Prosím o kontrolu logu

[Hluchon]

DObrý den v poslední době mi PC začalo zamrzat, a začala se objevovat modrá smrt, podařilo se mi stáhnout dle chybových hlášek několik hotfixu od Microsoftu, ale pokaždé vyskočí něco nového. Naposledy jsem měl chybu 0x0000001d a od restartu se chová compl divně a nejde mi v žádném prohlížeči najet na Microsoft support a ani na stránky hijackthis.cz, tak jsem pojal podezření, že mám v kompu nějakou havěť, prodím o kontrolu logu. Chybové hlášky mi skáčí hlavně jak mile pustím nějakou gamesu, např. BF3.

Zde je výpis, za kontrolu předem děkuji s pozdravem Z. Hluchník

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:21, on 1.8.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\conime.exe
C:\Users\Zdenda\Downloads\hijackthis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Zdenda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DesktopOK] "E:\Programy\DesktopOK_x64\DesktopOK_x64.exe" -bg -startup
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9113 bytes

[vyosek]

Zdravim a pekny den preji

Dejte prosim logy z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895 - je podrobnejsi nez HJT

[Hluchon]

Ok, omlouvám se netušil jsem ...
Tady je log.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Zdenda at 2012-08-02 15:24:47
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 104 GB (27%) free of 382 GB
Total RAM: 8190 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:24:54, on 2.8.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
C:\Program Files\trend micro\Zdenda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2603845150-2394693302-2311259666-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7595 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
taskeng.exe {FD7D02EF-9F14-4AB3-BC29-23F972D2C7F4}
taskeng.exe {8338333F-8127-4756-886B-E397E3B8612D}
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2932
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {8F8602C7-E430-4ACA-9DCD-B28EC5534D68}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3596.55303f0.2096396165 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll" - -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3596 "\\.\pipe\gecko-crash-server-pipe.3596" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe" --proxy-stub-channel=Flash1636.6F59EE30.41 --host-broker-channel=Flash1636.6F59EE30.18467 --host-pid=1636 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe" --channel=1992.003CF7FC.901845926 --proxy-stub-channel=Flash1636.6F59EE30.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll" --host-npapi-version=27 --type=renderer
taskeng.exe {084022FB-E56D-4154-9173-1E27EA302D59}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 652 656 664 65536 660
"C:\Users\Zdenda\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2603845150-2394693302-2311259666-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2603845150-2394693302-2311259666-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-15 329480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-07-05 4018888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-15 59144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DesktopOK]
E:\Programy\DesktopOK_x64\DesktopOK_x64.exe [2011-10-20 346624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-21 138240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Zdenda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-26 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17 651264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KennyKerr.WindowClippings.HotKey]
E:\Programy Instalace\WindowClippings.exe [2010-08-16 311736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KennyKerr.WindowClippings.Icon]
E:\Programy Instalace\WindowClippings.exe [2010-08-16 311736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-11-18 1492264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCsoft Launcher]
C:\Program Files (x86)\NCsoft\Launcher\NCLauncher.exe [2012-07-24 38744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17420464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
Skytel.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-10-01 825184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Zdenda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
C:\Users\Zdenda\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe --startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Zdenda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-09-16 384512]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=60

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-02 15:24:47 ----D---- C:\rsit
2012-08-02 15:24:47 ----D---- C:\Program Files\trend micro
2012-07-19 19:07:41 ----D---- C:\ProgramData\Mozilla
2012-07-19 19:07:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-07-14 09:53:42 ----D---- C:\Program Files\ESET
2012-07-11 15:28:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-11 15:28:47 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-11 15:28:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-11 15:28:46 ----A---- C:\Windows\SYSWOW64\url.dll
2012-07-11 15:28:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-11 15:28:46 ----A---- C:\Windows\system32\urlmon.dll
2012-07-11 15:28:46 ----A---- C:\Windows\system32\url.dll
2012-07-11 15:28:46 ----A---- C:\Windows\system32\iertutil.dll
2012-07-11 15:28:45 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-11 15:28:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-07-11 15:28:45 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-11 15:28:45 ----A---- C:\Windows\system32\jscript9.dll
2012-07-11 15:28:45 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-11 15:28:45 ----A---- C:\Windows\system32\ieui.dll
2012-07-11 15:28:44 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-07-11 15:28:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-11 15:28:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-11 15:28:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-07-11 15:28:44 ----A---- C:\Windows\system32\wininet.dll
2012-07-11 15:28:44 ----A---- C:\Windows\system32\jscript.dll
2012-07-11 15:28:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-11 15:28:42 ----A---- C:\Windows\system32\mshtml.dll
2012-07-11 15:28:42 ----A---- C:\Windows\system32\ieframe.dll
2012-07-11 15:28:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-11 15:28:21 ----A---- C:\Windows\system32\win32k.sys
2012-07-11 13:10:33 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-11 13:10:33 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-11 13:10:33 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 13:10:33 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 13:10:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-07-11 13:10:31 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-11 13:10:31 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 13:10:31 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 13:10:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 13:10:30 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-07-11 13:10:26 ----A---- C:\Windows\system32\shell32.dll
2012-07-11 13:10:25 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-07-10 21:16:23 ----D---- C:\Program Files (x86)\EA SPORTS

======List of files/folders modified in the last 1 month======

2012-08-02 15:24:51 ----D---- C:\Windows\Temp
2012-08-02 15:24:47 ----RD---- C:\Program Files
2012-08-02 15:08:17 ----D---- C:\ProgramData\NVIDIA
2012-08-01 17:39:25 ----D---- C:\Windows\pss
2012-08-01 17:25:20 ----D---- C:\Windows\inf
2012-08-01 16:36:35 ----D---- C:\Windows
2012-08-01 16:36:29 ----D---- C:\Windows\Minidump
2012-08-01 02:10:25 ----D---- C:\Users\Zdenda\AppData\Roaming\Skype
2012-07-31 22:27:34 ----D---- C:\Windows\SysWOW64
2012-07-31 22:27:29 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-07-31 21:39:10 ----D---- C:\Windows\System32
2012-07-31 21:28:38 ----D---- C:\Windows\winsxs
2012-07-31 21:28:33 ----D---- C:\Windows\system32\catroot
2012-07-31 21:28:16 ----SHD---- C:\System Volume Information
2012-07-31 21:11:58 ----D---- C:\Windows\SoftwareDistribution
2012-07-31 21:02:59 ----HD---- C:\ProgramData
2012-07-31 21:01:22 ----D---- C:\Program Files (x86)\Common Files
2012-07-31 21:01:19 ----RD---- C:\Program Files (x86)
2012-07-31 20:37:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-31 17:24:04 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-07-31 17:18:15 ----D---- C:\Windows\system32\catroot2
2012-07-31 00:13:58 ----D---- C:\Windows\Prefetch
2012-07-30 14:28:21 ----D---- C:\Users\Zdenda\AppData\Roaming\Intelli-studio
2012-07-29 21:02:44 ----D---- C:\Windows\system32\Tasks
2012-07-29 21:02:40 ----D---- C:\Program Files (x86)\CCleaner
2012-07-28 11:04:21 ----SD---- C:\Users\Zdenda\AppData\Roaming\Microsoft
2012-07-27 22:29:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-24 18:55:50 ----D---- C:\ProgramData\PMB Files
2012-07-24 08:20:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-07-23 17:44:50 ----SHD---- C:\Windows\Installer
2012-07-23 17:44:50 ----SHD---- C:\Config.Msi
2012-07-23 17:44:50 ----D---- C:\ProgramData\Skype
2012-07-14 09:58:51 ----D---- C:\Windows\system32\drivers
2012-07-12 14:35:00 ----D---- C:\Windows\Debug
2012-07-11 19:35:40 ----D---- C:\Windows\SYSWOW64\migration
2012-07-11 19:35:40 ----D---- C:\Windows\system32\migration
2012-07-11 19:35:40 ----D---- C:\Program Files\Internet Explorer
2012-07-11 19:35:40 ----D---- C:\Program Files (x86)\Internet Explorer
2012-07-11 19:33:44 ----D---- C:\Users\Zdenda\AppData\Roaming\vlc
2012-07-11 15:30:10 ----A---- C:\Windows\system32\mrt.exe
2012-07-06 00:32:37 ----D---- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
2012-07-06 00:32:32 ----D---- C:\Windows\Logs
2012-07-06 00:16:36 ----RSD---- C:\Windows\assembly
2012-07-05 20:08:18 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-07-05 17:06:04 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-07-05 00:06:58 ----D---- C:\Program Files (x86)\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2011-05-19 120920]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-04 834544]
R0 symsnap;Symantec Volume Snap Shot Driver; C:\Windows\system32\DRIVERS\symsnap.sys [2007-12-20 165424]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R2 v2imount;Symantec V2i Mount Driver; C:\Windows\system32\DRIVERS\v2imount.sys [2008-01-19 45104]
R3 GEARAspiWDM;GearAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-01-19 18224]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-05-15 14298944]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2011-09-08 508520]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 98944]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 168704]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-09-10 74960]
S3 adgs26b8;adgs26b8; C:\Windows\system32\drivers\adgs26b8.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 ET5Drv;ET5Drv; \??\C:\Windows\ET5Drv.sys [2007-10-16 36416]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2012-07-14 25640]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-07-27 25640]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-07-27 30528]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-06-10 31744]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-05-08 82816]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 108296]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 19720]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 144648]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 126216]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 31496]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 123656]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 130824]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 19456]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-12-13 194416]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 117592]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 117592]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-05 76888]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 27648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 117592]
S4 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Předem děkuji.

[vyosek]

Poprosim jeste o log info.txt, ktery najdete zde c:\rsit

[Hluchon]

Zde to je.

info.txt logfile of random's system information tool 1.09 2012-08-02 15:24:56

======Uninstall list======

-->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
602XML Filler-->MsiExec.exe /X{E5C8C4ED-A76A-49F3-BDB8-56DEEE92F19B}
AC3Filter 1.63b-->"C:\Program Files (x86)\AC3Filter\unins000.exe"
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{47FA2C44-D148-4DBC-AF60-B91934AA4842}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_Plugin.exe -maintain plugin
Adobe Reader 9.5.1 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A95000000001}
Agama2-->C:\Program Files (x86)\InstallShield Installation Information\{3E082BD8-AC11-450C-A9C6-523DE3FB0213}\Setup.exe -runfromtemp -l0x0005 -removeonly
Aktualizace NVIDIA 1.8.15-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.6\NVI2.DLL",UninstallPackage Display.Update
AmoK Exif Sorter 2.5.2 (remove only)-->"C:\Program Files (x86)\AmoK Exif Sorter\uninst.exe"
aTube Catcher-->C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe
Batman Arkham City version 1.0-->"D:\games\Batman Arkham City\unins000.exe"
Battlefield 2: Deluxe Edition-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
BreezeBrowser Pro-->"C:\Program Files (x86)\BreezeSys\BreezeBrowserPro\Uninstall.exe" "C:\Program Files (x86)\BreezeSys\BreezeBrowserPro\install.log" -u
Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.3 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{149464D9-B06F-4505-9968-FD1206F67AD3}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.5 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{750C87B8-AF19-4C3C-B791-50D9C83AE572}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0405
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
CDex - Open Source Digital Audio CD Extractor-->C:\Program Files (x86)\CDex\uninstall.exe
Command & Conquer The First Decade-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}\setup.exe" -l0x9 -removeonly
CorelDRAW Graphics Suite 12-->MsiExec.exe /I{505AFDC0-5E72-4928-8368-5DEA385E3647}
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Easy Tune 6 B11.0823.1-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA}
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
GeoVision ADPCM-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\GeoADPCM.inf
GeoVision H264-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_GX264 132 C:\Windows\INF\G264.inf
GeoVision JPEG-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_GXJPG 132 C:\Windows\INF\GJPG.inf
GeoVision MPEG2-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_GXGM20 132 C:\Windows\INF\GM20.inf
GeoVision MPEG4 ASP-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_GXAMP4 132 C:\Windows\INF\GMP4.inf
GeoVision MPEG4 AVC-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_GXAVC 132 C:\Windows\INF\GAVC.inf
GeoVision MPEG4-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_GeoCodec 132 C:\Windows\INF\GEOX.inf
GeoVision MXPG-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_MXPG 132 C:\Windows\INF\MXPG.inf
GOM Player-->"C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe"
GotClip Downloader-->"C:\Program Files (x86)\GotClip\uninstall.exe"
Haihaisoft Universal Player-->C:\Program Files (x86)\Haihaisoft Universal Player\Uninstall.exe
HandBrake 0.9.6-->C:\Program Files\Handbrake\uninst.exe
High-Definition Video Playback-->MsiExec.exe /X{9193490D-5229-4FC4-9BB9-A6D63C09574A}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
HTC BMP USB Driver-->MsiExec.exe /I{31A559C1-9E4D-423B-9DD3-34A6C5398752}
HTC Driver Installer-->MsiExec.exe /X{6D6664A9-3342-4948-9B7E-034EFE366F0F}
HTC Sync-->MsiExec.exe /I{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}
IL-2 Sturmovik: Forgotten Battles-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3} /l1029
Java(TM) 6 Update 33-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216033FF}
JMicron JMB36X Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x9 -removeonly
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
K-Lite Codec Pack 7.7.0 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Knoll Light Factory EZ Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\klfezstudio.log
Ladicka-->C:\Program Files (x86)\Ladicka\uninstall.exe
Logitech Gaming Software 5.10-->MsiExec.exe /X{1444D2EE-C7AD-44A8-844F-2634B49353D1}
Magic Bullet Looks Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\mblooksstudio.log
Max Payne 3-->"C:\Program Files (x86)\InstallShield Installation Information\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}\Setup.exe" -runfromtemp -l0x0409 -removeonly
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion-->MsiExec.exe /I{B44F3823-52DD-45CA-A916-8B320778715D}
Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework64\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework64\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Corporation-->MsiExec.exe /I{9C5A08BF-BB99-4998-81BD-F6CC32483B34}
Microsoft Corporation-->MsiExec.exe /I{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft LifeCam-->MsiExec.exe /X{5CE7E3F5-9803-4F32-AA89-2D8848A80109}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Xbox 360 Accessories 1.2-->MsiExec.exe /X{D9C50188-12D5-4D3E-8F00-682346C2AA5F}
Mozilla Firefox 14.0.1 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
MyTools-->C:\Program Files (x86)\MyTools\uninstall.exe
NCsoft Launcher-->C:\Program Files (x86)\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero 11 Disc Menus Basic-->MsiExec.exe /X{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}
Nero 11 Effects Basic-->MsiExec.exe /X{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}
Nero 11 Image Samples-->MsiExec.exe /X{F3743A2C-5D5F-4456-8F98-5DF36A954C50}
Nero 11 Kwik Themes Basic-->MsiExec.exe /X{5A212B2D-140D-46F4-B625-2D1CA5A00594}
Nero 11 PiP Effects Basic-->MsiExec.exe /X{2CA7225D-CB12-462A-9DD1-50319E158BA5}
Nero 11-->MsiExec.exe /I{7E4413BB-CE31-4E01-A1C0-E37BDD0187CE}
Nero Audio Pack 1-->MsiExec.exe /X{A7A0BF2E-31CC-49E3-9913-52C503EB969D}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero BackItUp 11 Help (CHM)-->MsiExec.exe /X{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}
Nero BackItUp 11-->MsiExec.exe /X{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}
Nero Backup Drivers-->MsiExec.exe /X{D600D357-5CB9-4DE9-8FD4-14E208BD1970}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero Burning ROM 11 Help (CHM)-->MsiExec.exe /X{53F7746A-96AA-49A5-86B8-59989680DAC5}
Nero Burning ROM 11-->MsiExec.exe /X{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero ControlCenter 11 Help (CHM)-->MsiExec.exe /X{D4D66270-9147-4BDF-9946-FCA2B303AA8F}
Nero ControlCenter 11-->MsiExec.exe /X{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero Core Components 11-->MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero CoverDesigner 11 Help (CHM)-->MsiExec.exe /X{55C2143E-FBA5-442F-9AFA-726FF068F39D}
Nero CoverDesigner 11-->MsiExec.exe /X{FF44BCE5-5A18-4051-85F0-BC172D7B4695}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero Express 11 Help (CHM)-->MsiExec.exe /X{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}
Nero Express 11-->MsiExec.exe /X{E10AAE4A-98B8-420A-BD93-E0520C23D624}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero Kwik Media Help (CHM)-->MsiExec.exe /X{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}
Nero Kwik Media-->MsiExec.exe /X{BE814218-3919-4EA3-868A-2F60BC135CB4}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero Recode 11 Help (CHM)-->MsiExec.exe /X{57F80ECF-E27C-4EEE-AB58-E971BACE2639}
Nero Recode 11-->MsiExec.exe /X{F69FB940-5031-4FE8-AFAD-085802D0BF63}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero RescueAgent 11 Help (CHM)-->MsiExec.exe /X{D01CE99A-8802-483C-A79F-298B691EB432}
Nero RescueAgent 11-->MsiExec.exe /X{034DCAF9-96E7-4936-9A07-712F80B5181E}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero SoundTrax 11 Help (CHM)-->MsiExec.exe /X{390757AA-8830-43DC-AEE0-4E5B6F8439EB}
Nero SoundTrax 11-->MsiExec.exe /X{0713D1F9-DD77-42C1-8C7D-54D479E2E743}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Video 11 Help (CHM)-->MsiExec.exe /X{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}
Nero Video 11-->MsiExec.exe /X{0D7A4289-99CF-4B8D-B812-86BE50A54552}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
Nero WaveEditor 11 Help (CHM)-->MsiExec.exe /X{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}
Nero WaveEditor 11-->MsiExec.exe /X{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NHL® 09-->MsiExec.exe /X{F2B5A2A7-2DF9-4361-8BD5-362714528B51}
NVIDIA 3D Vision Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe" -runfromtemp -l0x0009 -removeonly
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Ovladač 3D Vision 301.42-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.6\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač řídící jednotky 3D Vision 301.42-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.6\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 301.42-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.6\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.12.0213-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.5\NVI2.DLL",UninstallPackage Display.PhysX
OpenOffice.org 3.1-->MsiExec.exe /I{824BADF8-9A1B-4D07-8817-8DDDC8543F23}
Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovladače videa společnosti Pinnacle-->MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Pinnacle Studio 14-->MsiExec.exe /I{AADD1C8F-D59F-4D55-A726-768C71A205A8}
Pinnacle Studio Ultimate Collection Plugins-->MsiExec.exe /I{F5C372A1-40F3-49DA-A049-F75CDE9177DC}
PunkBuster Services-->D:\games\Battlefield 3 limited edition\Battlefield 3\pbsvc.exe -u
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Red Giant ToonIt Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\rgtoonitstudio.log
Remote Viewlog-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6A5E2AA3-92B9-40AD-89B9-4B4AA489AB93}\Setup.exe" -l0x9
Restorer2000 Pro 3.3-->"C:\Program Files (x86)\Restorer2000 Pro\unins000.exe"
Rockstar Games Social Club-->C:\Program Files (x86)\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
SAMSUNG Intelli-studio-->"C:\Program Files (x86)\SAMSUNG\Intelli-studio\uninstall.exe"
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {480E8A87-3B8C-3ECE-8CEA-6B2349AE1C1F} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {897A5D64-963A-3C11-A176-F6766BD09D16} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
Shufflr-->msiexec /qb /x {0741C489-4D35-4C29-75A7-7D2A808B81D3}
Shufflr-->MsiExec.exe /I{0741C489-4D35-4C29-75A7-7D2A808B81D3}
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
SureThing Express Labeler-->"C:\Program Files (x86)\SureThing Express Labeler\unins000.exe"
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
The Battle for Middle-earth (tm) II-->D:\games\The Battle for Middle-earth (tm) II\EAUninstall.exe
The Lord of the Rings, The Rise of the Witch-king-->D:\games\The Lord of the Rings, The Rise of the Witch-king\EAUninstall.exe
Tom Clancy's Rainbow Six Vegas 2-->"C:\Program Files (x86)\InstallShield Installation Information\{FD416706-875C-4B0B-A23A-9E740DAE029E}\setup.exe" -runfromtemp -l0x0009 -removeonly
Trapcode 3DStroke Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tc3dstrokestudio.log
Trapcode Particular Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tcparticularstudio.log
Trapcode Shine Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tcshinestudio.log
Unlocker 1.9.0-x64-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update Service-->C:\Program Files (x86)\Sony Ericsson\Update Service\uninst.exe
USB Vibration Joystick-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}\setup.exe" -l0x9
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}
Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
welcome-->MsiExec.exe /X{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Family Safety-->MsiExec.exe /I{D0C56275-9E7F-4BE5-AB37-15124BF808F2}
Windows Live Family Safety-->MsiExec.exe /X{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{027E5FAB-1476-4C59-AAB4-32EF28520399}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Messenger-->MsiExec.exe /X{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Sync-->MsiExec.exe /X{068B46A0-8858-4CEB-80BC-A4AE787A05FC}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files (x86)\WinRAR\uninstall.exe
Xilisoft Video Converter Ultimate-->C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\Uninstall.exe

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AS: Windows Defender
AS: SUPERAntiSpyware (disabled)

======System event log======

Computer Name: Hluchonuv
Event Code: 7036
Message: Stav služby PnkBstrB byl změněn na: Zastaveno
Record Number: 372969
Source Name: Service Control Manager
Time Written: 20120226204709.000000-000
Event Type: Informace
User:

Computer Name: Hluchonuv
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Zastaveno
Record Number: 372968
Source Name: Service Control Manager
Time Written: 20120226204231.000000-000
Event Type: Informace
User:

Computer Name: Hluchonuv
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Spuštěno
Record Number: 372967
Source Name: Service Control Manager
Time Written: 20120226202601.000000-000
Event Type: Informace
User:

Computer Name: Hluchonuv
Event Code: 52
Message: Ovladač zjistil, že zařízení \Device\Harddisk3\DR3 upozornilo na možnost selhání. Je nutné okamžitě zazálohovat data a vyměnit pevný disk. K selhání může dojít každým okamžikem.
Record Number: 372966
Source Name: disk
Time Written: 20120226195647.554800-000
Event Type: Upozornění
User:

Computer Name: Hluchonuv
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Zastaveno
Record Number: 372965
Source Name: Service Control Manager
Time Written: 20120226195450.000000-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Hluchonuv
Event Code: 1
Message: Klient Certifikační služby byl úspěšně spuštěn.
Record Number: 44813
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20110606182352.308831-000
Event Type: Informace
User: Hluchonuv\Zdenda

Computer Name: Hluchonuv
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 44812
Source Name: Microsoft-Windows-Search
Time Written: 20110606182330.000000-000
Event Type: Informace
User:

Computer Name: Hluchonuv
Event Code: 100
Message:
Record Number: 44811
Source Name: Norton Ghost
Time Written: 20110606182329.000000-000
Event Type: Informace
User:

Computer Name: Hluchonuv
Event Code: 302
Message: Windows (2980) Windows: Databázový stroj úspěšně dokončil obnovení.
Record Number: 44810
Source Name: ESENT
Time Written: 20110606182326.000000-000
Event Type: Informace
User:

Computer Name: Hluchonuv
Event Code: 301
Message: Windows (2980) Windows: Databázový stroj začal přehrávat soubor protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log.
Record Number: 44809
Source Name: ESENT
Time Written: 20110606182326.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Hluchonuv
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x37cb145

Typ přihlášení: 3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 117369
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120405124314.024200-000
Event Type: Úspěch auditu
User:

Computer Name: Hluchonuv
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x37cb145
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: JANICKY
Adresa zdrojové sítě 192.168.0.114
Zdrojový port: 2256

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 117368
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120405124314.015200-000
Event Type: Úspěch auditu
User:

Computer Name: Hluchonuv
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x37cb135

Typ přihlášení: 3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 117367
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120405124314.010200-000
Event Type: Úspěch auditu
User:

Computer Name: Hluchonuv
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x37cb135
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: JANICKY
Adresa zdrojové sítě 192.168.0.114
Zdrojový port: 2256

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 117366
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120405124314.006200-000
Event Type: Úspěch auditu
User:

Computer Name: Hluchonuv
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3564b73

Typ přihlášení: 3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 117365
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120405123114.129200-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\Common Files\Teleca Shared;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Pinnacle\Shared Files\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
"DFSTRACINGON"=FALSE
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

[vyosek]

Pouzijte WhoCrash dle kolegy

použij WhoCrashed

po spuštění klikni na Analyze,

aplikace po chvilce vytvoří zprávu o příčině pádu, kterou mi sem nakopíruj.

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
• Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

[Hluchon]

Tak ke zhroucení mi to nedalo nic, výpis z logu:

System Information (local)
--------------------------------------------------------------------------------

computer name: HLUCHONUV
windows version: Windows Vista Service Pack 2, 6.0, build: 6002
windows dir: C:\Windows
CPU: GenuineIntel Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 8587395072 total
VM: 2147352576, free: 1961197568



--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.


No valid crash dumps have been found on your computer


--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

Crash dumps are enabled but no valid crash dumps have been found. It may be that there are problems which prevent crash dumps from being written out. Check out the following article for possible causes: If crash dumps are not written out.

In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.

Check out the following articles for more information: Troubleshooting sudden resets and shut downs.

Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.


a zde je výpis z RougueKilleru

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Spuštěno v: Normální režim
Uživatel: Zdenda [Práva správce]
Mód: Kontrola -- Datum: 08/03/2012 14:54:37

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 4 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD642JJ ATA Device +++++
--- User ---
[MBR] 02e6b263d7dc756b870fcd69fff6136f
[BSP] 46f622f7ac957f3e4f7d188a451b3675 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 610478 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD401LJ ATA Device +++++
--- User ---
[MBR] 082cd3e2450fc51ad08e709b7dee4f57
[BSP] e71163e22d2c3d47a0872fb7dfbd0f0c : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 381551 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] 7465abf29cf70168113398e2c466542b
[BSP] 0cabeaee712833fd6355456847a04aef : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 600000 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1228802048 | Size: 353866 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: SAMSUNG HD642JJ ATA Device +++++
--- User ---
[MBR] 9c649b8e73974016fff19b8b1d944c7e
[BSP] 5d71c96023c6a0e5c2963ebb48074988 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 610478 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive4: Patriot Memory USB Device +++++
--- User ---
[MBR] a29a2842766cc47a2e01355bbae7690a
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 30540 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

[Hluchon]

Jinak po tom co jsem vyčistil registry ( CCleaner ) a opravil výpis z dle logu z RIST tak se PC dost zrychlilo, hlavně při startu, ale ve hrách stále zamrzá. Modrou smrt jsem od té doby zatím něměl.
Děkuji za rady s pozdravem Z. Hluchník.

[vyosek]

Jen upozornuji, ze jsme bezp. forum, hrami se nejak nezabyvame

Spustte znovu RogueKiller

• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[Hluchon]

Upozornění akceptuji, dle přiloženého navodu se pokusím, doufám, že to dopadne.... dobře.
Za vše moc díky, podpořím Vás samozřejmě, je to super web. S pozdravem Z. Hluchník

[Hluchon]

tady je požadovaná zpráva z RK

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Spuštěno v: Normální režim
Uživatel: Zdenda [Práva správce]
Mód: Odebrat -- Datum: 08/03/2012 17:20:58

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD642JJ ATA Device +++++
--- User ---
[MBR] 02e6b263d7dc756b870fcd69fff6136f
[BSP] 46f622f7ac957f3e4f7d188a451b3675 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 610478 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD401LJ ATA Device +++++
--- User ---
[MBR] 082cd3e2450fc51ad08e709b7dee4f57
[BSP] e71163e22d2c3d47a0872fb7dfbd0f0c : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 381551 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] 7465abf29cf70168113398e2c466542b
[BSP] 0cabeaee712833fd6355456847a04aef : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 600000 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1228802048 | Size: 353866 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: SAMSUNG HD642JJ ATA Device +++++
--- User ---
[MBR] 9c649b8e73974016fff19b8b1d944c7e
[BSP] 5d71c96023c6a0e5c2963ebb48074988 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 610478 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive4: Patriot Memory USB Device +++++
--- User ---
[MBR] a29a2842766cc47a2e01355bbae7690a
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 30540 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

[vyosek]

Jeste dejte Opravit hosts v RogueKilleru a pak se vrhnete na ComboFix