstallShield Installation Information\{D25D5844-0975-4CB2-A853-6BD781F4435E}\setup.exe -runfromtemp -l0x0405
Catalyst Control Center - Branding-->MsiExec.exe /I{0E33EC53-22CE-426C-A88B-2AAC231BAC85}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CloneSpy 2.62-->"C:\Program Files (x86)\CloneSpy\CSUninstall.exe"
Conduit Engine-->C:\PROGRA~2\CONDUI~1\ConduitEngineUninstall.exe
CoreAAC Audio Decoder (remove only)-->"C:\windows\system32\CoreAAC-uninstall.exe"
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
Euro Truck Simulator-->C:\Program Files (x86)\Euro Truck Simulator\Uninstal_EuroTruckSimulator.exe
ffdshow [rev 3299] [2010-03-03]-->"C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Filters\ffdshow\unins000.exe"
FormatFactory 2.70-->C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
Free Screen Recorder v2.9-->"C:\Program Files (x86)\Free Screen Recorder\unins000.exe"
FreeCommander 2009.02b-->"C:\Program Files (x86)\FreeCommander\unins000.exe"
Freecorder 5-->"C:\Program Files (x86)\Freecorder\uninstall.exe" "/U:C:\Program Files (x86)\Freecorder\Uninstall\uninstallFC5.xml"
Freecorder Toolbar-->C:\PROGRA~2\FREECO~2\UNINST~1.EXE
Fusion Utility for Mobility-->MsiExec.exe /I{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}
GIMP 2.6.11-->"C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Groove Monkee Sample Pack-->"C:\Program Files (x86)\Groove Monkee\UninstallSamples.exe"
Guitar Pro 6-->"C:\Program Files (x86)\Guitar Pro 6\unins000.exe"
Haali Media Splitter-->"C:\Program Files (x86)\Haali\MatroskaSplitter\uninstall.exe"
High-Definition Video Playback 10-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Cheat Engine 6.1-->"C:\Program Files (x86)\Cheat Engine 6.1\unins000.exe"
Chicken Invaders 2-->"C:\Program Files (x86)\MSI Game Corner\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\MSI Game Corner\Chicken Invaders 2\install.log"
Ignite-->"C:\Program Files (x86)\Just A Game GmbH\Ignite\unins000.exe"
ImageShack Uploader 2.2.0-->MsiExec.exe /X{8BCD7AE7-F713-4D50-BAB9-7839B9386870}
Install(GE)-->C:\Program Files (x86)\InstallShield Installation Information\{F916C6DF-2601-4385-9500-C45FF398D4CB}\setup.exe -runfromtemp -l0x0007 -removeonly
iTunes-->MsiExec.exe /I{BCF07271-A853-4D3A-B668-4B752174CAA8}
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LAME v3.98.3 for Audacity-->"C:\Program Files (x86)\Lame For Audacity\unins000.exe"
LG SP USB Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E2AE8456-CCFE-46C0-8629-71CC507660FC}\setup.exe" -l0x5 -removeonly
LG United Mobile Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}\setup.exe" -runfromtemp -l0x0405 LG -removeonly
LG USB WML Modem Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBA0CA60-8BF2-4381-B819-74F020E165A9}\setup.exe" -l0x9 LG -removeonly
Lineage® II: Freya (High Five)-->"C:\Program Files (x86)\InstallShield Installation Information\{21040472-F8DF-48A9-A093-2986C1495670}\setup.exe" -runfromtemp -l0x0409 -removeonly
Live Update 5-->"C:\Program Files (x86)\MSI\Live Update 5\unins000.exe"
Luminance HDR 2.1.0-->"C:\Program Files (x86)\Luminance HDR\unins000.exe"
MAGIX Screenshare-->C:\Program Files (x86)\MAGIX\PCVisit\unwise.exe
Mahjong Escape Ancient China-->"C:\Program Files (x86)\MSI Game Corner\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files (x86)\MSI Game Corner\Mahjong Escape Ancient China\install.log"
Malwarebytes Anti-Malware verze 1.60.1.1000-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-0016-0402-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (Estonian) 2007-->MsiExec.exe /X{90120000-0016-0425-0000-0000000FF1CE}
Microsoft Office Excel MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0016-040E-0000-0000000FF1CE}
Microsoft Office Excel MUI (Latvian) 2007-->MsiExec.exe /X{90120000-0016-0426-0000-0000000FF1CE}
Microsoft Office Excel MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-0016-0427-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-00A1-0402-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Estonian) 2007-->MsiExec.exe /X{90120000-00A1-0425-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-00A1-040E-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Latvian) 2007-->MsiExec.exe /X{90120000-00A1-0426-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-00A1-0427-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2007-->MsiExec.exe /X{90120000-00A1-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-0018-0402-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Estonian) 2007-->MsiExec.exe /X{90120000-0018-0425-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0018-040E-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Latvian) 2007-->MsiExec.exe /X{90120000-0018-0426-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-0018-0427-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Proof (Bulgarian) 2007-->MsiExec.exe /X{90120000-001F-0402-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Estonian) 2007-->MsiExec.exe /X{90120000-001F-0425-0000-0000000FF1CE}
Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Latvian) 2007-->MsiExec.exe /X{90120000-001F-0426-0000-0000000FF1CE}
Microsoft Office Proof (Lithuanian) 2007-->MsiExec.exe /X{90120000-001F-0427-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007-->MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Bulgarian) 2007-->MsiExec.exe /X{90120000-002C-0402-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (Estonian) 2007-->MsiExec.exe /X{90120000-002C-0425-0000-0000000FF1CE}
Microsoft Office Proofing (Hungarian) 2007-->MsiExec.exe /X{90120000-002C-040E-0000-0000000FF1CE}
Microsoft Office Proofing (Latvian) 2007-->MsiExec.exe /X{90120000-002C-0426-0000-0000000FF1CE}
Microsoft Office Proofing (Lithuanian) 2007-->MsiExec.exe /X{90120000-002C-0427-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-002A-0402-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2007-->MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Estonian) 2007-->MsiExec.exe /X{90120000-002A-0425-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-002A-040E-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Latvian) 2007-->MsiExec.exe /X{90120000-002A-0426-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-002A-0427-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Slovak) 2007-->MsiExec.exe /X{90120000-002A-041B-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-006E-0402-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (Estonian) 2007-->MsiExec.exe /X{90120000-006E-0425-0000-0000000FF1CE}
Microsoft Office Shared MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-006E-040E-0000-0000000FF1CE}
Microsoft Office Shared MUI (Latvian) 2007-->MsiExec.exe /X{90120000-006E-0426-0000-0000000FF1CE}
Microsoft Office Shared MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-006E-0427-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (Bulgarian) 2007-->MsiExec.exe /X{90120000-001B-0402-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Estonian) 2007-->MsiExec.exe /X{90120000-001B-0425-0000-0000000FF1CE}
Microsoft Office Word MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-001B-040E-0000-0000000FF1CE}
Microsoft Office Word MUI (Latvian) 2007-->MsiExec.exe /X{90120000-001B-0426-0000-0000000FF1CE}
Microsoft Office Word MUI (Lithuanian) 2007-->MsiExec.exe /X{90120000-001B-0427-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Works-->MsiExec.exe /I{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}
Mozilla Firefox 9.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSI Game Corner Console-->"C:\Program Files (x86)\MSI Game Corner\Game Console\unins000.exe"
msi Software Install-->MsiExec.exe /I{07690F1C-04B1-4060-9691-6748ED1826B9}
MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
NCsoft Launcher-->C:\Program Files (x86)\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
Nexon Game Manager-->"C:\ProgramData\NexonEU\NGM\NGM.exe" -mode:uninstall -dll:ngm.nexoneu.com/cbangm/NGM/Bin/NGMDll.dll -game:0 -locale:EU -load_from_local
Nokia Connectivity Cable Driver-->MsiExec.exe /I{2D99A593-C841-43A7-B7C9-D6F3AE70B756}
Nokia PC Suite-->C:\ProgramData\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
Nokia PC Suite-->MsiExec.exe /I{D0D14551-3A2D-433B-861F-F4DCE5422759}
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
Opera 11.61-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
PC Connectivity Solution-->MsiExec.exe /I{C373F7C4-05D2-4047-96D1-6AF30661C6AA}
PSPad editor-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Rebirth Evolution verze 2.8-->"C:\RebirthEvolution\unins000.exe"
Rosh Online-->C:\IgnitedGames\ROSH\uninst.exe
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Sniper Elite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A979B2D8-E3EE-4523-A26C-4AF0A6809280}\setup.exe"
SpecOps-->C:\windows\IsUninst.exe -f"C:\Program Files (x86)\Zombie\SpecOps\Uninst.isu"
STDU Viewer version 1.5.635.0-->"C:\Program Files (x86)\STDU Viewer\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Control Manager-->C:\Program Files (x86)\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
The Godfather -->C:\Program Files (x86)\Electronic Arts\The Godfather The Game\Odinstalovat.exe
The Godfather™ The Game-->C:\Program Files (x86)\Electronic Arts\The Godfather The Game\EAUninstall.exe
TROY-->"C:\Program Files (x86)\InstallShield Installation Information\{F2EF7534-C748-480E-B2B1-04F6C299BEBE}\setup.exe" -runfromtemp -l0x0009 -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft Office Word 2007 (KB974631)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D53FB73-9826-4541-B2E0-A239C6EBA718}
Update for Microsoft Office Word 2007 (KB974631)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {34726474-50D6-49FC-B8AC-35411459D27A}
Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Office System 2007 Setup (KB929722)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
USB2.0 PC Camera (SN9C201&202)-->C:\Program Files (x86)\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\setup.exe -runfromtemp -l0x0009 -removeonly -u
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
VertrigoServ (remove only)-->C:\Program Files (x86)\VertrigoServ\Uninstall.exe
Vindictus EU-->"C:\ProgramData\NexonEU\NGM\NGM.exe" -mode:uninstall -game:50339851 -locale:EU
Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64)-->C:\PROGRA~1\DIFX\3BD8E4BC84D41A4F\DPInst.exe /u C:\windows\System32\DriverStore\FileRepository\eucr6sk.inf_amd64_neutral_1db5ff7160922dbc\eucr6sk.inf
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}
Windows Live Fotogalerie-->MsiExec.exe /X{1D097338-B4FA-4F29-9C43-8D7A970A007E}
Windows Live Mail-->MsiExec.exe /I{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}
Windows Live Messenger-->MsiExec.exe /X{71E40B32-5173-4538-8996-5822DD18E8D4}
Windows Live Movie Maker-->MsiExec.exe /X{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}
Windows Live Sync-->MsiExec.exe /X{068B46A0-8858-4CEB-80BC-A4AE787A05FC}
Windows Live Writer-->MsiExec.exe /X{479A749B-1684-4881-8266-BF8DD22251E7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files (x86)\WinRAR 3.61 Multi\Uninstall.exe
Xfire (remove only)-->"C:\Program Files (x86)\Xfire\uninst.exe"
Xvid 1.2.2 final uninstall-->"C:\Program Files (x86)\Xvid\unins000.exe"
======System event log======
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby Brána Windows Firewall byl změněn na: Spuštěno
Record Number: 159460
Source Name: Service Control Manager
Time Written: 20111029131458.558889-000
Event Type: Informace
User:
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby Služba BFE (Base Filtering Engine) byl změněn na: Spuštěno
Record Number: 159459
Source Name: Service Control Manager
Time Written: 20111029131458.449688-000
Event Type: Informace
User:
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby Služba zařazování tisku byl změněn na: Spuštěno
Record Number: 159458
Source Name: Service Control Manager
Time Written: 20111029131458.215688-000
Event Type: Informace
User:
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby Plánovač úloh byl změněn na: Spuštěno
Record Number: 159457
Source Name: Service Control Manager
Time Written: 20111029131458.137688-000
Event Type: Informace
User:
Computer Name: msi-msi
Event Code: 7036
Message: Stav služby avast! Antivirus byl změněn na: Spuštěno
Record Number: 159456
Source Name: Service Control Manager
Time Written: 20111029131457.888087-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: WIN-EUATJ0NAE9A
Event Code: 1
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.
Record Number: 909
Source Name: SecurityCenter
Time Written: 20100608174810.000000-000
Event Type: Informace
User:
Computer Name: WIN-EUATJ0NAE9A
Event Code: 900
Message: Služba Ochrana softwaru se spouští.
Record Number: 908
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100608174808.000000-000
Event Type: Informace
User:
Computer Name: WIN-EUATJ0NAE9A
Event Code: 1003
Message: Služba Windows Search byla spuštěna.
Record Number: 907
Source Name: Microsoft-Windows-Search
Time Written: 20100608174717.000000-000
Event Type: Informace
User:
Computer Name: WIN-EUATJ0NAE9A
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.
Record Number: 906
Source Name: Microsoft-Windows-Search
Time Written: 20100608174714.000000-000
Event Type: Informace
User:
Computer Name: WIN-EUATJ0NAE9A
Event Code: 103
Message: Windows (2172) Windows: Databázový stroj zastavil instanci (0).
Record Number: 905
Source Name: ESENT
Time Written: 20100608174714.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: msi-msi
Event Code: 5061
Message: Kryptografická operace.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 35090
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194709.763950-000
Event Type: Úspěšný audit
User:
Computer Name: msi-msi
Event Code: 5058
Message: Operace se souborem klíče.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cd727209bd5d9aec45cb725a73e8bc65_b9b04158-1546-44c8-b521-8e910ebdedef
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 35089
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194709.763950-000
Event Type: Úspěšný audit
User:
Computer Name: msi-msi
Event Code: 5061
Message: Kryptografická operace.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 35088
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194650.839067-000
Event Type: Úspěšný audit
User:
Computer Name: msi-msi
Event Code: 5058
Message: Operace se souborem klíče.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cd727209bd5d9aec45cb725a73e8bc65_b9b04158-1546-44c8-b521-8e910ebdedef
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 35087
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194650.838067-000
Event Type: Úspěšný audit
User:
Computer Name: msi-msi
Event Code: 5061
Message: Kryptografická operace.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 893a2648-051f-498c-b5c0-013199288c69
Typ klíče: Klíč počítače
Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 35086
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111115194052.847825-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\Fusion Media Explorer\;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0603
"configsetroot"=%SystemRoot%\ConfigSetRoot
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
-----------------EOF-----------------
Re: Prosím o kontrolu logu
Dobrý večer 
Jaké jsou problémy s počítačem?
Jaké jsou problémy s počítačem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Dobrý den přeji,
zdá se mi občas zpomalenější ( začne se načítat z harddisku a vše se začne sekat - po cca minutě to přestane ) .....
Zkoušel jsem defrag / CCcleaner, tak mne napadla ještě nějaká možná mrška ....
zdá se mi občas zpomalenější ( začne se načítat z harddisku a vše se začne sekat - po cca minutě to přestane ) .....
Zkoušel jsem defrag / CCcleaner, tak mne napadla ještě nějaká možná mrška ....
Re: Prosím o kontrolu logu
Stahněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=115222-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Tak bez nálezu :
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.1.1000
www.malwarebytes.org
Verze databáze: v2012.02.10.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
msi :: MSI-MSI [administrátor]
Ochrana: Zakázána
10.2.2012 10:31:57
mbam-log-2012-02-10 (10-31-57).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 439996
Uplynulý čas: 1 hodin, 43 minut, 24 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.1.1000
www.malwarebytes.org
Verze databáze: v2012.02.10.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
msi :: MSI-MSI [administrátor]
Ochrana: Zakázána
10.2.2012 10:31:57
mbam-log-2012-02-10 (10-31-57).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 439996
Uplynulý čas: 1 hodin, 43 minut, 24 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: Prosím o kontrolu logu
stáhnětehttp://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Omlouvám se, byl jsem v práci...
Zde výpis z Crystaldisku :
----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/02/11 12:10:37
-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- WDC WD32 00BEVT-22A23T0 SATA Disk Device
- Optiarc DVD RW AD-7580S SATA CdRom Device
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-22A23T0 : 320.0 GB [0-0-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD3200BEVT-22A23T0
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-22A23T0
Firmware : 01.01A01
Serial Number : WD-WX21A40A5325
Disk Size : 320.0 GB (8.4/137.4/320.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 5361 hod.
Power On Count : 1616 krát
Temparature : 46 C (114 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 150 132 _21 0000000005BA Čas na roztočení ploten
04 _71 _71 __0 00000000745A Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _93 _93 __0 0000000014F1 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000650 Počet cyklů zapnutí zařízení
BF __1 __1 __0 0000000051B9 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 00000000009D Počet vypnutí disku
C1 __1 __1 __0 0000000D5313 Počet cyklů načítání/vymazání
C2 _97 _84 __0 00000000002E Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 58 32 31
020: 41 34 30 41 35 33 32 35 00 00 40 00 00 32 30 31
030: 2E 30 31 41 30 31 57 44 43 20 57 44 33 32 30 30
040: 42 45 56 54 2D 32 32 41 32 33 54 30 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 1F 06 00 00 00 4C 00 44
0A0: 01 FE 00 00 74 6B 7F 09 61 63 74 69 BC 09 61 63
0B0: 40 7F 00 29 00 29 00 60 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 EA B0 25 42 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E6 AA C3 7A 63
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 18
0F0: 40 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 E5 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 70 37 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 15 18 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A9 A5
Zde výpis z Crystaldisku :
----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/02/11 12:10:37
-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- WDC WD32 00BEVT-22A23T0 SATA Disk Device
- Optiarc DVD RW AD-7580S SATA CdRom Device
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-22A23T0 : 320.0 GB [0-0-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD3200BEVT-22A23T0
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-22A23T0
Firmware : 01.01A01
Serial Number : WD-WX21A40A5325
Disk Size : 320.0 GB (8.4/137.4/320.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 5361 hod.
Power On Count : 1616 krát
Temparature : 46 C (114 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 150 132 _21 0000000005BA Čas na roztočení ploten
04 _71 _71 __0 00000000745A Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _93 _93 __0 0000000014F1 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000650 Počet cyklů zapnutí zařízení
BF __1 __1 __0 0000000051B9 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 00000000009D Počet vypnutí disku
C1 __1 __1 __0 0000000D5313 Počet cyklů načítání/vymazání
C2 _97 _84 __0 00000000002E Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 58 32 31
020: 41 34 30 41 35 33 32 35 00 00 40 00 00 32 30 31
030: 2E 30 31 41 30 31 57 44 43 20 57 44 33 32 30 30
040: 42 45 56 54 2D 32 32 41 32 33 54 30 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 1F 06 00 00 00 4C 00 44
0A0: 01 FE 00 00 74 6B 7F 09 61 63 74 69 BC 09 61 63
0B0: 40 7F 00 29 00 29 00 60 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 EA B0 25 42 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E6 AA C3 7A 63
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 18
0F0: 40 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 E5 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 70 37 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 15 18 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A9 A5
Re: Prosím o kontrolu logu
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Log z ComboFixu :
ComboFix 12-02-11.03 - msi 12.02.2012 11:09:30.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2815.1262 [GMT 1:00]
Spuštěný z: c:\users\msi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\msi\AppData\Local\assembly\tmp
c:\users\msi\AppData\Roaming\.#
c:\windows\isRS-000.tmp
c:\windows\SysWow64\tmpC9D4.tmp
c:\windows\SysWow64\tmpCA23.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-12 do 2012-02-12 )))))))))))))))))))))))))))))))
.
.
2012-02-12 10:27 . 2012-02-12 10:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-11 11:08 . 2012-02-11 11:09 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-02-10 18:03 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{876C6A7C-8F2A-4E87-B93F-5FED5CE5C72A}\mpengine.dll
2012-02-09 21:24 . 2012-02-09 21:24 -------- d-----w- C:\rsit
2012-02-09 21:24 . 2012-02-09 21:24 -------- d-----w- c:\program files\trend micro
2012-02-09 20:40 . 2012-02-09 20:40 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Soubory cookie
2012-02-09 20:40 . 2012-02-09 20:40 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Data aplikací
2012-02-09 20:40 . 2012-02-09 20:40 -------- d-----w- c:\users\msi\AppData\Local\Programs
2012-02-07 13:45 . 2012-02-07 13:45 -------- d-----w- C:\IgnitedGames
2012-02-07 12:38 . 2012-02-07 13:08 -------- d-----w- c:\program files (x86)\ROSH
2012-02-07 12:38 . 2012-02-07 12:38 -------- d-----w- C:\ROSH
2012-02-06 13:44 . 2012-02-06 13:44 -------- d-----w- c:\users\msi\AppData\Local\Funcom
2012-02-06 13:43 . 2012-02-06 13:43 -------- d-----w- c:\programdata\media center programs
2012-02-06 13:43 . 2012-02-06 13:43 -------- d-----w- c:\program files (x86)\Funcom
2012-02-04 11:10 . 2012-02-05 20:42 -------- d-----w- C:\RebirthEvolution
2012-02-04 10:26 . 2012-02-04 10:26 -------- d-----w- c:\program files (x86)\Cheat Engine 6.1
2012-02-03 09:29 . 2012-02-03 09:29 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll
2012-02-03 09:29 . 2012-02-03 09:29 28056 ----a-w- c:\windows\system32\xfcodec64.dll
2012-02-02 12:50 . 2012-02-02 12:50 -------- d-----w- c:\program files (x86)\Gameforge4D
2012-01-31 14:52 . 2012-01-31 14:52 -------- d-----w- c:\programdata\Nexon
2012-01-31 14:16 . 2012-01-31 14:16 -------- d-----w- c:\program files (x86)\BandiMPEG1
2012-01-31 10:19 . 2012-01-31 14:16 -------- d-----w- C:\Download
2012-01-31 10:19 . 2012-01-31 14:10 -------- d-----w- C:\Nexon
2012-01-31 10:19 . 2012-01-31 10:19 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2012-01-31 10:19 . 2012-01-31 10:19 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat
2012-01-30 18:33 . 2012-01-30 18:33 -------- d-----w- c:\programdata\IObit
2012-01-30 18:33 . 2012-01-30 18:33 -------- d-----w- c:\program files (x86)\IObit
2012-01-20 11:13 . 2012-01-20 11:13 -------- d-----w- c:\users\msi\AppData\Local\ArmA
2012-01-20 11:12 . 2012-01-20 11:12 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-01-20 11:12 . 2012-01-20 11:12 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-01-20 11:12 . 2012-01-20 11:12 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-01-20 11:12 . 2012-01-20 11:12 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-01-20 11:12 . 2012-01-20 11:12 -------- d-----w- c:\program files (x86)\OpenAL
2012-01-20 11:00 . 2012-01-20 11:00 -------- d-----w- c:\program files\Bohemia Interactive
2012-01-20 10:27 . 2012-01-20 10:40 -------- d-----w- c:\program files (x86)\Battlestations Midway
2012-01-20 10:26 . 2002-12-05 13:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-01-20 10:26 . 2002-12-05 13:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-01-20 10:26 . 2002-12-02 14:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-01-20 10:26 . 2002-12-02 12:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-01-20 10:26 . 2002-12-02 12:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-01-20 10:26 . 2012-01-20 10:26 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-01-20 10:26 . 2012-01-20 10:26 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-01-20 09:57 . 2012-01-20 09:57 -------- d-----w- c:\program files (x86)\Cenega
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-07 12:56 . 2011-06-29 20:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-26 23:52 . 2011-06-29 21:10 279656 ------w- c:\windows\system32\MpSigStub.exe
2011-12-12 09:24 . 2011-12-12 09:24 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-12-10 14:24 . 2011-07-25 20:49 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-08 20:46 . 2011-12-08 20:46 33019 ----a-w- c:\windows\SysWow64\CoreAAC-uninstall.exe
2011-11-28 18:01 . 2011-06-29 21:02 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-06-29 21:02 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-06-29 21:03 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-06-29 21:03 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-06-29 21:05 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-06-29 21:04 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-06-29 21:03 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-06-29 21:03 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-06-29 21:05 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-24 04:52 . 2011-12-14 23:58 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 14:58 . 2012-01-11 19:41 77312 ----a-w- c:\windows\system32\packager.dll
2011-11-19 14:01 . 2012-01-11 19:41 67072 ----a-w- c:\windows\SysWow64\packager.dll
2011-11-17 06:41 . 2012-01-11 19:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2011-11-17 06:35 . 2012-01-16 19:48 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:38 . 2012-01-11 19:41 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-11-17 05:34 . 2012-01-16 19:48 224768 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files (x86)\Freecorder\prxtbFree.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\Freecorder\prxtbFree.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files (x86)\Freecorder\prxtbFree.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-01-08 2396160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
c:\users\msi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2012-2-3 3530136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\F:\0autocheck autochk *
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys [x]
R3 AndNetGps;LGE AndroidNet USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandnetgps64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\alt1games\TROY\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
R3 MGHwCtrl;MGHwCtrl;c:\program files (x86)\msi\msi Software Install\MGHwCtrl.sys [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\msi\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\msi\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
R3 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [2010-01-27 44432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-25 361984]
S2 AMDFusionSVC;AMD Fusion Utility Service;c:\program files (x86)\AMD\Fusion Utility for Mobility\FusionSVC.exe [2009-09-02 383544]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AmdLLD64;AMD Low Level Device Driver;c:\windows\system32\DRIVERS\AmdLLD64.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 08:48]
.
2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 08:48]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-04 10804256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://msi.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 77.48.254.254 77.48.100.254
FF - ProfilePath - c:\users\msi\AppData\Roaming\Mozilla\Firefox\Profiles\43vyxf7a.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
------- Asociace souborů -------
.
txtfile=c:\windows\NOTEPAD.EXE %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-PlayNC Launcher - (no file)
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\msi\AppData\Local\Akamai\netsession_win.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-CoreAAC Audio Decoder - c:\windows\system32\CoreAAC-uninstall.exe
AddRemove-SpecOps - c:\program files (x86)\Zombie\SpecOps\Uninst.isu
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
.
**************************************************************************
.
Celkový čas: 2012-02-12 11:48:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-12 10:48
.
Před spuštěním: Volných bajtů: 33 195 950 080
Po spuštění: Volných bajtů: 40 386 224 128
.
- - End Of File - - B6A556ACA6F82F0CA8BC6D6FA68F0342
ComboFix 12-02-11.03 - msi 12.02.2012 11:09:30.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2815.1262 [GMT 1:00]
Spuštěný z: c:\users\msi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\msi\AppData\Local\assembly\tmp
c:\users\msi\AppData\Roaming\.#
c:\windows\isRS-000.tmp
c:\windows\SysWow64\tmpC9D4.tmp
c:\windows\SysWow64\tmpCA23.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-12 do 2012-02-12 )))))))))))))))))))))))))))))))
.
.
2012-02-12 10:27 . 2012-02-12 10:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-11 11:08 . 2012-02-11 11:09 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-02-10 18:03 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{876C6A7C-8F2A-4E87-B93F-5FED5CE5C72A}\mpengine.dll
2012-02-09 21:24 . 2012-02-09 21:24 -------- d-----w- C:\rsit
2012-02-09 21:24 . 2012-02-09 21:24 -------- d-----w- c:\program files\trend micro
2012-02-09 20:40 . 2012-02-09 20:40 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Soubory cookie
2012-02-09 20:40 . 2012-02-09 20:40 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Data aplikací
2012-02-09 20:40 . 2012-02-09 20:40 -------- d-----w- c:\users\msi\AppData\Local\Programs
2012-02-07 13:45 . 2012-02-07 13:45 -------- d-----w- C:\IgnitedGames
2012-02-07 12:38 . 2012-02-07 13:08 -------- d-----w- c:\program files (x86)\ROSH
2012-02-07 12:38 . 2012-02-07 12:38 -------- d-----w- C:\ROSH
2012-02-06 13:44 . 2012-02-06 13:44 -------- d-----w- c:\users\msi\AppData\Local\Funcom
2012-02-06 13:43 . 2012-02-06 13:43 -------- d-----w- c:\programdata\media center programs
2012-02-06 13:43 . 2012-02-06 13:43 -------- d-----w- c:\program files (x86)\Funcom
2012-02-04 11:10 . 2012-02-05 20:42 -------- d-----w- C:\RebirthEvolution
2012-02-04 10:26 . 2012-02-04 10:26 -------- d-----w- c:\program files (x86)\Cheat Engine 6.1
2012-02-03 09:29 . 2012-02-03 09:29 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll
2012-02-03 09:29 . 2012-02-03 09:29 28056 ----a-w- c:\windows\system32\xfcodec64.dll
2012-02-02 12:50 . 2012-02-02 12:50 -------- d-----w- c:\program files (x86)\Gameforge4D
2012-01-31 14:52 . 2012-01-31 14:52 -------- d-----w- c:\programdata\Nexon
2012-01-31 14:16 . 2012-01-31 14:16 -------- d-----w- c:\program files (x86)\BandiMPEG1
2012-01-31 10:19 . 2012-01-31 14:16 -------- d-----w- C:\Download
2012-01-31 10:19 . 2012-01-31 14:10 -------- d-----w- C:\Nexon
2012-01-31 10:19 . 2012-01-31 10:19 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2012-01-31 10:19 . 2012-01-31 10:19 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat
2012-01-30 18:33 . 2012-01-30 18:33 -------- d-----w- c:\programdata\IObit
2012-01-30 18:33 . 2012-01-30 18:33 -------- d-----w- c:\program files (x86)\IObit
2012-01-20 11:13 . 2012-01-20 11:13 -------- d-----w- c:\users\msi\AppData\Local\ArmA
2012-01-20 11:12 . 2012-01-20 11:12 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-01-20 11:12 . 2012-01-20 11:12 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-01-20 11:12 . 2012-01-20 11:12 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-01-20 11:12 . 2012-01-20 11:12 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-01-20 11:12 . 2012-01-20 11:12 -------- d-----w- c:\program files (x86)\OpenAL
2012-01-20 11:00 . 2012-01-20 11:00 -------- d-----w- c:\program files\Bohemia Interactive
2012-01-20 10:27 . 2012-01-20 10:40 -------- d-----w- c:\program files (x86)\Battlestations Midway
2012-01-20 10:26 . 2002-12-05 13:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-01-20 10:26 . 2002-12-05 13:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-01-20 10:26 . 2002-12-02 14:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-01-20 10:26 . 2002-12-02 12:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-01-20 10:26 . 2002-12-02 12:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-01-20 10:26 . 2012-01-20 10:26 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-01-20 10:26 . 2012-01-20 10:26 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-01-20 09:57 . 2012-01-20 09:57 -------- d-----w- c:\program files (x86)\Cenega
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-07 12:56 . 2011-06-29 20:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-26 23:52 . 2011-06-29 21:10 279656 ------w- c:\windows\system32\MpSigStub.exe
2011-12-12 09:24 . 2011-12-12 09:24 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-12-10 14:24 . 2011-07-25 20:49 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-08 20:46 . 2011-12-08 20:46 33019 ----a-w- c:\windows\SysWow64\CoreAAC-uninstall.exe
2011-11-28 18:01 . 2011-06-29 21:02 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-06-29 21:02 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-06-29 21:03 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-06-29 21:03 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-06-29 21:05 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-06-29 21:04 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-06-29 21:03 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-06-29 21:03 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-06-29 21:05 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-24 04:52 . 2011-12-14 23:58 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 14:58 . 2012-01-11 19:41 77312 ----a-w- c:\windows\system32\packager.dll
2011-11-19 14:01 . 2012-01-11 19:41 67072 ----a-w- c:\windows\SysWow64\packager.dll
2011-11-17 06:41 . 2012-01-11 19:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2011-11-17 06:35 . 2012-01-16 19:48 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:38 . 2012-01-11 19:41 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-11-17 05:34 . 2012-01-16 19:48 224768 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files (x86)\Freecorder\prxtbFree.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\Freecorder\prxtbFree.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files (x86)\Freecorder\prxtbFree.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-01-08 2396160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
c:\users\msi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2012-2-3 3530136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\F:\0autocheck autochk *
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys [x]
R3 AndNetGps;LGE AndroidNet USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandnetgps64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\alt1games\TROY\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
R3 MGHwCtrl;MGHwCtrl;c:\program files (x86)\msi\msi Software Install\MGHwCtrl.sys [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\msi\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\msi\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
R3 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [2010-01-27 44432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-25 361984]
S2 AMDFusionSVC;AMD Fusion Utility Service;c:\program files (x86)\AMD\Fusion Utility for Mobility\FusionSVC.exe [2009-09-02 383544]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AmdLLD64;AMD Low Level Device Driver;c:\windows\system32\DRIVERS\AmdLLD64.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 08:48]
.
2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 08:48]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-04 10804256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://msi.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 77.48.254.254 77.48.100.254
FF - ProfilePath - c:\users\msi\AppData\Roaming\Mozilla\Firefox\Profiles\43vyxf7a.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
------- Asociace souborů -------
.
txtfile=c:\windows\NOTEPAD.EXE %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-PlayNC Launcher - (no file)
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\msi\AppData\Local\Akamai\netsession_win.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-CoreAAC Audio Decoder - c:\windows\system32\CoreAAC-uninstall.exe
AddRemove-SpecOps - c:\program files (x86)\Zombie\SpecOps\Uninst.isu
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
.
**************************************************************************
.
Celkový čas: 2012-02-12 11:48:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-12 10:48
.
Před spuštěním: Volných bajtů: 33 195 950 080
Po spuštění: Volných bajtů: 40 386 224 128
.
- - End Of File - - B6A556ACA6F82F0CA8BC6D6FA68F0342
Re: Prosím o kontrolu logu
Combofix něco smazal, jak to ted vypadá?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Zatím to vypadá v pohodě, harddisk si nefrčí jako před zásahem ....
Re: Prosím o kontrolu logu
Odinstalujte combofix přes Start - Spustit- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Hotovo, děkuji velmi pěkně za pomoc, harddisk se uklidnil....
Re: Prosím o kontrolu logu
Ještě poprosím o nový log ze rsitu
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?