Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Problém s Průzkumníkem Windows

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
artreus
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2012 18:08

Problém s Průzkumníkem Windows

#1 Příspěvek od artreus »

Ahoj nebo dobrý den,
Chtěl jsem poprosit o radu. Koupil jsem si nový notebook a asi po měsící funguvání jsem si začal všímat, že mi celkem blbe Průzkumník windows, já používám "Total Commander" takže jsem si chyby dlouho nevšiml ale teď zjišťuji že se tento problém týká jiných věcí než jenom procházení složek...mám problémy například s ovládacími panely nebo změnou pozadí plochy.
Původně jsem myslel že to bude nějakou blbou aktualizací tak jsem se díky zálohování windowsu vrátil o aktualizaci zpět, ale pořád to blbe...Po prvním spouštění notebooku jsem vytvořil zálohu kterou jsem se teď snažil obnovit (notebook jel tři dny v kuse ale zdá že bez výsledku a nakonec jsem ho musel sám vyplnout) (Jde o W7) takže jsem teď zoufalý a nevím si rady
Prosím poraďte
Nahoru
artreus
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2012 18:08

Re: Problém s Průzkumníkem Windows

#2 Příspěvek od artreus »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2012-02-23 21:47:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 253 GB (81%) free of 313 GB
Total RAM: 3563 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:47:42, on 23.2.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
D:\TotalCommander 7.04\totalcmd\TOTALCMD.EXE
C:\Windows\SysWOW64\DllHost.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11980 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
taskeng.exe {78CAEB70-8175-44B6-A7D4-BFE25A15815D}
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
WLIDSvcM.exe 2684
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HiddenExperimentA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_http/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=2168.05A07380.764742513 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Petr\AppData\Local\Google\Chrome\APPLIC~1\170963~1.56\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Petr\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll" --lang=cs --channel=2168.05B19AA0.1337485288 --flash-broker=2500 /prefetch:4
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_12/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HiddenExperimentA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_http/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=2168.06EE5E00.415864554 /prefetch:3
"D:\TotalCommander 7.04\totalcmd\TOTALCMD.EXE"
C:\Windows\SysWOW64\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_12/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HiddenExperimentA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_http/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=2168.06C13A80.1709438240 /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Petr\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-101741572-2157690231-624010966-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-101741572-2157690231-624010966-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-01-17 341888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-01-17 59272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-04-18 2209896]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-10-13 17762440]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-17 136176]
"DAEMON Tools Lite"=D:\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"ccleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2011-12-20 4555072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-10-29 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-04-22 11831400]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-01 2018032]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"RemoteControl10"=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-24 222504]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-07 1987976]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-02-23 21:47:15 ----D---- C:\rsit
2012-02-20 20:48:52 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2012-02-19 17:50:45 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2012-02-19 15:10:19 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-02-17 14:28:25 ----A---- C:\Windows\system32\shell32.dll
2012-02-17 14:28:23 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-02-17 14:28:23 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-02-17 14:28:23 ----A---- C:\Windows\system32\ntshrui.dll
2012-02-15 14:36:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-02-15 14:36:37 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-15 14:36:35 ----A---- C:\Windows\system32\iertutil.dll
2012-02-15 14:36:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-02-15 14:36:33 ----A---- C:\Windows\system32\jscript9.dll
2012-02-15 14:36:32 ----A---- C:\Windows\SYSWOW64\url.dll
2012-02-15 14:36:32 ----A---- C:\Windows\system32\url.dll
2012-02-15 14:36:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-02-15 14:36:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-02-15 14:36:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-02-15 14:36:29 ----A---- C:\Windows\system32\jscript.dll
2012-02-15 14:36:29 ----A---- C:\Windows\system32\ieui.dll
2012-02-15 14:36:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-02-15 14:36:27 ----A---- C:\Windows\system32\urlmon.dll
2012-02-15 14:36:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-02-15 14:36:26 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-15 14:36:25 ----A---- C:\Windows\system32\wininet.dll
2012-02-15 14:36:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-02-15 14:36:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-02-15 14:36:16 ----A---- C:\Windows\system32\mshtml.dll
2012-02-15 14:36:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-02-15 14:36:08 ----A---- C:\Windows\system32\ieframe.dll
2012-02-14 23:30:33 ----A---- C:\Windows\system32\win32k.sys
2012-02-14 23:30:32 ----A---- C:\Windows\system32\drivers\afd.sys
2012-02-14 23:30:28 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-02-14 23:30:28 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-11 11:13:50 ----D---- C:\ProgramData\Blizzard Entertainment
2012-02-07 19:29:03 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2012-02-07 19:28:47 ----D---- C:\Windows\Sun
2012-02-04 23:01:16 ----D---- C:\Windows\Minidump
2012-02-04 11:57:04 ----D---- C:\Program Files (x86)\Adobe
2012-02-04 11:55:55 ----D---- C:\ProgramData\Adobe
2012-01-30 21:37:30 ----D---- C:\Users\Petr\AppData\Roaming\Mumble
2012-01-30 21:24:57 ----D---- C:\Users\Petr\AppData\Roaming\twinstar_launcher
2012-01-30 10:58:15 ----D---- C:\ProgramData\Firefly Studios
2012-01-27 21:16:37 ----D---- C:\Users\Petr\AppData\Roaming\Spore
2012-01-24 20:59:55 ----D---- C:\Users\Petr\AppData\Roaming\WinRAR
2012-01-24 20:56:38 ----D---- C:\Users\Petr\AppData\Roaming\Winamp

======List of files/folders modified in the last 1 month======

2012-02-23 21:47:42 ----D---- C:\Program Files\Trend Micro
2012-02-23 21:46:43 ----D---- C:\Windows\Temp
2012-02-23 18:37:14 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2012-02-23 13:53:06 ----D---- C:\Windows\system32\config
2012-02-23 13:35:08 ----D---- C:\Windows\SoftwareDistribution
2012-02-23 13:34:20 ----D---- C:\Windows
2012-02-23 13:33:57 ----D---- C:\Windows\inf
2012-02-23 13:33:05 ----HD---- C:\ASUS.DAT
2012-02-23 13:32:22 ----D---- C:\Windows\system32\Tasks
2012-02-23 13:32:07 ----A---- C:\Windows\system32\acovcnt.exe
2012-02-21 18:20:31 ----SHD---- C:\System Volume Information
2012-02-21 10:40:48 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2012-02-21 10:39:16 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-02-21 10:38:43 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-02-19 19:15:11 ----SHD---- C:\Windows\Installer
2012-02-19 19:09:49 ----D---- C:\Windows\Microsoft.NET
2012-02-19 19:09:48 ----RSD---- C:\Windows\assembly
2012-02-19 15:10:25 ----D---- C:\Windows\system32\drivers
2012-02-19 15:10:19 ----RD---- C:\Program Files (x86)
2012-02-19 14:31:03 ----D---- C:\Windows\system32\NDF
2012-02-18 20:08:25 ----D---- C:\Windows\Prefetch
2012-02-18 15:38:59 ----D---- C:\Windows\winsxs
2012-02-18 15:38:01 ----D---- C:\Windows\SysWOW64
2012-02-18 15:38:01 ----D---- C:\Windows\System32
2012-02-18 12:33:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-17 20:47:29 ----D---- C:\Windows\system32\catroot2
2012-02-17 20:46:32 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-17 14:18:20 ----D---- C:\Program Files\Internet Explorer
2012-02-17 14:18:20 ----D---- C:\Program Files (x86)\Internet Explorer
2012-02-17 14:18:18 ----D---- C:\Windows\SYSWOW64\migration
2012-02-17 14:18:17 ----D---- C:\Windows\system32\migration
2012-02-17 08:25:49 ----RSD---- C:\Windows\Fonts
2012-02-17 08:22:21 ----D---- C:\Windows\twain_32
2012-02-17 08:22:21 ----D---- C:\Windows\Tasks
2012-02-17 08:22:21 ----D---- C:\Windows\SYSWOW64\zh-TW
2012-02-17 08:22:21 ----D---- C:\Windows\SYSWOW64\zh-CN
2012-02-17 08:22:21 ----D---- C:\Windows\SYSWOW64\wbem
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\uk-UA
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\tr-TR
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\th-TH
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\sv-SE
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\sppui
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\sl-SI
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\Setup
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\ru-RU
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\ro-RO
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\ras
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\pt-PT
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\pt-BR
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\pl-PL
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\oobe
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\nl-NL
2012-02-17 08:22:20 ----D---- C:\Windows\SYSWOW64\nb-NO
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\migwiz
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\manifeststore
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\lv-LV
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\lt-LT
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\ko-KR
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\ja-JP
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\it-IT
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\InstallShield
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\icsxml
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\hu-HU
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\hr-HR
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\he-IL
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\fr-FR
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\fi-FI
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\et-EE
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\es-ES
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\en-US
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\el-GR
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\drivers
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\Dism
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\de-DE
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\da-DK
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\com
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\bg-BG
2012-02-17 08:22:19 ----D---- C:\Windows\SYSWOW64\ar-SA
2012-02-17 08:22:19 ----D---- C:\Windows\system32\zh-TW
2012-02-17 08:22:19 ----D---- C:\Windows\system32\zh-CN
2012-02-17 08:22:18 ----D---- C:\Windows\system32\wfp
2012-02-17 08:22:18 ----D---- C:\Windows\system32\wbem
2012-02-17 08:22:18 ----D---- C:\Windows\system32\uk-UA
2012-02-17 08:22:18 ----D---- C:\Windows\system32\tr-TR
2012-02-17 08:22:18 ----D---- C:\Windows\system32\th-TH
2012-02-17 08:22:18 ----D---- C:\Windows\system32\sv-SE
2012-02-17 08:22:18 ----D---- C:\Windows\system32\sr-Latn-CS
2012-02-17 08:22:18 ----D---- C:\Windows\system32\SPReview
2012-02-17 08:22:18 ----D---- C:\Windows\system32\sppui
2012-02-17 08:22:18 ----D---- C:\Windows\system32\sl-SI
2012-02-17 08:22:18 ----D---- C:\Windows\system32\sk-SK
2012-02-17 08:22:18 ----D---- C:\Windows\system32\Setup
2012-02-17 08:22:18 ----D---- C:\Windows\system32\ru-RU
2012-02-17 08:22:18 ----D---- C:\Windows\system32\ro-RO
2012-02-17 08:22:18 ----D---- C:\Windows\system32\ras
2012-02-17 08:22:18 ----D---- C:\Windows\system32\pt-PT
2012-02-17 08:22:18 ----D---- C:\Windows\system32\pt-BR
2012-02-17 08:22:18 ----D---- C:\Windows\system32\pl-PL
2012-02-17 08:22:18 ----D---- C:\Windows\system32\oobe
2012-02-17 08:22:18 ----D---- C:\Windows\system32\nl-NL
2012-02-17 08:22:18 ----D---- C:\Windows\system32\nb-NO
2012-02-17 08:22:18 ----D---- C:\Windows\system32\migwiz
2012-02-17 08:22:17 ----D---- C:\Windows\system32\manifeststore
2012-02-17 08:22:17 ----D---- C:\Windows\system32\lv-LV
2012-02-17 08:22:17 ----D---- C:\Windows\system32\lt-LT
2012-02-17 08:22:17 ----D---- C:\Windows\system32\ko-KR
2012-02-17 08:22:17 ----D---- C:\Windows\system32\ja-JP
2012-02-17 08:22:17 ----D---- C:\Windows\system32\it-IT
2012-02-17 08:22:17 ----D---- C:\Windows\system32\icsxml
2012-02-17 08:22:17 ----D---- C:\Windows\system32\ias
2012-02-17 08:22:17 ----D---- C:\Windows\system32\hu-HU
2012-02-17 08:22:17 ----D---- C:\Windows\system32\hr-HR
2012-02-17 08:22:17 ----D---- C:\Windows\system32\he-IL
2012-02-17 08:22:17 ----D---- C:\Windows\system32\fr-FR
2012-02-17 08:22:17 ----D---- C:\Windows\system32\fi-FI
2012-02-17 08:22:17 ----D---- C:\Windows\system32\et-EE
2012-02-17 08:22:17 ----D---- C:\Windows\system32\es-ES
2012-02-17 08:22:17 ----D---- C:\Windows\system32\en-US
2012-02-17 08:22:17 ----D---- C:\Windows\system32\el-GR
2012-02-17 08:22:17 ----D---- C:\Windows\system32\DriverStore
2012-02-17 08:22:09 ----RSD---- C:\Windows\Media
2012-02-17 08:22:09 ----D---- C:\Windows\system32\drivers\etc
2012-02-17 08:22:09 ----D---- C:\Windows\system32\Dism
2012-02-17 08:22:09 ----D---- C:\Windows\system32\de-DE
2012-02-17 08:22:09 ----D---- C:\Windows\system32\da-DK
2012-02-17 08:22:09 ----D---- C:\Windows\system32\cs-CZ
2012-02-17 08:22:09 ----D---- C:\Windows\system32\com
2012-02-17 08:22:09 ----D---- C:\Windows\system32\Boot
2012-02-17 08:22:09 ----D---- C:\Windows\system32\bg-BG
2012-02-17 08:22:09 ----D---- C:\Windows\system32\ar-SA
2012-02-17 08:22:09 ----D---- C:\Windows\system32\AdvancedInstallers
2012-02-17 08:22:09 ----D---- C:\Windows\ShellNew
2012-02-17 08:22:09 ----D---- C:\Windows\servicing
2012-02-17 08:22:09 ----D---- C:\Windows\Offline Web Pages
2012-02-17 08:22:09 ----D---- C:\Windows\Log
2012-02-17 08:22:09 ----D---- C:\Windows\L2Schemas
2012-02-17 08:22:07 ----RD---- C:\Program Files
2012-02-17 08:22:07 ----D---- C:\Windows\ehome
2012-02-17 08:22:07 ----D---- C:\Windows\Downloaded Program Files
2012-02-17 08:22:07 ----D---- C:\Windows\Cursors
2012-02-17 08:22:07 ----D---- C:\Windows\ASUS
2012-02-17 08:22:07 ----D---- C:\Windows\AppPatch
2012-02-17 08:22:07 ----D---- C:\Windows\addins
2012-02-17 08:22:07 ----D---- C:\Windows\ABLKSR
2012-02-17 08:22:07 ----D---- C:\Program Files\Windows Sidebar
2012-02-17 08:22:07 ----D---- C:\Program Files\Windows Portable Devices
2012-02-17 08:22:07 ----D---- C:\Program Files\Windows Media Player
2012-02-17 08:22:07 ----D---- C:\Program Files\Windows Mail
2012-02-17 08:22:07 ----D---- C:\Program Files\Windows Journal
2012-02-17 08:22:07 ----D---- C:\Program Files\Windows Defender
2012-02-17 08:22:07 ----D---- C:\Program Files\DVD Maker
2012-02-17 08:22:07 ----D---- C:\Program Files\Common Files\System
2012-02-17 08:22:06 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-02-17 08:22:06 ----D---- C:\Program Files (x86)\Windows Media Player
2012-02-17 08:22:06 ----D---- C:\Program Files (x86)\Windows Mail
2012-02-17 08:22:06 ----D---- C:\Program Files (x86)\Windows Defender
2012-02-17 08:21:21 ----D---- C:\Windows\TAPI
2012-02-17 08:21:21 ----D---- C:\Windows\SYSWOW64\zh-HK
2012-02-17 08:21:20 ----D---- C:\Windows\SYSWOW64\Recovery
2012-02-17 08:21:07 ----D---- C:\Windows\SYSWOW64\drivers\cs-CZ
2012-02-17 08:21:06 ----D---- C:\Windows\SYSWOW64\cs
2012-02-17 08:21:05 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2012-02-17 08:21:05 ----D---- C:\Windows\system32\zh-HK
2012-02-17 08:21:05 ----D---- C:\Windows\system32\WinBioPlugIns
2012-02-17 08:21:05 ----D---- C:\Windows\system32\sysprep
2012-02-17 08:21:03 ----D---- C:\Windows\system32\EventProviders
2012-02-17 08:20:58 ----D---- C:\Windows\system32\drivers\UMDF
2012-02-17 08:20:57 ----D---- C:\Windows\system32\drivers\en-US
2012-02-17 08:20:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-02-17 08:20:57 ----D---- C:\Windows\system32\cs
2012-02-17 08:20:51 ----D---- C:\Windows\system32\CodeIntegrity
2012-02-17 08:20:51 ----D---- C:\Windows\rescache
2012-02-17 08:20:51 ----D---- C:\Windows\PolicyDefinitions
2012-02-17 08:20:49 ----D---- C:\Windows\IME
2012-02-17 08:20:48 ----D---- C:\Windows\cs-CZ
2012-02-17 08:20:47 ----D---- C:\Program Files\Windows Photo Viewer
2012-02-17 08:20:46 ----D---- C:\Program Files\Common Files\Services
2012-02-17 08:20:46 ----D---- C:\Program Files (x86)\Windows Portable Devices
2012-02-17 08:20:46 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-02-17 08:14:17 ----D---- C:\Windows\SYSWOW64\wdi
2012-02-17 08:14:16 ----D---- C:\Windows\SYSWOW64\Wat
2012-02-17 08:14:00 ----D---- C:\Windows\system32\winrm
2012-02-17 08:13:59 ----D---- C:\Windows\system32\WCN
2012-02-17 08:13:57 ----D---- C:\Windows\system32\Wat
2012-02-17 08:13:54 ----D---- C:\Windows\system32\spp
2012-02-17 08:13:54 ----D---- C:\Windows\system32\Speech
2012-02-17 08:13:54 ----D---- C:\Windows\system32\SMI
2012-02-17 08:13:54 ----D---- C:\Windows\system32\slmgr
2012-02-17 08:13:53 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2012-02-17 08:13:51 ----D---- C:\Windows\system32\OEM
2012-02-17 08:13:50 ----D---- C:\Windows\system32\MUI
2012-02-17 08:13:49 ----D---- C:\Windows\system32\Msdtc
2012-02-17 08:13:44 ----D---- C:\Windows\system32\IME
2012-02-17 08:13:42 ----DC---- C:\Windows\system32\DRVSTORE
2012-02-17 08:12:55 ----D---- C:\Windows\sr-Latn-CS
2012-02-17 08:12:55 ----D---- C:\Windows\Speech
2012-02-17 08:12:55 ----D---- C:\Windows\sl
2012-02-17 08:12:55 ----D---- C:\Windows\sk
2012-02-17 08:12:55 ----D---- C:\Windows\Setup
2012-02-17 08:12:39 ----D---- C:\Windows\schemas
2012-02-17 08:12:39 ----D---- C:\Windows\ro
2012-02-17 08:12:39 ----D---- C:\Windows\PLA
2012-02-17 08:12:39 ----D---- C:\Windows\pl
2012-02-17 08:12:20 ----D---- C:\Windows\lv
2012-02-17 08:12:20 ----D---- C:\Windows\lt
2012-02-17 08:12:00 ----D---- C:\Windows\hu
2012-02-17 08:12:00 ----D---- C:\Windows\hr
2012-02-17 08:12:00 ----D---- C:\Windows\Help
2012-02-17 08:11:57 ----D---- C:\Windows\et
2012-02-17 08:11:57 ----D---- C:\Windows\en
2012-02-17 08:11:56 ----D---- C:\Windows\diagnostics
2012-02-17 08:11:55 ----D---- C:\Windows\cs
2012-02-17 08:11:55 ----D---- C:\Windows\Branding
2012-02-17 08:11:55 ----D---- C:\Windows\Boot
2012-02-17 08:11:55 ----D---- C:\Windows\bg
2012-02-17 08:11:33 ----D---- C:\Windows\AppCompat
2012-02-17 08:11:32 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2012-02-17 08:11:32 ----D---- C:\Users\Petr\AppData\Roaming\GHISLER
2012-02-17 08:11:25 ----HD---- C:\ProgramData
2012-02-17 08:11:25 ----D---- C:\ProgramData\P4G
2012-02-17 08:11:21 ----D---- C:\ProgramData\ChangeFolderView
2012-02-17 08:11:21 ----D---- C:\ProgramData\Atheros
2012-02-17 08:11:19 ----D---- C:\Program Files\Windows Live
2012-02-17 08:11:19 ----D---- C:\Program Files\Microsoft Security Client
2012-02-17 08:11:15 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-17 08:11:15 ----D---- C:\Program Files\CCleaner
2012-02-17 08:11:12 ----D---- C:\Program Files (x86)\Windows Live
2012-02-17 08:11:07 ----RD---- C:\Program Files (x86)\Skype
2012-02-17 08:10:41 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-02-17 08:10:37 ----D---- C:\Program Files (x86)\Hry.cz
2012-02-17 08:10:31 ----D---- C:\Program Files (x86)\Common Files
2012-02-17 08:10:30 ----D---- C:\Program Files (x86)\Bluetooth Suite
2012-02-17 08:10:29 ----D---- C:\Program Files (x86)\ASUS
2012-02-17 08:10:28 ----SHD---- C:\$Recycle.Bin
2012-02-17 08:09:16 ----D---- C:\Windows\system32\en
2012-02-17 08:09:08 ----D---- C:\Windows\registration
2012-02-17 07:55:34 ----D---- C:\Windows\Web
2012-02-17 07:55:34 ----D---- C:\Windows\Vss
2012-02-17 07:55:32 ----D---- C:\Windows\SYSWOW64\XPSViewer
2012-02-17 07:55:22 ----D---- C:\Windows\SYSWOW64\winrm
2012-02-17 07:55:18 ----D---- C:\Windows\SYSWOW64\WindowsPowerShell
2012-02-17 07:55:16 ----D---- C:\Windows\SYSWOW64\WCN
2012-02-17 07:54:55 ----D---- C:\Windows\SYSWOW64\spp
2012-02-17 07:54:55 ----D---- C:\Windows\SYSWOW64\Speech
2012-02-17 07:54:55 ----D---- C:\Windows\SYSWOW64\slmgr
2012-02-17 07:54:41 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2012-02-17 07:54:21 ----D---- C:\Windows\SYSWOW64\NetworkList
2012-02-17 07:54:17 ----D---- C:\Windows\SYSWOW64\MUI
2012-02-17 07:54:12 ----D---- C:\Windows\SYSWOW64\Msdtc
2012-02-17 07:53:47 ----D---- C:\Windows\SYSWOW64\IME
2012-02-17 07:53:28 ----D---- C:\Windows\SYSWOW64\DriverStore
2012-02-17 07:52:13 ----D---- C:\Windows\system32\WindowsPowerShell
2012-02-17 07:52:11 ----D---- C:\Windows\system32\wdi
2012-02-17 07:45:31 ----D---- C:\Windows\system32\catroot
2012-02-17 07:43:50 ----D---- C:\Windows\Resources
2012-02-17 07:33:27 ----D---- C:\Users\Petr\AppData\Roaming\Zeon
2012-02-17 07:33:26 ----D---- C:\Users\Petr\AppData\Roaming\OpenOffice.org
2012-02-17 07:33:24 ----D---- C:\Users\Petr\AppData\Roaming\FLEXnet
2012-02-17 07:33:23 ----D---- C:\Users\Petr\AppData\Roaming\Adobe
2012-02-17 07:33:23 ----D---- C:\Users\Petr\AppData\Roaming\.minecraft
2012-02-17 07:32:58 ----D---- C:\ProgramData\Skype
2012-02-17 07:32:58 ----D---- C:\ProgramData\Nuance
2012-02-17 07:32:41 ----SD---- C:\ProgramData\Microsoft
2012-02-17 07:29:46 ----D---- C:\Program Files (x86)\Reference Assemblies
2012-02-17 07:28:33 ----D---- C:\Program Files (x86)\Microsoft
2012-02-17 07:28:32 ----D---- C:\Program Files (x86)\Microsoft WSE
2012-02-17 07:28:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-02-17 07:28:11 ----D---- C:\Program Files (x86)\Google
2012-02-17 07:28:05 ----D---- C:\Program Files (x86)\Electronic Arts
2012-02-16 20:49:45 ----D---- C:\Windows\system32\hu
2012-02-16 20:11:12 ----D---- C:\Windows\system32\drivers\sr-Latn-CS
2012-02-16 20:11:09 ----D---- C:\Windows\system32\drivers\sl-SI
2012-02-16 20:11:07 ----D---- C:\Windows\system32\drivers\sk-SK
2012-02-16 20:11:01 ----D---- C:\Windows\system32\drivers\ro-RO
2012-02-16 20:10:55 ----D---- C:\Windows\system32\drivers\pl-PL
2012-02-16 20:10:25 ----D---- C:\Windows\system32\drivers\lv-LV
2012-02-16 20:10:22 ----D---- C:\Windows\system32\drivers\lt-LT
2012-02-16 20:10:15 ----D---- C:\Windows\system32\drivers\hu-HU
2012-02-16 20:09:56 ----D---- C:\Windows\system32\drivers\hr-HR
2012-02-16 20:09:47 ----D---- C:\Windows\system32\drivers\et-EE
2012-02-16 20:08:58 ----D---- C:\Windows\system32\drivers\bg-BG
2012-02-16 19:58:10 ----D---- C:\Windows\sl-SI
2012-02-16 19:58:09 ----D---- C:\Windows\sk-SK
2012-02-16 19:57:54 ----D---- C:\Windows\ro-RO
2012-02-16 19:51:56 ----D---- C:\Windows\lv-LV
2012-02-16 19:51:54 ----D---- C:\Windows\lt-LT
2012-02-16 19:45:42 ----D---- C:\Windows\hr-HR
2012-02-16 19:37:26 ----D---- C:\Windows\et-EE
2012-02-16 19:37:25 ----D---- C:\Windows\en-US
2012-02-16 19:32:05 ----D---- C:\Windows\bg-BG
2012-02-16 19:29:36 ----D---- C:\ProgramData\Partner
2012-02-15 23:24:12 ----D---- C:\ProgramData\OberonGameConsole
2012-02-15 18:52:11 ----D---- C:\Windows\debug
2012-02-15 14:38:45 ----A---- C:\Windows\system32\MRT.exe
2012-02-11 05:19:24 ----D---- C:\Windows\system32\LogFiles
2012-02-09 22:04:37 ----D---- C:\Program Files (x86)\Java
2012-02-04 23:17:58 ----D---- C:\AsusVibeData
2012-01-31 13:44:20 ----N---- C:\Windows\system32\MpSigStub.exe
2012-01-27 22:24:53 ----D---- C:\Windows\SYSWOW64\en
2012-01-27 22:24:48 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2012-01-27 19:45:07 ----D---- C:\Windows\Logs
2012-01-24 22:22:22 ----D---- C:\ProgramData\TmForever

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-18 279616]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-12 9358336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-12 309760]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-07-08 2228736]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-04-26 2852200]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-12 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-13 365568]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-07 2343816]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-18 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s Průzkumníkem Windows

#3 Příspěvek od motji »

Dobrý večer :)
Poprosím i o druhý log ze rsitu s názvem info.txt.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
artreus
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2012 18:08

Re: Problém s Průzkumníkem Windows

#4 Příspěvek od artreus »

info.txt logfile of random's system information tool 1.09 2012-02-23 21:47:46

======Uninstall list======

„Windows Live Essentials“-->MsiExec.exe /I{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}
„Windows Live Mail“-->MsiExec.exe /I{2720009D-9566-45A7-A370-0E6DAC313F3F}
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis-->MsiExec.exe /I{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}
„Windows Live Messenger“-->MsiExec.exe /X{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}
„Windows Live“ fotogalerija-->MsiExec.exe /X{C877E454-FA36-409A-A00E-1240CEC61BBD}
µTorrent-->"D:\Torrent\uTorrent.exe" /UNINSTALL
ActiveX контрола на Windows Live Mesh за отдалечени връзки-->MsiExec.exe /I{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader X (10.1.2) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{4555BB9E-E715-4260-A178-E8EFD2B653E3}\Setup.exe
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Media Foundation Decoders-->MsiExec.exe /X{906E11D2-C17E-9B5A-6273-63D82B26577E}
AMD USB Filter Driver-->MsiExec.exe /X{987B04C4-B5AC-4AD6-A7E9-8D681085B850}
ASUS AI Recovery-->MsiExec.exe /I{38253529-D97D-4901-AE53-5CC9736D3A2E}
ASUS FancyStart-->MsiExec.exe /I{2B81872B-A054-48DA-BE3B-FA5C164C303A}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Video Magic-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
ASUS Video Magic-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe
ASUS_Screensaver-->C:\Windows\system32\ASUS_Screensaver.scr /u
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
Atheros Client Installation Program-->C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly
ATI Catalyst Install Manager-->msiexec /q/x{2D0CE3AB-8AE0-D8EA-19D0-96DD2C2827EC} REBOOT=ReallySuppress
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Bing Bar-->MsiExec.exe /X{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}
Bluetooth Win7 Suite (64)-->MsiExec.exe /X{230D1595-57DA-4933-8C4E-375797EBB7E1}
Bookworm Deluxe-->C:\Program Files (x86)\Asus\Game Park\Bookworm Deluxe\Uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Control ActiveX Windows Live Mesh pentru conexiuni la distanță-->MsiExec.exe /I{260E3D78-94E6-47EC-8E29-46301572BB1E}
Cooking Dash-->C:\Program Files (x86)\Asus\Game Park\Cooking Dash\Uninstall.exe
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink MediaEspresso-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall
CyberLink MediaEspresso-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
CyberLink PowerDVD 10-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
CyberLink PowerDVD 10-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->D:\DAEMON Tools Lite\uninst.exe
Emilka Holubová - Montezumův poklad-->D:\Nová složka\uninstal.exe
ETDWare PS/2-x64 7.0.5.16_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Farm Frenzy 2-->C:\Program Files (x86)\Hry.cz\Farm Frenzy 2\Uninstall.exe
Fast Boot-->MsiExec.exe /I{13F4A7F3-EABC-4261-AF6B-1317777F0755}
FlatOut-->MsiExec.exe /I{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
Governor of Poker-->C:\Program Files (x86)\Asus\Game Park\Governor of Poker\Uninstall.exe
Half-Life 2 Deathmatch-->"D:\Half-Life 2 Deathmatch\unins000.exe"
Hotel Dash Suite Success-->C:\Program Files (x86)\Asus\Game Park\Hotel Dash Suite Success\Uninstall.exe
Java(TM) 7 Update 2-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217002FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Kontrola Windows Live Mesh ActiveX za daljinske veze-->MsiExec.exe /I{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave-->MsiExec.exe /I{CA227A9D-09BE-4BFB-9764-48FED2DA5454}
Left 4 Dead v1.0.0.5-->"D:\Nová složka\Left4Dead\unins000.exe"
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {D179B513-AD43-4013-AC50-C16107A0A02D} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{D179B513-AD43-4013-AC50-C16107A0A02D}
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{17CA32D1-73BD-4990-B8F6-369D8D34B05D}
Microsoft Antimalware-->MsiExec.exe /X{05BFB060-4F22-4710-B0A2-2801A1B606C5}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Security Client CS-CZ Language Pack-->MsiExec.exe /I{DC911ADF-7B60-40F2-A112-FB1EB6402D07}
Microsoft Security Client-->MsiExec.exe /I{42738DB0-FC3E-4672-A99B-9372F5696E30}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Mumble 1.2.3-->MsiExec.exe /I{62C68336-B969-4097-B0BD-A3A0FBFD59C1}
Nuance PDF Reader-->MsiExec.exe /X{B480904D-F73F-4673-B034-8A5F492C9184}
OpenOffice.org 3.3-->MsiExec.exe /I{D5B94160-4A07-4956-9C73-8C5EEFEF180F}
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia-->MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}
Picasa 3-->"D:\Picasa3\Uninstall.exe"
Plants vs Zombies-->C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\Uninstall.exe
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Skype™ 5.6-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
SonicMaster-->MsiExec.exe /I{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}
syncables desktop SE-->MsiExec.exe /X{341697D8-9923-445E-B42A-529E5A99CB7A}
System Requirements Lab CYRI-->MsiExec.exe /I{943A8D28-80D6-41DC-AE94-81FEB42041BF}
The Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x0005 -removeonly
TmNationsForever-->"D:\TmNationsForever\unins000.exe"
Total Commander (Remove or Repair)-->D:\TotalCommander 7.04\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
VLC media player 1.1.11-->C:\Users\Petr\VLC\uninstall.exe
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}
Windows Live Essentials-->MsiExec.exe /I{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}
Windows Live Essentials-->MsiExec.exe /I{A1668729-C4D2-49AE-877B-FB608362FFF1}
Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}
Windows Live Family Safety-->MsiExec.exe /I{0437C01E-70D6-489B-B504-952F59912A72}
Windows Live Family Safety-->MsiExec.exe /I{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}
Windows Live Family Safety-->MsiExec.exe /I{4827A9B4-FC4C-4BA9-9EFB-10CF703E7C3A}
Windows Live Family Safety-->MsiExec.exe /I{4970B06C-7708-4AAB-9341-3FD1D9B1AA34}
Windows Live Family Safety-->MsiExec.exe /I{65EDA937-3C7B-4009-99A1-795FD3FBECF5}
Windows Live Family Safety-->MsiExec.exe /I{701D8EE6-6A5A-4509-9740-35F551193CE0}
Windows Live Family Safety-->MsiExec.exe /I{76BB831E-D059-449A-AFDE-2A677E45DF18}
Windows Live Family Safety-->MsiExec.exe /I{8068ACF9-B398-4C14-BEF6-817F12024707}
Windows Live Family Safety-->MsiExec.exe /I{A6752BB4-C571-4F3B-9A47-97405068DE0B}
Windows Live Family Safety-->MsiExec.exe /I{BD864ECC-620D-4240-AB9A-B5F7340E337C}
Windows Live Family Safety-->MsiExec.exe /I{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}
Windows Live Family Safety-->MsiExec.exe /I{C933FB4A-CFC0-4DDD-8FB1-A437B6C58B34}
Windows Live Family Safety-->MsiExec.exe /I{CB5FBF73-7CE7-481C-8598-8D4C34705C23}
Windows Live Family Safety-->MsiExec.exe /X{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}
Windows Live fotoattēlu galerija-->MsiExec.exe /X{CF936193-C584-458C-B793-15FA945621AF}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Foto-galerija-->MsiExec.exe /X{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}
Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{D07A61E5-A59C-433C-BCBD-22025FA2287B}
Windows Live Mail-->MsiExec.exe /I{0B80A0FD-755A-4796-BFB0-A7B07366F33A}
Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail-->MsiExec.exe /I{F66430D8-08E6-4C96-B9B7-90E66E27D58C}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh ActiveX kontrola za daljinske veze-->MsiExec.exe /I{8985AE5E-622A-4980-8BF8-0A1830643220}
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem-->MsiExec.exe /I{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}
Windows Live Mesh ActiveX-i juhtelement kaugühendustele-->MsiExec.exe /I{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz-->MsiExec.exe /I{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}
Windows Live Mesh-->MsiExec.exe /I{0A093C39-CBB3-4142-B93F-562F176B6305}
Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh-->MsiExec.exe /I{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{EAB1BDF2-734A-4D44-9169-7615D185C974}
Windows Live Mesh-->MsiExec.exe /I{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}
Windows Live Messenger-->MsiExec.exe /X{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}
Windows Live Messenger-->MsiExec.exe /X{1BCF995D-78B8-4883-BC8E-D7A32BB463DA}
Windows Live Messenger-->MsiExec.exe /X{26513CE5-7A51-478D-93BD-AC1D38103463}
Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}
Windows Live Messenger-->MsiExec.exe /X{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}
Windows Live Messenger-->MsiExec.exe /X{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}
Windows Live Messenger-->MsiExec.exe /X{50300123-F8FC-4B50-B449-E847D04F1BA2}
Windows Live Messenger-->MsiExec.exe /X{6D30E864-46AE-435B-8230-8B5D42B4AE37}
Windows Live Messenger-->MsiExec.exe /X{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{829CDAAD-5AF1-482F-978B-591C16A34ACC}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live Messenger-->MsiExec.exe /X{EE492B20-FB15-4A98-883C-3054354A11F8}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}
Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker-->MsiExec.exe /X{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{1168ECF1-2932-4E86-BC83-560C256C8022}
Windows Live Photo Common-->MsiExec.exe /X{442032CB-900C-49C7-B4B4-2B76525DD403}
Windows Live Photo Common-->MsiExec.exe /X{5D163056-96B7-440F-A836-89BA5D3CFF2F}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Pošta-->MsiExec.exe /I{517EAAB9-C35E-4949-B8C2-20C241162BBB}
Windows Live Remote Client Resources-->MsiExec.exe /I{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}
Windows Live Remote Client Resources-->MsiExec.exe /I{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}
Windows Live Remote Client Resources-->MsiExec.exe /I{2F304EF4-0C31-47F4-8557-0641AAE4197C}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client Resources-->MsiExec.exe /I{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}
Windows Live Remote Client Resources-->MsiExec.exe /I{5F44A3A1-5D24-4708-8776-66B42B174C64}
Windows Live Remote Client Resources-->MsiExec.exe /I{641B32DB-8226-4250-86C9-34671162F5D5}
Windows Live Remote Client Resources-->MsiExec.exe /I{78654366-5889-4A70-90D9-04B00709EEE0}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client Resources-->MsiExec.exe /I{B680A663-1A15-47A5-A07C-7DF9A97558B7}
Windows Live Remote Client Resources-->MsiExec.exe /I{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}
Windows Live Remote Client Resources-->MsiExec.exe /I{ED421F97-E1C3-4E78-9F54-A53888215D58}
Windows Live Remote Client Resources-->MsiExec.exe /I{F0793412-6407-4870-9A8C-6FE198A4EB12}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}
Windows Live Remote Service Resources-->MsiExec.exe /I{29CFD07F-4971-41B0-B14D-621ACCC264AC}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service Resources-->MsiExec.exe /I{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}
Windows Live Remote Service Resources-->MsiExec.exe /I{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}
Windows Live Remote Service Resources-->MsiExec.exe /I{61407251-7F7D-4303-810D-226A04D5CFF3}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service Resources-->MsiExec.exe /I{6A2482BC-733A-404A-939A-2D5BC636E6F9}
Windows Live Remote Service Resources-->MsiExec.exe /I{97A295A7-8840-4B35-BB61-27A8F4512CA3}
Windows Live Remote Service Resources-->MsiExec.exe /I{9E9C960F-7F47-46D5-A95D-950B354DE2B8}
Windows Live Remote Service Resources-->MsiExec.exe /I{D157C6E7-5847-4FD1-BEDC-7389493874F6}
Windows Live Remote Service Resources-->MsiExec.exe /I{D3E4F422-7E0F-49C7-8B00-F42490D7A385}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2CC0789D-D31B-445F-8970-6E058BE39754}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{545192D4-E817-4EAA-834D-623EA50CF268}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{826A9D28-CAB2-4950-8AAA-B639DCA444CE}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources-->MsiExec.exe /X{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}
Windows Live Writer Resources-->MsiExec.exe /X{77DAF553-291A-4471-988C-5677D90DB57E}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources-->MsiExec.exe /X{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}
Windows Live Writer Resources-->MsiExec.exe /X{D987098B-3AD4-4E88-B80E-CF27A32D1955}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{047377C9-C74B-4345-82E8-03BAE5DF2C32}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer-->MsiExec.exe /X{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}
Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer-->MsiExec.exe /X{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live'i fotogalerii-->MsiExec.exe /X{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR 4.01 (32-bit)-->D:\WinRAR\uninstall.exe
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
Фотогалерия на Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}

======System event log======

Computer Name: Petr-PC
Event Code: 62464
Message: UVD Information
Record Number: 40949
Source Name: amdkmdag
Time Written: 20120129204041.044780-000
Event Type: Informace
User:

Computer Name: Petr-PC
Event Code: 62464
Message: UVD Information
Record Number: 40948
Source Name: amdkmdag
Time Written: 20120129204041.044780-000
Event Type: Informace
User:

Computer Name: Petr-PC
Event Code: 62464
Message: UVD Information
Record Number: 40947
Source Name: amdkmdag
Time Written: 20120129204041.044780-000
Event Type: Informace
User:

Computer Name: Petr-PC
Event Code: 62464
Message: UVD Information
Record Number: 40946
Source Name: amdkmdag
Time Written: 20120129204041.044780-000
Event Type: Informace
User:

Computer Name: Petr-PC
Event Code: 62464
Message: UVD Information
Record Number: 40945
Source Name: amdkmdag
Time Written: 20120129203608.918215-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Petr-PC
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2097
Source Name: Microsoft-Windows-EventSystem
Time Written: 20120117085203.000000-000
Event Type: Informace
User:

Computer Name: Petr-PC
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.


Record Number: 2096
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20111028090246.078047-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: WIN-MNGF66AN3HD
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 2095
Source Name: Microsoft-Windows-Search
Time Written: 20111028090238.000000-000
Event Type: Informace
User:

Computer Name: WIN-MNGF66AN3HD
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 2094
Source Name: Microsoft-Windows-Search
Time Written: 20111028090237.000000-000
Event Type: Informace
User:

Computer Name: WIN-MNGF66AN3HD
Event Code: 103
Message: Windows (3860) Windows: Databázový stroj zastavil instanci (0).
Record Number: 2093
Source Name: ESENT
Time Written: 20111028090237.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: WIN-MNGF66AN3HD
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-MNGF66AN3HD$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x22c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4185
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111028090240.368437-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-MNGF66AN3HD
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 4184
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111028090238.668034-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-MNGF66AN3HD
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-MNGF66AN3HD$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x22c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4183
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111028090238.668034-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-MNGF66AN3HD
Event Code: 4738
Message: Byl změněn uživatelský účet.

Předmět:
ID zabezpečení: S-1-5-21-101741572-2157690231-624010966-500
Název účtu: Administrator
Doména účtu: WIN-MNGF66AN3HD
ID přihlášení: 0x41ce0

Cílový účet:
ID zabezpečení: S-1-5-21-101741572-2157690231-624010966-500
Název účtu: Administrator
Doména účtu: WIN-MNGF66AN3HD

Změněné atributy:
Název účtu SAM: -
Zobrazovaný název: -
Zaregistrovaný název uživatele: -
Domovský adresář: -
Domovská jednotka: -
Cesta skriptu: -
Cesta profilu: -
Pracovní stanice uživatele: -
Poslední nastavení hesla: -
Vypršení platnosti účtu: -
ID primární skupiny: -
Povolené delegování: -
Původní hodnota UAC: 0x211
Nová hodnota UAC: 0x211
Řízení účtu uživatele: -
Parametry uživatele: -
Historie identifikátoru zabezpečení: -
Přihlašovací hodiny: -

Další informace:
Oprávnění: -
Record Number: 4182
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111028090233.910025-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-MNGF66AN3HD
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-101741572-2157690231-624010966-500
Název účtu: Administrator
Název domény: WIN-MNGF66AN3HD
ID přihlášení: 0x41ce0
Record Number: 4181
Source Name: Microsoft-Windows-Eventlog
Time Written: 20111028090228.528016-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=18
"PROCESSOR_IDENTIFIER"=AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0100
"configsetroot"=%SystemRoot%\ConfigSetRoot
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s Průzkumníkem Windows

#5 Příspěvek od motji »

:arrow: Stahněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=115222
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
artreus
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2012 18:08

Re: Problém s Průzkumníkem Windows

#6 Příspěvek od artreus »

Ochrana: Povolena

25.2.2012 12:31:04
mbam-log-2012-02-25 (15-33-27).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 355869
Uplynulý čas: 1 hodin, 7 minut, 39 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
D:\SuperMeatBoy\Uninstall.exe (Malware.Packer.Krunchy) -> Žádná instrukce nebyla provedena.

(konec)
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s Průzkumníkem Windows

#7 Příspěvek od motji »

V mbamu smažte.
:arrow: Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
artreus
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2012 18:08

Re: Problém s Průzkumníkem Windows

#8 Příspěvek od artreus »

Prosím nechci tady vypadat nějak nevěřícně, ale mám pocit že neustále prohledávám svůj počítač od virů...myslím že problém bude spíše s Windowsy. Jestli se pletu tak promiňte (ale všechny ty programy mají takové varování že můžou poškodit počítač a to já bych nechtěl...) proto to radši ještě zmiňuji
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s Průzkumníkem Windows

#9 Příspěvek od motji »

To máte pravdu, ale musíme vyloučit, že ten problém způsobují viry :) . Jinak bohužel padání průzkumníka u win7 je celkem běžný jev :(
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“