Zdravím, přijedu domů a mám zničehonic docela zpomalený počítač, když otevřu spuštěné procesy, tak tam mám asi 40x rundll32 a 20x svchost.exe, především se mi začali zničehonic sekat veškeré hry v pc. Proto bych chtěl poprosit o kontrolu.
Zde je výpis :
Logfile of random's system information tool 1.08 (written by random/random)
Run by Lenka at 2010-08-15 21:56:48
Microsoft Windows 7 Home Premium
System drive C: has 188 GB (79%) free of 238 GB
Total RAM: 4095 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:58, on 15.8.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ICQ6.5\ICQ.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Lenka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files (x86)\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files (x86)\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10728 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
winlogon.exe
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
taskeng.exe {4B458ED0-6DC4-410E-B342-F61F8BD9F150}
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\P4G\BatteryLife.exe"
Atouch64.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
WLIDSvcM.exe 1804
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files\Windows Sidebar\sidebar.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6572.5ea4980.1004702932 "C:\Windows\system32\Macromed\Flash\NPSWF32.dll" 6572 plugin \\.\pipe\gecko-crash-server-pipe.6572
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://www.viry.cz/forum/viewtopic.php?f=30&t=82744
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4776 CREDAT:79873
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_2b0a484a" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_10265342" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0e965e78" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_28f66626" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0d2a67fa" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0a8e6e31" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_20e272e3" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_20ca8395" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_17528a59" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_055e8fc5" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_229a96f6" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_1686a7a8" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_1b32a7a8" -adminarchive
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0842adef" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0cdeb417" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_2712bf6c" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_15eecb5e" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_27b6d379" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_24ced849" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_2a16dea0" -adminarchive
"C:\Users\Lenka\Downloads\RSITx64.exe"
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_2272e489" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_10aeef14" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0c52fab7" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_1f9affb6" -adminarchive
"C:\Windows\system32\wermgr.exe" "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_011f062c"
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_2bef06f7" -adminarchive
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_265f0d4d" -adminarchive
"C:\Windows\system32\wermgr.exe" "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_1f170fec"
C:\Windows\system32\RunDll32.exe C:\Windows\system32\WerConCpl.dll, LaunchErcApp -displayresponse "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_1ea3127b" -adminarchive
"C:\Windows\system32\wermgr.exe" "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_191f198d"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wermgr.exe" "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_18af1f28"
"C:\Windows\system32\wermgr.exe" "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0de328f8"
"C:\Windows\system32\wermgr.exe" "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_16072f7d"
"C:\Windows\system32\wermgr.exe" "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_17233e9a"
"C:\Program Files (x86)\Eset\nod32krn.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Sopcast Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Sopcast Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-11 16328736]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
"ICQ"=C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-11-16 172792]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-04-02 98304]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"nod32kui"=C:\Program Files (x86)\Eset\nod32kui.exe [2010-02-04 949376]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2010-08-05 202256]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-10-10 72248]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-10-10 3054136]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 2 months======
2010-08-15 21:56:49 ----D---- C:\Program Files\trend micro
2010-08-15 21:56:48 ----D---- C:\rsit
2010-08-13 01:00:08 ----D---- C:\8160ab28f9654b4f5ea0
2010-08-12 10:49:25 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-12 10:49:25 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-12 10:49:25 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-12 10:49:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-08-12 10:49:23 ----A---- C:\Windows\system32\schannel.dll
2010-08-12 10:49:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-12 10:49:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-12 10:49:10 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-08-12 10:49:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-08-12 10:49:07 ----A---- C:\Windows\system32\mshtml.dll
2010-08-12 10:49:05 ----A---- C:\Windows\system32\ieframe.dll
2010-08-12 10:49:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-08-12 10:49:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-08-12 10:49:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-08-12 10:49:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-08-12 10:49:02 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-08-12 10:49:02 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-08-12 10:49:02 ----A---- C:\Windows\system32\wininet.dll
2010-08-12 10:49:02 ----A---- C:\Windows\system32\urlmon.dll
2010-08-12 10:49:02 ----A---- C:\Windows\system32\iepeers.dll
2010-08-12 10:49:02 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-12 10:49:01 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-08-12 10:49:01 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-08-12 10:49:01 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-08-12 10:49:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-08-12 10:49:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-08-12 10:49:01 ----A---- C:\Windows\system32\mstime.dll
2010-08-12 10:49:01 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-12 10:49:01 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-12 10:49:01 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-12 10:49:01 ----A---- C:\Windows\system32\ieui.dll
2010-08-12 10:48:57 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-08-12 10:48:57 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-08-12 10:48:57 ----A---- C:\Windows\system32\rtutils.dll
2010-08-12 10:48:56 ----A---- C:\Windows\system32\win32k.sys
2010-08-12 10:48:55 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-08-12 10:48:55 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 20:31:32 ----D---- C:\Users\Lenka\AppData\Roaming\Leadertech
2010-08-11 20:21:42 ----D---- C:\Program Files (x86)\EA Sports
2010-08-11 20:21:38 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-08-11 20:21:38 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-08-11 20:21:38 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-08-11 20:10:18 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2010-08-11 20:10:05 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2010-08-11 20:03:22 ----D---- C:\Program Files (x86)\QS
2010-08-11 20:03:08 ----D---- C:\Users\Lenka\AppData\Roaming\TeamViewer
2010-08-11 18:42:02 ----D---- C:\ProgramData\WinZip
2010-08-11 18:42:00 ----D---- C:\Program Files (x86)\WinZip
2010-08-11 18:33:35 ----D---- C:\Users\Lenka\AppData\Roaming\Hamachi
2010-08-11 18:31:27 ----A---- C:\Windows\system32\drivers\hamachi.sys
2010-08-11 18:31:26 ----D---- C:\Program Files (x86)\Hamachi
2010-08-11 17:12:51 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-08-11 17:11:56 ----D---- C:\Users\Lenka\AppData\Roaming\DAEMON Tools Lite
2010-08-11 17:11:53 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-08-11 01:33:27 ----A---- C:\Windows\SYSWOW64\Nadeo.ini
2010-08-10 22:36:57 ----D---- C:\ProgramData\TrackMania
2010-08-10 22:30:35 ----D---- C:\Program Files (x86)\TmNationsForever
2010-08-09 21:01:01 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2010-08-09 21:01:01 ----A---- C:\Windows\SYSWOW64\x3daudio1_2.dll
2010-08-09 21:01:01 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-08-09 21:01:01 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-08-09 21:01:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-08-09 21:01:01 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-08-09 21:01:01 ----A---- C:\Windows\system32\x3daudio1_2.dll
2010-08-09 21:01:01 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-08-09 21:01:01 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-08-09 21:01:01 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-08-09 21:01:00 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-08-09 21:01:00 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2010-08-09 21:01:00 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2010-08-09 21:01:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2010-08-09 21:01:00 ----A---- C:\Windows\system32\xinput1_3.dll
2010-08-09 21:01:00 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-08-09 21:01:00 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-08-09 21:01:00 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-08-09 21:00:59 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2010-08-09 21:00:59 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2010-08-09 21:00:59 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-08-09 21:00:59 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-08-09 21:00:58 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2010-08-09 21:00:58 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-08-09 21:00:58 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-08-09 21:00:58 ----A---- C:\Windows\system32\d3dx10.dll
2010-08-09 21:00:56 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2010-08-09 21:00:56 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2010-08-09 21:00:56 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-08-09 21:00:56 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-08-09 21:00:55 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2010-08-09 21:00:55 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2010-08-09 21:00:55 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-08-09 21:00:55 ----A---- C:\Windows\system32\xinput1_2.dll
2010-08-09 21:00:55 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-08-09 21:00:55 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-08-09 21:00:54 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2010-08-09 21:00:54 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2010-08-09 21:00:54 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2010-08-09 21:00:54 ----A---- C:\Windows\system32\xinput1_1.dll
2010-08-09 21:00:54 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-08-09 21:00:54 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-08-09 21:00:49 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-08-09 21:00:49 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-08-09 21:00:48 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2010-08-09 21:00:48 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2010-08-09 21:00:48 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2010-08-09 21:00:48 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-08-09 21:00:48 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-08-09 21:00:48 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-08-09 21:00:47 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2010-08-09 21:00:47 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2010-08-09 21:00:47 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2010-08-09 21:00:47 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-08-09 21:00:47 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-08-09 21:00:47 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-08-09 21:00:46 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2010-08-09 21:00:46 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2010-08-09 21:00:46 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-08-09 21:00:46 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-08-09 20:58:07 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2010-08-09 20:57:51 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2010-08-09 20:57:49 ----A---- C:\Windows\game.ini
2010-08-09 20:31:26 ----D---- C:\Program Files (x86)\Activision
2010-08-09 20:28:56 ----SHD---- C:\Windows\ftpcache
2010-08-05 20:19:26 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2010-08-05 20:19:21 ----A---- C:\Windows\SYSWOW64\pndx5032.dll
2010-08-05 20:19:21 ----A---- C:\Windows\SYSWOW64\pndx5016.dll
2010-08-05 20:19:02 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2010-08-05 20:19:02 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2010-08-05 20:19:02 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2010-08-05 20:19:00 ----D---- C:\ProgramData\Real
2010-08-05 20:18:59 ----D---- C:\Program Files (x86)\Real
2010-08-05 20:17:54 ----D---- C:\Users\Lenka\AppData\Roaming\Real
2010-08-04 20:40:54 ----D---- C:\Program Files (x86)\SopCast
2010-08-04 20:40:49 ----D---- C:\Program Files (x86)\Ask.com
2010-08-04 20:36:43 ----D---- C:\Users\Lenka\AppData\Roaming\WinRAR
2010-08-04 20:36:28 ----D---- C:\Program Files (x86)\WinRAR
2010-08-04 06:51:23 ----A---- C:\Windows\system32\shell32.dll
2010-08-04 06:51:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-07-30 13:31:48 ----D---- C:\Program Files (x86)\ICQ6.5
2010-07-14 21:52:33 ----A---- C:\Windows\system32\cdd.dll
2010-07-06 12:11:07 ----D---- C:\Program Files (x86)\CCleaner
2010-06-30 17:22:29 ----A---- C:\Windows\system32\MRT.exe
2010-06-24 17:04:29 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-06-24 17:04:29 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-06-24 17:04:29 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-06-24 17:04:29 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-06-24 17:04:29 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-06-24 17:04:29 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-24 17:04:29 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-24 17:04:29 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-24 17:04:29 ----A---- C:\Windows\system32\mscoree.dll
2010-06-24 17:04:29 ----A---- C:\Windows\system32\dfshim.dll
2010-06-23 21:49:58 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-06-23 21:49:58 ----A---- C:\Windows\system32\ntdll.dll
2010-06-23 21:49:51 ----A---- C:\Windows\system32\CPFilters.dll
2010-06-23 21:49:50 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-06-23 21:49:50 ----A---- C:\Windows\system32\msdri.dll
======List of files/folders modified in the last 2 months======
2010-08-15 21:57:01 ----D---- C:\Windows\Temp
2010-08-15 21:56:49 ----RD---- C:\Program Files
2010-08-15 19:23:08 ----D---- C:\Windows\system32\config
2010-08-15 19:12:23 ----SHD---- C:\System Volume Information
2010-08-15 17:39:41 ----D---- C:\Windows\System32
2010-08-15 17:39:41 ----D---- C:\Windows\inf
2010-08-15 17:39:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-15 17:32:16 ----D---- C:\Users\Lenka\AppData\Roaming\ICQ
2010-08-15 17:32:07 ----D---- C:\Windows\system32\Tasks
2010-08-15 07:12:00 ----D---- C:\Windows
2010-08-14 09:46:37 ----D---- C:\Windows\Microsoft.NET
2010-08-13 22:20:53 ----RSD---- C:\Windows\assembly
2010-08-13 13:09:14 ----D---- C:\Windows\Downloaded Program Files
2010-08-13 13:09:10 ----D---- C:\Program Files (x86)\ESET
2010-08-13 12:42:17 ----D---- C:\Windows\debug
2010-08-13 12:34:45 ----D---- C:\Windows\winsxs
2010-08-13 06:57:55 ----D---- C:\Windows\SYSWOW64\migration
2010-08-13 06:57:55 ----D---- C:\Windows\SysWOW64
2010-08-13 06:57:55 ----D---- C:\Windows\system32\drivers
2010-08-13 06:57:55 ----D---- C:\Program Files\Internet Explorer
2010-08-13 06:57:55 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-13 06:57:54 ----D---- C:\Windows\system32\migration
2010-08-13 06:18:23 ----SHD---- C:\Windows\Installer
2010-08-13 06:18:22 ----D---- C:\ProgramData\Microsoft Help
2010-08-12 10:48:49 ----D---- C:\Windows\system32\catroot2
2010-08-12 10:48:49 ----D---- C:\Windows\system32\catroot
2010-08-11 20:47:48 ----RD---- C:\Program Files (x86)
2010-08-11 18:42:02 ----HD---- C:\ProgramData
2010-08-09 21:30:09 ----D---- C:\Windows\system32\NDF
2010-08-09 20:57:51 ----D---- C:\Windows\system32\LogFiles
2010-08-09 20:57:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-08-05 20:19:14 ----D---- C:\Program Files (x86)\Common Files
2010-08-05 19:07:54 ----D---- C:\Windows\rescache
2010-08-05 19:01:19 ----D---- C:\Windows\system32\wbem
2010-08-05 18:10:38 ----D---- C:\Program Files\Windows Sidebar
2010-08-05 18:10:38 ----D---- C:\Program Files\Windows Mail
2010-08-05 18:10:37 ----D---- C:\Program Files\Windows Photo Viewer
2010-08-05 18:10:37 ----D---- C:\Program Files\Windows Media Player
2010-08-05 18:10:37 ----D---- C:\Program Files\Windows Journal
2010-08-05 18:10:37 ----D---- C:\Program Files\Windows Defender
2010-08-05 18:10:37 ----D---- C:\Program Files\Common Files\System
2010-08-05 18:10:37 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-08-05 18:10:37 ----D---- C:\Program Files (x86)\Windows Mail
2010-08-05 18:10:34 ----D---- C:\Windows\SYSWOW64\winrm
2010-08-05 18:10:34 ----D---- C:\Windows\servicing
2010-08-05 18:10:34 ----D---- C:\Windows\ehome
2010-08-05 18:10:34 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2010-08-05 18:10:34 ----D---- C:\Program Files (x86)\Windows Media Player
2010-08-05 18:10:34 ----D---- C:\Program Files (x86)\Windows Defender
2010-08-05 18:10:33 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2010-08-05 18:10:33 ----D---- C:\Windows\SYSWOW64\slmgr
2010-08-05 18:10:33 ----D---- C:\Windows\SYSWOW64\migwiz
2010-08-05 18:10:33 ----D---- C:\Windows\SYSWOW64\en
2010-08-05 18:10:29 ----D---- C:\Windows\SYSWOW64\en-US
2010-08-05 18:10:29 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2010-08-05 18:10:29 ----D---- C:\Windows\SYSWOW64\drivers
2010-08-05 18:10:27 ----D---- C:\Windows\SYSWOW64\WCN
2010-08-05 18:10:27 ----D---- C:\Windows\SYSWOW64\wbem
2010-08-05 18:10:27 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2010-08-05 18:10:27 ----D---- C:\Windows\SYSWOW64\DriverStore
2010-08-05 18:10:27 ----D---- C:\Windows\SYSWOW64\Dism
2010-08-05 18:10:25 ----D---- C:\Windows\system32\winrm
2010-08-05 18:10:25 ----D---- C:\Windows\system32\slmgr
2010-08-05 18:10:25 ----D---- C:\Windows\system32\oobe
2010-08-05 18:10:25 ----D---- C:\Windows\system32\migwiz
2010-08-05 18:10:25 ----D---- C:\Windows\system32\Boot
2010-08-05 18:10:25 ----D---- C:\Windows\PolicyDefinitions
2010-08-05 18:10:25 ----D---- C:\Windows\en-US
2010-08-05 18:10:24 ----D---- C:\Windows\system32\sysprep
2010-08-05 18:10:24 ----D---- C:\Windows\system32\sr-Latn-CS
2010-08-05 18:10:24 ----D---- C:\Windows\system32\en
2010-08-05 18:10:18 ----D---- C:\Windows\system32\en-US
2010-08-05 18:10:16 ----D---- C:\Windows\system32\WCN
2010-08-05 18:10:16 ----D---- C:\Windows\system32\drivers\en-US
2010-08-05 18:10:15 ----D---- C:\Windows\system32\DriverStore
2010-08-05 18:10:15 ----D---- C:\Windows\system32\Dism
2010-08-05 18:10:14 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2010-08-05 13:10:29 ----D---- C:\Windows\SYSWOW64\sl-SI
2010-08-05 13:10:26 ----D---- C:\Windows\system32\sl-SI
2010-08-05 13:09:31 ----D---- C:\Windows\SYSWOW64\sk-SK
2010-08-05 13:09:24 ----D---- C:\Windows\system32\sk-SK
2010-08-05 13:08:35 ----D---- C:\Windows\SYSWOW64\ro-RO
2010-08-05 13:08:33 ----D---- C:\Windows\system32\ro-RO
2010-08-05 13:07:27 ----D---- C:\Windows\SYSWOW64\XPSViewer
2010-08-05 13:07:27 ----D---- C:\Windows\SYSWOW64\pl-PL
2010-08-05 13:07:27 ----D---- C:\Windows\SYSWOW64\MUI
2010-08-05 13:07:21 ----D---- C:\Windows\SYSWOW64\com
2010-08-05 13:07:21 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-05 13:07:21 ----D---- C:\Windows\IME
2010-08-05 13:07:20 ----D---- C:\Windows\system32\pl-PL
2010-08-05 13:07:12 ----D---- C:\Windows\system32\com
2010-08-05 13:07:12 ----D---- C:\Windows\AppPatch
2010-08-05 13:06:00 ----D---- C:\Windows\SYSWOW64\hu-HU
2010-08-05 13:05:55 ----D---- C:\Windows\system32\MUI
2010-08-05 13:05:54 ----D---- C:\Windows\system32\hu-HU
2010-08-05 13:04:40 ----D---- C:\Windows\SYSWOW64\lv-LV
2010-08-05 13:04:37 ----D---- C:\Windows\system32\lv-LV
2010-08-05 13:03:38 ----D---- C:\Windows\SYSWOW64\lt-LT
2010-08-05 13:03:36 ----D---- C:\Windows\system32\lt-LT
2010-08-05 13:02:51 ----D---- C:\Windows\SYSWOW64\hr-HR
2010-08-05 13:02:51 ----D---- C:\Windows\system32\hr-HR
2010-08-05 13:01:55 ----D---- C:\Windows\SYSWOW64\et-EE
2010-08-05 13:01:47 ----D---- C:\Windows\system32\et-EE
2010-08-05 13:00:37 ----D---- C:\Windows\SYSWOW64\bg-BG
2010-08-05 13:00:33 ----D---- C:\Windows\system32\bg-BG
2010-08-05 12:58:31 ----D---- C:\Program Files\DVD Maker
2010-08-05 12:58:16 ----D---- C:\Windows\Speech
2010-08-04 20:40:51 ----D---- C:\Windows\Tasks
2010-08-02 09:09:41 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-07-22 14:13:32 ----D---- C:\Windows\Prefetch
2010-07-21 16:32:14 ----D---- C:\Windows\SYSWOW64\Asus_Camera_ScreenSaver dir
2010-07-01 15:15:33 ----SD---- C:\Users\Lenka\AppData\Roaming\Microsoft
2010-06-30 17:22:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-06-30 17:22:11 ----D---- C:\Program Files (x86)\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-10 35384]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-07-30 241696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-11 834544]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AMON;AMON; C:\Windows\system32\drivers\amon.sys [2010-02-04 146704]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-08-11 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 a7yl2c4q;a7yl2c4q; C:\Windows\system32\drivers\a7yl2c4q.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2008-08-14 100920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files (x86)\Eset\nod32krn.exe [2010-02-04 552064]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-11 382496]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-08-09 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-08-09 103736]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-03 1255736]
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
rundll32 a svchost.exe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: rundll32 a svchost.exe
Zde je druhý 
info.txt logfile of random's system information tool 1.08 2010-08-15 21:57:17
======Uninstall list======
2007 Microsoft Office system-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Actualizare Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0418-0000-0000000FF1CE} /uninstall {6195740F-0C89-4CDD-ACAD-67CCE1495348}
Actualizare Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0418-0000-0000000FF1CE} /uninstall {E78703E2-69D3-4204-B101-9D8B7B72585C}
Actualizare Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0418-0000-0000000FF1CE} /uninstall {1531AE8C-8271-4A8C-9ABA-86AE70B0DA82}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Aktualizácia Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {9A8C39B0-D27F-4F81-BE74-2FECF164707E}
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {CE23B3DC-18CC-46FC-A309-81D6670F8D3D}
Aktualizácia Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228}
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD}
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}\SETUP.EXE -runfromtemp -l0x0409
Antivirový systém NOD32-->C:\Program Files (x86)\Eset\Setup\setup.exe /UNINSTALL
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}
ASUS Data Security Manager-->MsiExec.exe /X{FA2092C5-7979-412D-A962-6485274AE1EE}
ASUS FancyStart-->MsiExec.exe /I{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Client Installation Program-->C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Generic Function Service-->C:\Program Files (x86)\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
ETDWare PS/2-x64 7.0.5.7_WHQL-->C:\Program Files\Elantech\ETDUninst.exe
Fast Boot-->MsiExec.exe /I{A16656CE-4B17-4484-A13F-22B9500E5223}
FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
Hamachi 1.0.3.0-->C:\Program Files (x86)\Hamachi\uninstall.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
ICQ6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-040E-1000-0000000FF1CE} /uninstall {B3C14F81-2C4A-400D-9ECE-55A667F8F737}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0415-1000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0418-1000-0000000FF1CE} /uninstall {CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-041B-1000-0000000FF1CE} /uninstall {8AF3A9EB-FBB9-449F-AC11-94CE39930037}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0424-1000-0000000FF1CE} /uninstall {5983F0B6-A661-4378-AEA8-9EB1992D2FB0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040E-0000-0000000FF1CE} /uninstall {B3C14F81-2C4A-400D-9ECE-55A667F8F737}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0418-0000-0000000FF1CE} /uninstall {CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-041B-0000-0000000FF1CE} /uninstall {8AF3A9EB-FBB9-449F-AC11-94CE39930037}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0424-0000-0000000FF1CE} /uninstall {5983F0B6-A661-4378-AEA8-9EB1992D2FB0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0015-040E-0000-0000000FF1CE}
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Access MUI (Romanian) 2007-->MsiExec.exe /X{90120000-0015-0418-0000-0000000FF1CE}
Microsoft Office Access MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0015-041B-0000-0000000FF1CE}
Microsoft Office Access MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-0015-0424-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help-frissítés (KB963678)-->msiexec /package {90120000-0016-040E-0000-0000000FF1CE} /uninstall {76BD9044-91EB-46FC-8CA6-0AA239BB8A93}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0016-040E-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Excel MUI (Romanian) 2007-->MsiExec.exe /X{90120000-0016-0418-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-0016-0424-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-001A-040E-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Romanian) 2007-->MsiExec.exe /X{90120000-001A-0418-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-001A-0424-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669)-->msiexec /package {90120000-0018-040E-0000-0000000FF1CE} /uninstall {6863CE52-1321-482E-B930-B325EE09AEFF}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0018-040E-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Romanian) 2007-->MsiExec.exe /X{90120000-0018-0418-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-0018-0424-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Croatian) 2007-->MsiExec.exe /X{90120000-001F-041A-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proof (Romanian) 2007-->MsiExec.exe /X{90120000-001F-0418-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proof (Slovenian) 2007-->MsiExec.exe /X{90120000-001F-0424-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (Hungarian) 2007-->MsiExec.exe /X{90120000-002C-040E-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Romanian) 2007-->MsiExec.exe /X{90120000-002C-0418-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovenian) 2007-->MsiExec.exe /X{90120000-002C-0424-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040E-0000-0000000FF1CE} /uninstall {573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {E9EA2604-8AC9-47D2-8F4B-6BF60787A357}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0418-0000-0000000FF1CE} /uninstall {6E3398C5-9A81-4054-B474-8B23A60F5048}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041A-0000-0000000FF1CE} /uninstall {C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0424-0000-0000000FF1CE} /uninstall {6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0019-040E-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Romanian) 2007-->MsiExec.exe /X{90120000-0019-0418-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0019-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-0019-0424-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2007-->MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-002A-040E-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Polish) 2007-->MsiExec.exe /X{90120000-002A-0415-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Romanian) 2007-->MsiExec.exe /X{90120000-002A-0418-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Slovak) 2007-->MsiExec.exe /X{90120000-002A-041B-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-002A-0424-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-006E-040E-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Romanian) 2007-->MsiExec.exe /X{90120000-006E-0418-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-006E-0424-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word 2007 Help-frissítés (KB963665)-->msiexec /package {90120000-001B-040E-0000-0000000FF1CE} /uninstall {0E56E23A-EDB8-42C7-A285-7258C5944EB4}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-001B-040E-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Romanian) 2007-->MsiExec.exe /X{90120000-001B-0418-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-001B-0424-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.6.8)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Pomocník pro přihlášení ke službě Windows Live ID-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
Posodobitev za Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0424-0000-0000000FF1CE} /uninstall {FD705E62-13B4-4BF5-A4B2-A7599309751B}
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0424-0000-0000000FF1CE} /uninstall {045DC059-1CCC-47B9-BA35-713E269D33B8}
Posodobitev za Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0424-0000-0000000FF1CE} /uninstall {AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}
RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
SopCast 3.2.9-->C:\Program Files (x86)\SopCast\uninst.exe
SRS Premium Sound Control Panel-->MsiExec.exe /I{D42F84B6-3709-4A50-8502-6719D16AE6C8}
TmNationsForever-->"C:\Program Files (x86)\TmNationsForever\unins000.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}
Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}
Windows Live Fotogalerie-->MsiExec.exe /X{A13DE9CB-8C84-4889-B114-C5A9661F844E}
Windows Live Mail-->MsiExec.exe /I{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}
Windows Live Messenger-->MsiExec.exe /X{20D0CDB1-5F03-4A5D-86EB-7C218053B157}
Windows Live Sync-->MsiExec.exe /X{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}
Windows Live Toolbar-->MsiExec.exe /X{CF22161D-0E1B-489E-BBC8-684055836FE9}
Windows Live Writer-->MsiExec.exe /X{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}
Windows Live Zabezpečení rodiny-->MsiExec.exe /X{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
WinZip 14.5-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
======System event log======
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Prohledávání počítačů byl změněn na: Spuštěno
Record Number: 106664
Source Name: Service Control Manager
Time Written: 20100724153112.718400-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Windows Search byl změněn na: Spuštěno
Record Number: 106663
Source Name: Service Control Manager
Time Written: 20100724153112.338400-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Spuštěno
Record Number: 106662
Source Name: Service Control Manager
Time Written: 20100724153111.083400-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Brána aplikační vrstvy byl změněn na: Spuštěno
Record Number: 106661
Source Name: Service Control Manager
Time Written: 20100724153109.813400-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Služba Výčet přenosných zařízení byl změněn na: Spuštěno
Record Number: 106660
Source Name: Service Control Manager
Time Written: 20100724153109.790400-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: Lenka-PC
Event Code: 1001
Message: Chybný blok , typ 0
Název události: APPCRASH
Reakce: Není k dispozici
ID souboru CAB: 0
Podpis problému:
P1: nod32krn.exe
P2: 2.70.39.0
P3: 46440be6
P4: nod32krn.exe
P5: 2.70.39.0
P6: 46440be6
P7: c0000005
P8: 0002a996
P9:
P10:
Připojené soubory:
C:\Windows\Temp\WER45C9.tmp.appcompat.txt
C:\Windows\Temp\WER4740.tmp.WERInternalMetadata.xml
C:\Windows\Temp\WER4741.tmp.hdmp
C:\Windows\Temp\WER4906.tmp.mdmp
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_cab_0bfe49bf
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 9e9bad18-a880-11df-8fa1-9aaf2d390cde
Stav hlášení: 4
Record Number: 117993
Source Name: Windows Error Reporting
Time Written: 20100815152024.000000-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 1001
Message: Chybný blok 447255607, typ 1
Název události: APPCRASH
Reakce: http://oca.microsoft.com/resredir.aspx? ... =447255607
ID souboru CAB: 0
Podpis problému:
P1: nod32krn.exe
P2: 2.70.39.0
P3: 46440be6
P4: nod32krn.exe
P5: 2.70.39.0
P6: 46440be6
P7: c0000005
P8: 0002a996
P9:
P10:
Připojené soubory:
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_1bde47fa
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 9c1fd7a8-a880-11df-8fa1-9aaf2d390cde
Stav hlášení: 0
Record Number: 117992
Source Name: Windows Error Reporting
Time Written: 20100815152023.000000-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 1000
Message: Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko: 0x46440be6
Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko: 0x46440be6
Kód výjimky: 0xc0000005
Posun chyby: 0x0002a996
ID chybujícího procesu: 0x1544
Čas spuštění chybující aplikace: 0x01cb3c8d606dad98
Cesta k chybující aplikaci: C:\Program Files (x86)\Eset\nod32krn.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Eset\nod32krn.exe
ID zprávy: 9e9bad18-a880-11df-8fa1-9aaf2d390cde
Record Number: 117991
Source Name: Application Error
Time Written: 20100815152022.000000-000
Event Type: Chyba
User:
Computer Name: Lenka-PC
Event Code: 1001
Message: Chybný blok 447255607, typ 1
Název události: APPCRASH
Reakce: http://oca.microsoft.com/resredir.aspx? ... =447255607
ID souboru CAB: 0
Podpis problému:
P1: nod32krn.exe
P2: 2.70.39.0
P3: 46440be6
P4: nod32krn.exe
P5: 2.70.39.0
P6: 46440be6
P7: c0000005
P8: 0002a996
P9:
P10:
Připojené soubory:
C:\Windows\Temp\WER28A8.tmp.appcompat.txt
C:\Windows\Temp\WER2CDD.tmp.WERInternalMetadata.xml
C:\Windows\Temp\WER2D7A.tmp.hdmp
C:\Windows\Temp\WER2EC3.tmp.mdmp
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0cce4175
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 9a3fcd08-a880-11df-8fa1-9aaf2d390cde
Stav hlášení: 0
Record Number: 117990
Source Name: Windows Error Reporting
Time Written: 20100815152022.000000-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 1001
Message: Chybný blok , typ 0
Název události: APPCRASH
Reakce: Není k dispozici
ID souboru CAB: 0
Podpis problému:
P1: nod32krn.exe
P2: 2.70.39.0
P3: 46440be6
P4: nod32krn.exe
P5: 2.70.39.0
P6: 46440be6
P7: c0000005
P8: 0002a996
P9:
P10:
Připojené soubory:
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0e8e40f8
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 9dc01a28-a880-11df-8fa1-9aaf2d390cde
Stav hlášení: 4
Record Number: 117989
Source Name: Windows Error Reporting
Time Written: 20100815152021.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: Lenka-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENKA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1d8
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 9897
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071856.377400-000
Event Type: Úspěšný audit
User:
Computer Name: Lenka-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 3
Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0xdb57f
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x0
Název procesu: -
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 9896
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071728.518400-000
Event Type: Úspěšný audit
User:
Computer Name: Lenka-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 9895
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071728.112800-000
Event Type: Úspěšný audit
User:
Computer Name: Lenka-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENKA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1d8
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 9894
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071728.112800-000
Event Type: Úspěšný audit
User:
Computer Name: Lenka-PC
Event Code: 4634
Message: Účet byl odhlášen.
Předmět:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3f8a4
Typ přihlášení: 3
Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 9893
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071727.847600-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"configsetroot"=%SystemRoot%\ConfigSetRoot
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.08 2010-08-15 21:57:17
======Uninstall list======
2007 Microsoft Office system-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Actualizare Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0418-0000-0000000FF1CE} /uninstall {6195740F-0C89-4CDD-ACAD-67CCE1495348}
Actualizare Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0418-0000-0000000FF1CE} /uninstall {E78703E2-69D3-4204-B101-9D8B7B72585C}
Actualizare Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0418-0000-0000000FF1CE} /uninstall {1531AE8C-8271-4A8C-9ABA-86AE70B0DA82}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Aktualizácia Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {9A8C39B0-D27F-4F81-BE74-2FECF164707E}
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {CE23B3DC-18CC-46FC-A309-81D6670F8D3D}
Aktualizácia Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228}
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD}
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}\SETUP.EXE -runfromtemp -l0x0409
Antivirový systém NOD32-->C:\Program Files (x86)\Eset\Setup\setup.exe /UNINSTALL
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}
ASUS Data Security Manager-->MsiExec.exe /X{FA2092C5-7979-412D-A962-6485274AE1EE}
ASUS FancyStart-->MsiExec.exe /I{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Client Installation Program-->C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Generic Function Service-->C:\Program Files (x86)\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
ETDWare PS/2-x64 7.0.5.7_WHQL-->C:\Program Files\Elantech\ETDUninst.exe
Fast Boot-->MsiExec.exe /I{A16656CE-4B17-4484-A13F-22B9500E5223}
FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
Hamachi 1.0.3.0-->C:\Program Files (x86)\Hamachi\uninstall.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
ICQ6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0418-0000-0000000FF1CE} /uninstall {3DFBDBEE-B82A-47D9-8134-B86A98280A8E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0424-0000-0000000FF1CE} /uninstall {CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-040E-1000-0000000FF1CE} /uninstall {B3C14F81-2C4A-400D-9ECE-55A667F8F737}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0415-1000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0418-1000-0000000FF1CE} /uninstall {CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-041B-1000-0000000FF1CE} /uninstall {8AF3A9EB-FBB9-449F-AC11-94CE39930037}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0424-1000-0000000FF1CE} /uninstall {5983F0B6-A661-4378-AEA8-9EB1992D2FB0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040E-0000-0000000FF1CE} /uninstall {B3C14F81-2C4A-400D-9ECE-55A667F8F737}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0418-0000-0000000FF1CE} /uninstall {CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-041B-0000-0000000FF1CE} /uninstall {8AF3A9EB-FBB9-449F-AC11-94CE39930037}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0424-0000-0000000FF1CE} /uninstall {5983F0B6-A661-4378-AEA8-9EB1992D2FB0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0015-040E-0000-0000000FF1CE}
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Access MUI (Romanian) 2007-->MsiExec.exe /X{90120000-0015-0418-0000-0000000FF1CE}
Microsoft Office Access MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0015-041B-0000-0000000FF1CE}
Microsoft Office Access MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-0015-0424-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help-frissítés (KB963678)-->msiexec /package {90120000-0016-040E-0000-0000000FF1CE} /uninstall {76BD9044-91EB-46FC-8CA6-0AA239BB8A93}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0016-040E-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Excel MUI (Romanian) 2007-->MsiExec.exe /X{90120000-0016-0418-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-0016-0424-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-001A-040E-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Romanian) 2007-->MsiExec.exe /X{90120000-001A-0418-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-001A-0424-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669)-->msiexec /package {90120000-0018-040E-0000-0000000FF1CE} /uninstall {6863CE52-1321-482E-B930-B325EE09AEFF}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0018-040E-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Romanian) 2007-->MsiExec.exe /X{90120000-0018-0418-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-0018-0424-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Croatian) 2007-->MsiExec.exe /X{90120000-001F-041A-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proof (Romanian) 2007-->MsiExec.exe /X{90120000-001F-0418-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proof (Slovenian) 2007-->MsiExec.exe /X{90120000-001F-0424-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (Hungarian) 2007-->MsiExec.exe /X{90120000-002C-040E-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Romanian) 2007-->MsiExec.exe /X{90120000-002C-0418-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovenian) 2007-->MsiExec.exe /X{90120000-002C-0424-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040E-0000-0000000FF1CE} /uninstall {573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {E9EA2604-8AC9-47D2-8F4B-6BF60787A357}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0418-0000-0000000FF1CE} /uninstall {6E3398C5-9A81-4054-B474-8B23A60F5048}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041A-0000-0000000FF1CE} /uninstall {C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0424-0000-0000000FF1CE} /uninstall {6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0019-040E-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Romanian) 2007-->MsiExec.exe /X{90120000-0019-0418-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0019-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-0019-0424-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2007-->MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-002A-040E-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Polish) 2007-->MsiExec.exe /X{90120000-002A-0415-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Romanian) 2007-->MsiExec.exe /X{90120000-002A-0418-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Slovak) 2007-->MsiExec.exe /X{90120000-002A-041B-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-002A-0424-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-006E-040E-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Romanian) 2007-->MsiExec.exe /X{90120000-006E-0418-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-006E-0424-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word 2007 Help-frissítés (KB963665)-->msiexec /package {90120000-001B-040E-0000-0000000FF1CE} /uninstall {0E56E23A-EDB8-42C7-A285-7258C5944EB4}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-001B-040E-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Romanian) 2007-->MsiExec.exe /X{90120000-001B-0418-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovenian) 2007-->MsiExec.exe /X{90120000-001B-0424-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.6.8)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Pomocník pro přihlášení ke službě Windows Live ID-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
Posodobitev za Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0424-0000-0000000FF1CE} /uninstall {FD705E62-13B4-4BF5-A4B2-A7599309751B}
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0424-0000-0000000FF1CE} /uninstall {045DC059-1CCC-47B9-BA35-713E269D33B8}
Posodobitev za Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0424-0000-0000000FF1CE} /uninstall {AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}
RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
SopCast 3.2.9-->C:\Program Files (x86)\SopCast\uninst.exe
SRS Premium Sound Control Panel-->MsiExec.exe /I{D42F84B6-3709-4A50-8502-6719D16AE6C8}
TmNationsForever-->"C:\Program Files (x86)\TmNationsForever\unins000.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}
Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}
Windows Live Fotogalerie-->MsiExec.exe /X{A13DE9CB-8C84-4889-B114-C5A9661F844E}
Windows Live Mail-->MsiExec.exe /I{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}
Windows Live Messenger-->MsiExec.exe /X{20D0CDB1-5F03-4A5D-86EB-7C218053B157}
Windows Live Sync-->MsiExec.exe /X{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}
Windows Live Toolbar-->MsiExec.exe /X{CF22161D-0E1B-489E-BBC8-684055836FE9}
Windows Live Writer-->MsiExec.exe /X{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}
Windows Live Zabezpečení rodiny-->MsiExec.exe /X{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
WinZip 14.5-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
======System event log======
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Prohledávání počítačů byl změněn na: Spuštěno
Record Number: 106664
Source Name: Service Control Manager
Time Written: 20100724153112.718400-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Windows Search byl změněn na: Spuštěno
Record Number: 106663
Source Name: Service Control Manager
Time Written: 20100724153112.338400-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Spuštěno
Record Number: 106662
Source Name: Service Control Manager
Time Written: 20100724153111.083400-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Brána aplikační vrstvy byl změněn na: Spuštěno
Record Number: 106661
Source Name: Service Control Manager
Time Written: 20100724153109.813400-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 7036
Message: Stav služby Služba Výčet přenosných zařízení byl změněn na: Spuštěno
Record Number: 106660
Source Name: Service Control Manager
Time Written: 20100724153109.790400-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: Lenka-PC
Event Code: 1001
Message: Chybný blok , typ 0
Název události: APPCRASH
Reakce: Není k dispozici
ID souboru CAB: 0
Podpis problému:
P1: nod32krn.exe
P2: 2.70.39.0
P3: 46440be6
P4: nod32krn.exe
P5: 2.70.39.0
P6: 46440be6
P7: c0000005
P8: 0002a996
P9:
P10:
Připojené soubory:
C:\Windows\Temp\WER45C9.tmp.appcompat.txt
C:\Windows\Temp\WER4740.tmp.WERInternalMetadata.xml
C:\Windows\Temp\WER4741.tmp.hdmp
C:\Windows\Temp\WER4906.tmp.mdmp
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_cab_0bfe49bf
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 9e9bad18-a880-11df-8fa1-9aaf2d390cde
Stav hlášení: 4
Record Number: 117993
Source Name: Windows Error Reporting
Time Written: 20100815152024.000000-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 1001
Message: Chybný blok 447255607, typ 1
Název události: APPCRASH
Reakce: http://oca.microsoft.com/resredir.aspx? ... =447255607
ID souboru CAB: 0
Podpis problému:
P1: nod32krn.exe
P2: 2.70.39.0
P3: 46440be6
P4: nod32krn.exe
P5: 2.70.39.0
P6: 46440be6
P7: c0000005
P8: 0002a996
P9:
P10:
Připojené soubory:
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_1bde47fa
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 9c1fd7a8-a880-11df-8fa1-9aaf2d390cde
Stav hlášení: 0
Record Number: 117992
Source Name: Windows Error Reporting
Time Written: 20100815152023.000000-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 1000
Message: Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko: 0x46440be6
Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko: 0x46440be6
Kód výjimky: 0xc0000005
Posun chyby: 0x0002a996
ID chybujícího procesu: 0x1544
Čas spuštění chybující aplikace: 0x01cb3c8d606dad98
Cesta k chybující aplikaci: C:\Program Files (x86)\Eset\nod32krn.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Eset\nod32krn.exe
ID zprávy: 9e9bad18-a880-11df-8fa1-9aaf2d390cde
Record Number: 117991
Source Name: Application Error
Time Written: 20100815152022.000000-000
Event Type: Chyba
User:
Computer Name: Lenka-PC
Event Code: 1001
Message: Chybný blok 447255607, typ 1
Název události: APPCRASH
Reakce: http://oca.microsoft.com/resredir.aspx? ... =447255607
ID souboru CAB: 0
Podpis problému:
P1: nod32krn.exe
P2: 2.70.39.0
P3: 46440be6
P4: nod32krn.exe
P5: 2.70.39.0
P6: 46440be6
P7: c0000005
P8: 0002a996
P9:
P10:
Připojené soubory:
C:\Windows\Temp\WER28A8.tmp.appcompat.txt
C:\Windows\Temp\WER2CDD.tmp.WERInternalMetadata.xml
C:\Windows\Temp\WER2D7A.tmp.hdmp
C:\Windows\Temp\WER2EC3.tmp.mdmp
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0cce4175
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 9a3fcd08-a880-11df-8fa1-9aaf2d390cde
Stav hlášení: 0
Record Number: 117990
Source Name: Windows Error Reporting
Time Written: 20100815152022.000000-000
Event Type: Informace
User:
Computer Name: Lenka-PC
Event Code: 1001
Message: Chybný blok , typ 0
Název události: APPCRASH
Reakce: Není k dispozici
ID souboru CAB: 0
Podpis problému:
P1: nod32krn.exe
P2: 2.70.39.0
P3: 46440be6
P4: nod32krn.exe
P5: 2.70.39.0
P6: 46440be6
P7: c0000005
P8: 0002a996
P9:
P10:
Připojené soubory:
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0e8e40f8
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 9dc01a28-a880-11df-8fa1-9aaf2d390cde
Stav hlášení: 4
Record Number: 117989
Source Name: Windows Error Reporting
Time Written: 20100815152021.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: Lenka-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENKA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1d8
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 9897
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071856.377400-000
Event Type: Úspěšný audit
User:
Computer Name: Lenka-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 3
Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0xdb57f
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x0
Název procesu: -
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 9896
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071728.518400-000
Event Type: Úspěšný audit
User:
Computer Name: Lenka-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 9895
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071728.112800-000
Event Type: Úspěšný audit
User:
Computer Name: Lenka-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENKA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1d8
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 9894
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071728.112800-000
Event Type: Úspěšný audit
User:
Computer Name: Lenka-PC
Event Code: 4634
Message: Účet byl odhlášen.
Předmět:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3f8a4
Typ přihlášení: 3
Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 9893
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100516071727.847600-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"configsetroot"=%SystemRoot%\ConfigSetRoot
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: rundll32 a svchost.exe
Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy. Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT - Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: rundll32 a svchost.exe
Zdravím, zde jsou výpisy
OTL logfile created on: 8/16/2010 12:48:34 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Lenka\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 51.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 189.46 Gb Free Space | 81.35% Space Free | Partition Type: NTFS
Drive D: | 218.23 Gb Total Space | 150.03 Gb Free Space | 68.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENKA-PC
Current User Name: Lenka
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/08/16 10:53:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
PRC - [2010/08/09 20:58:13 | 000,103,736 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010/08/09 20:57:51 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/08/05 20:19:01 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/08/02 09:09:34 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/08/02 09:09:32 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/11/16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ6.5\ICQ.exe
PRC - [2009/10/10 02:44:50 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/07/24 19:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/24 02:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/23 02:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/07 20:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/19 00:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/24 06:24:44 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/04/20 20:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/04/02 06:05:34 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 05:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/08/14 05:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/08/14 01:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008/07/19 04:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
========== Modules (SafeList) ==========
MOD - [2010/08/16 10:53:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/08/09 20:58:13 | 000,103,736 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/08/09 20:57:51 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/02/04 02:37:25 | 000,552,064 | ---- | M] (Eset ) [Auto | Start_Pending] -- C:\Program Files (x86)\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2009/07/24 02:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/08 18:01:58 | 000,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/10/25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/08/14 05:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/08/11 18:31:27 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010/08/11 17:12:51 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/02/04 02:37:26 | 000,146,704 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\amon.sys -- (AMON)
DRV:64bit: - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 05:11:41 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 12:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/22 16:52:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/12/08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 20:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.1
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/15 22:35:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/05 20:19:37 | 000,000,000 | ---D | M]
[2010/03/07 13:18:02 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Mozilla\Extensions
[2010/08/16 10:51:52 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\extensions
[2010/03/11 10:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010/08/04 20:41:30 | 000,002,253 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\askcom.xml
[2010/08/11 20:10:18 | 000,002,059 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\daemon-search.xml
[2010/08/11 03:07:19 | 000,000,950 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\icqplugin-1.xml
[2010/04/23 18:36:03 | 000,000,950 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\icqplugin-2.xml
[2010/08/04 20:41:28 | 000,000,950 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\icqplugin-3.xml
[2010/04/07 19:00:57 | 000,000,947 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\icqplugin.xml
[2010/03/07 13:17:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/02 09:09:36 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/08/02 09:09:36 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/08/02 09:09:36 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/08/02 09:09:36 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/08/02 09:09:36 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [nod32kui] C:\Program Files (x86)\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysNative\imon.dll (Eset )
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysWow64\imon.dll (Eset )
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/08/16 10:53:48 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
[2010/08/15 21:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/08/15 21:56:48 | 000,000,000 | ---D | C] -- C:\rsit
[2010/08/13 01:00:08 | 000,000,000 | ---D | C] -- C:\8160ab28f9654b4f5ea0
[2010/08/12 10:49:13 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/12 10:49:10 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/08/12 10:49:09 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/08/12 10:49:02 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/12 10:49:02 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/12 10:49:01 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/12 10:49:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/12 10:49:01 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/12 10:49:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/12 10:48:57 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/08/12 10:48:57 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/12 10:48:57 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/08/11 20:45:11 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Documents\FIFA 10
[2010/08/11 20:31:32 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\Leadertech
[2010/08/11 20:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Sports
[2010/08/11 20:21:38 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010/08/11 20:21:38 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010/08/11 20:21:38 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010/08/11 20:10:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2010/08/11 20:10:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/08/11 20:03:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QS
[2010/08/11 20:03:08 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\TeamViewer
[2010/08/11 18:45:15 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\WinZip
[2010/08/11 18:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2010/08/11 18:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip
[2010/08/11 18:33:35 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\Hamachi
[2010/08/11 18:31:27 | 000,033,344 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2010/08/11 18:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hamachi
[2010/08/11 17:11:56 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\DAEMON Tools Lite
[2010/08/11 17:11:53 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/08/11 16:31:29 | 000,000,000 | ---D | C] -- C:\Users\Lenka\temp
[2010/08/11 01:33:27 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Documents\TmForever
[2010/08/10 22:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2010/08/10 22:33:40 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Documents\TrackMania
[2010/08/10 22:30:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TmNationsForever
[2010/08/09 21:01:01 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010/08/09 21:01:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010/08/09 21:01:01 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010/08/09 21:01:01 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010/08/09 21:01:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010/08/09 21:01:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010/08/09 21:01:01 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010/08/09 21:01:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010/08/09 21:01:01 | 000,021,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_2.dll
[2010/08/09 21:01:01 | 000,018,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_2.dll
[2010/08/09 21:01:00 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010/08/09 21:01:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010/08/09 21:01:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010/08/09 21:01:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010/08/09 21:01:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010/08/09 21:01:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010/08/09 21:01:00 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010/08/09 21:01:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010/08/09 21:00:59 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010/08/09 21:00:59 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010/08/09 21:00:59 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010/08/09 21:00:59 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010/08/09 21:00:58 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010/08/09 21:00:58 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010/08/09 21:00:58 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010/08/09 21:00:58 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010/08/09 21:00:56 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010/08/09 21:00:56 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010/08/09 21:00:56 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010/08/09 21:00:56 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010/08/09 21:00:55 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010/08/09 21:00:55 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010/08/09 21:00:55 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010/08/09 21:00:55 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010/08/09 21:00:55 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010/08/09 21:00:55 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010/08/09 21:00:54 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010/08/09 21:00:54 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010/08/09 21:00:54 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010/08/09 21:00:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010/08/09 21:00:54 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010/08/09 21:00:54 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010/08/09 21:00:49 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010/08/09 21:00:49 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010/08/09 21:00:48 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010/08/09 21:00:48 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010/08/09 21:00:48 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010/08/09 21:00:48 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010/08/09 21:00:48 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010/08/09 21:00:48 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010/08/09 21:00:47 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010/08/09 21:00:47 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010/08/09 21:00:47 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010/08/09 21:00:47 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010/08/09 21:00:47 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010/08/09 21:00:47 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010/08/09 21:00:46 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010/08/09 21:00:46 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010/08/09 21:00:46 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010/08/09 21:00:46 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010/08/09 20:28:56 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/08/05 20:19:26 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2010/08/05 20:19:21 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2010/08/05 20:19:21 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2010/08/05 20:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2010/08/05 20:19:02 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010/08/05 20:19:02 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010/08/05 20:19:02 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010/08/05 20:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/08/05 20:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Real
[2010/08/05 20:18:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2010/08/05 20:17:54 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\Real
[2010/08/04 20:40:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2010/08/04 20:36:43 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\WinRAR
[2010/08/04 20:36:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2010/07/31 19:28:22 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Documents\ICQ
[2010/07/30 13:31:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6.5
[1 C:\Users\Lenka\Desktop\*.tmp files -> C:\Users\Lenka\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/08/16 12:51:20 | 002,359,296 | -HS- | M] () -- C:\Users\Lenka\NTUSER.DAT
[2010/08/16 10:53:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
[2010/08/16 09:41:38 | 001,454,258 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/16 09:41:38 | 000,625,914 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/08/16 09:41:38 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/16 09:41:38 | 000,120,000 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/08/16 09:41:38 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/16 09:41:15 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/16 09:41:15 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/16 09:33:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/16 09:33:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/16 09:32:59 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/16 00:52:20 | 065,443,916 | -H-- | M] () -- C:\Users\Lenka\AppData\Local\IconCache.db
[2010/08/13 12:34:04 | 000,414,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/11 18:31:27 | 000,033,344 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2010/08/11 17:12:51 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010/08/11 01:33:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Nadeo.ini
[2010/08/09 20:58:13 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/08/09 20:57:51 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/08/09 20:57:49 | 000,000,331 | ---- | M] () -- C:\Windows\game.ini
[2010/08/05 20:19:26 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2010/08/05 20:19:21 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2010/08/05 20:19:21 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2010/08/05 20:19:02 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010/08/05 20:19:02 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010/08/05 20:19:02 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010/08/05 20:04:28 | 000,001,667 | ---- | M] () -- C:\Users\Lenka\Desktop\Resume Download of RealArcade.lnk
[2010/08/04 20:40:54 | 000,000,997 | ---- | M] () -- C:\Users\Lenka\Desktop\SopCast.lnk
[2010/08/04 20:40:51 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\Scheduled Update for Ask Toolbar.job
[2010/07/30 13:33:22 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010/07/29 08:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[1 C:\Users\Lenka\Desktop\*.tmp files -> C:\Users\Lenka\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/08/11 17:12:51 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010/08/11 01:33:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Nadeo.ini
[2010/08/09 20:58:07 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/08/09 20:57:51 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/08/09 20:57:49 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010/08/05 20:02:08 | 000,001,667 | ---- | C] () -- C:\Users\Lenka\Desktop\Resume Download of RealArcade.lnk
[2010/08/04 20:40:54 | 000,000,997 | ---- | C] () -- C:\Users\Lenka\Desktop\SopCast.lnk
[2010/08/04 20:40:51 | 000,000,250 | ---- | C] () -- C:\Windows\tasks\Scheduled Update for Ask Toolbar.job
[2010/07/30 13:33:22 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010/03/14 21:08:05 | 003,064,794 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/03/06 15:22:40 | 000,007,168 | ---- | C] () -- C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/10 02:48:05 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/10/10 02:30:53 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/10/10 02:30:33 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009/08/19 10:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2010/08/11 20:44:33 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\DAEMON Tools Lite
[2010/04/11 14:58:11 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\GHISLER
[2010/08/16 09:33:55 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\ICQ
[2010/08/11 20:31:32 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Leadertech
[2010/08/11 20:03:08 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\TeamViewer
[2010/08/13 12:34:23 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/04 20:40:51 | 000,000,250 | ---- | M] () -- C:\Windows\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"msnmsgr" = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background -- [2008/12/02 23:39:00 | 003,882,312 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent -- [2009/11/16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010/02/26 07:42:39 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Adobe
[2010/08/11 20:44:33 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\DAEMON Tools Lite
[2010/04/11 14:58:11 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\GHISLER
[2010/08/15 21:42:11 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Hamachi
[2010/08/16 09:33:55 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\ICQ
[2010/02/04 02:29:00 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Identities
[2010/08/11 20:31:32 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Leadertech
[2010/02/04 02:22:39 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Macromedia
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Media Center Programs
[2010/07/01 15:15:33 | 000,000,000 | --SD | M] -- C:\Users\Lenka\AppData\Roaming\Microsoft
[2010/03/07 13:18:02 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Mozilla
[2010/08/05 20:21:44 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Real
[2010/08/11 20:03:08 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\TeamViewer
[2010/08/04 20:36:43 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
...
OTL logfile created on: 8/16/2010 12:48:34 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Lenka\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 51.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 189.46 Gb Free Space | 81.35% Space Free | Partition Type: NTFS
Drive D: | 218.23 Gb Total Space | 150.03 Gb Free Space | 68.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENKA-PC
Current User Name: Lenka
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/08/16 10:53:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
PRC - [2010/08/09 20:58:13 | 000,103,736 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010/08/09 20:57:51 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/08/05 20:19:01 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/08/02 09:09:34 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/08/02 09:09:32 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/11/16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ6.5\ICQ.exe
PRC - [2009/10/10 02:44:50 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/07/24 19:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/24 02:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/23 02:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/07 20:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/19 00:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/24 06:24:44 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/04/20 20:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/04/02 06:05:34 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 05:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/08/14 05:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/08/14 01:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008/07/19 04:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
========== Modules (SafeList) ==========
MOD - [2010/08/16 10:53:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/08/09 20:58:13 | 000,103,736 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/08/09 20:57:51 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/02/04 02:37:25 | 000,552,064 | ---- | M] (Eset ) [Auto | Start_Pending] -- C:\Program Files (x86)\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2009/07/24 02:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/08 18:01:58 | 000,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/10/25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/08/14 05:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/08/11 18:31:27 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010/08/11 17:12:51 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/02/04 02:37:26 | 000,146,704 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\amon.sys -- (AMON)
DRV:64bit: - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 05:11:41 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 12:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/22 16:52:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/12/08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 20:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.1
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/15 22:35:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/05 20:19:37 | 000,000,000 | ---D | M]
[2010/03/07 13:18:02 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Mozilla\Extensions
[2010/08/16 10:51:52 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\extensions
[2010/03/11 10:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010/08/04 20:41:30 | 000,002,253 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\askcom.xml
[2010/08/11 20:10:18 | 000,002,059 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\daemon-search.xml
[2010/08/11 03:07:19 | 000,000,950 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\icqplugin-1.xml
[2010/04/23 18:36:03 | 000,000,950 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\icqplugin-2.xml
[2010/08/04 20:41:28 | 000,000,950 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\icqplugin-3.xml
[2010/04/07 19:00:57 | 000,000,947 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bak8qmoj.default\searchplugins\icqplugin.xml
[2010/03/07 13:17:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/02 09:09:36 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/08/02 09:09:36 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/08/02 09:09:36 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/08/02 09:09:36 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/08/02 09:09:36 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [nod32kui] C:\Program Files (x86)\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\imon.dll (Eset )
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysNative\imon.dll (Eset )
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysWow64\imon.dll (Eset )
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/08/16 10:53:48 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
[2010/08/15 21:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/08/15 21:56:48 | 000,000,000 | ---D | C] -- C:\rsit
[2010/08/13 01:00:08 | 000,000,000 | ---D | C] -- C:\8160ab28f9654b4f5ea0
[2010/08/12 10:49:13 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/12 10:49:10 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/08/12 10:49:09 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/08/12 10:49:02 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/12 10:49:02 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/12 10:49:01 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/12 10:49:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/12 10:49:01 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/12 10:49:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/12 10:48:57 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/08/12 10:48:57 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/12 10:48:57 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/08/11 20:45:11 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Documents\FIFA 10
[2010/08/11 20:31:32 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\Leadertech
[2010/08/11 20:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Sports
[2010/08/11 20:21:38 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010/08/11 20:21:38 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010/08/11 20:21:38 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010/08/11 20:10:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2010/08/11 20:10:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/08/11 20:03:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QS
[2010/08/11 20:03:08 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\TeamViewer
[2010/08/11 18:45:15 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\WinZip
[2010/08/11 18:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2010/08/11 18:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip
[2010/08/11 18:33:35 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\Hamachi
[2010/08/11 18:31:27 | 000,033,344 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2010/08/11 18:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hamachi
[2010/08/11 17:11:56 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\DAEMON Tools Lite
[2010/08/11 17:11:53 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/08/11 16:31:29 | 000,000,000 | ---D | C] -- C:\Users\Lenka\temp
[2010/08/11 01:33:27 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Documents\TmForever
[2010/08/10 22:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2010/08/10 22:33:40 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Documents\TrackMania
[2010/08/10 22:30:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TmNationsForever
[2010/08/09 21:01:01 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010/08/09 21:01:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010/08/09 21:01:01 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010/08/09 21:01:01 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010/08/09 21:01:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010/08/09 21:01:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010/08/09 21:01:01 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010/08/09 21:01:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010/08/09 21:01:01 | 000,021,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_2.dll
[2010/08/09 21:01:01 | 000,018,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_2.dll
[2010/08/09 21:01:00 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010/08/09 21:01:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010/08/09 21:01:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010/08/09 21:01:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010/08/09 21:01:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010/08/09 21:01:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010/08/09 21:01:00 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010/08/09 21:01:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010/08/09 21:00:59 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010/08/09 21:00:59 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010/08/09 21:00:59 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010/08/09 21:00:59 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010/08/09 21:00:58 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010/08/09 21:00:58 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010/08/09 21:00:58 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010/08/09 21:00:58 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010/08/09 21:00:56 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010/08/09 21:00:56 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010/08/09 21:00:56 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010/08/09 21:00:56 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010/08/09 21:00:55 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010/08/09 21:00:55 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010/08/09 21:00:55 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010/08/09 21:00:55 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010/08/09 21:00:55 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010/08/09 21:00:55 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010/08/09 21:00:54 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010/08/09 21:00:54 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010/08/09 21:00:54 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010/08/09 21:00:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010/08/09 21:00:54 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010/08/09 21:00:54 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010/08/09 21:00:49 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010/08/09 21:00:49 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010/08/09 21:00:48 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010/08/09 21:00:48 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010/08/09 21:00:48 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010/08/09 21:00:48 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010/08/09 21:00:48 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010/08/09 21:00:48 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010/08/09 21:00:47 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010/08/09 21:00:47 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010/08/09 21:00:47 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010/08/09 21:00:47 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010/08/09 21:00:47 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010/08/09 21:00:47 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010/08/09 21:00:46 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010/08/09 21:00:46 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010/08/09 21:00:46 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010/08/09 21:00:46 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010/08/09 20:28:56 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/08/05 20:19:26 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2010/08/05 20:19:21 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2010/08/05 20:19:21 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2010/08/05 20:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2010/08/05 20:19:02 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010/08/05 20:19:02 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010/08/05 20:19:02 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010/08/05 20:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/08/05 20:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Real
[2010/08/05 20:18:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2010/08/05 20:17:54 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\Real
[2010/08/04 20:40:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2010/08/04 20:36:43 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\WinRAR
[2010/08/04 20:36:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2010/07/31 19:28:22 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Documents\ICQ
[2010/07/30 13:31:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6.5
[1 C:\Users\Lenka\Desktop\*.tmp files -> C:\Users\Lenka\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/08/16 12:51:20 | 002,359,296 | -HS- | M] () -- C:\Users\Lenka\NTUSER.DAT
[2010/08/16 10:53:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
[2010/08/16 09:41:38 | 001,454,258 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/16 09:41:38 | 000,625,914 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/08/16 09:41:38 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/16 09:41:38 | 000,120,000 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/08/16 09:41:38 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/16 09:41:15 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/16 09:41:15 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/16 09:33:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/16 09:33:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/16 09:32:59 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/16 00:52:20 | 065,443,916 | -H-- | M] () -- C:\Users\Lenka\AppData\Local\IconCache.db
[2010/08/13 12:34:04 | 000,414,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/11 18:31:27 | 000,033,344 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2010/08/11 17:12:51 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010/08/11 01:33:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Nadeo.ini
[2010/08/09 20:58:13 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/08/09 20:57:51 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/08/09 20:57:49 | 000,000,331 | ---- | M] () -- C:\Windows\game.ini
[2010/08/05 20:19:26 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2010/08/05 20:19:21 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2010/08/05 20:19:21 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2010/08/05 20:19:02 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010/08/05 20:19:02 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010/08/05 20:19:02 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010/08/05 20:04:28 | 000,001,667 | ---- | M] () -- C:\Users\Lenka\Desktop\Resume Download of RealArcade.lnk
[2010/08/04 20:40:54 | 000,000,997 | ---- | M] () -- C:\Users\Lenka\Desktop\SopCast.lnk
[2010/08/04 20:40:51 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\Scheduled Update for Ask Toolbar.job
[2010/07/30 13:33:22 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010/07/29 08:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[1 C:\Users\Lenka\Desktop\*.tmp files -> C:\Users\Lenka\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/08/11 17:12:51 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010/08/11 01:33:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Nadeo.ini
[2010/08/09 20:58:07 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/08/09 20:57:51 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/08/09 20:57:49 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010/08/05 20:02:08 | 000,001,667 | ---- | C] () -- C:\Users\Lenka\Desktop\Resume Download of RealArcade.lnk
[2010/08/04 20:40:54 | 000,000,997 | ---- | C] () -- C:\Users\Lenka\Desktop\SopCast.lnk
[2010/08/04 20:40:51 | 000,000,250 | ---- | C] () -- C:\Windows\tasks\Scheduled Update for Ask Toolbar.job
[2010/07/30 13:33:22 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010/03/14 21:08:05 | 003,064,794 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/03/06 15:22:40 | 000,007,168 | ---- | C] () -- C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/10 02:48:05 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/10/10 02:30:53 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/10/10 02:30:33 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009/08/19 10:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2010/08/11 20:44:33 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\DAEMON Tools Lite
[2010/04/11 14:58:11 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\GHISLER
[2010/08/16 09:33:55 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\ICQ
[2010/08/11 20:31:32 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Leadertech
[2010/08/11 20:03:08 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\TeamViewer
[2010/08/13 12:34:23 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/04 20:40:51 | 000,000,250 | ---- | M] () -- C:\Windows\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"msnmsgr" = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background -- [2008/12/02 23:39:00 | 003,882,312 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent -- [2009/11/16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010/02/26 07:42:39 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Adobe
[2010/08/11 20:44:33 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\DAEMON Tools Lite
[2010/04/11 14:58:11 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\GHISLER
[2010/08/15 21:42:11 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Hamachi
[2010/08/16 09:33:55 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\ICQ
[2010/02/04 02:29:00 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Identities
[2010/08/11 20:31:32 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Leadertech
[2010/02/04 02:22:39 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Macromedia
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Media Center Programs
[2010/07/01 15:15:33 | 000,000,000 | --SD | M] -- C:\Users\Lenka\AppData\Roaming\Microsoft
[2010/03/07 13:18:02 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Mozilla
[2010/08/05 20:21:44 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Real
[2010/08/11 20:03:08 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\TeamViewer
[2010/08/04 20:36:43 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
...
Re: rundll32 a svchost.exe
... pokračování :
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009/07/14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTORV.SYS >
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
< MD5 for: NDIS.SYS >
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010/06/14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010/06/14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2010/03/08 23:33:56 | 000,427,520 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\vbscript.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2010/03/08 23:33:56 | 000,427,520 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\vbscript.dll
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< End of report >
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009/07/14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTORV.SYS >
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
< MD5 for: NDIS.SYS >
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010/06/14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010/06/14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2010/03/08 23:33:56 | 000,427,520 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\vbscript.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2010/03/08 23:33:56 | 000,427,520 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\vbscript.dll
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< End of report >
Re: rundll32 a svchost.exe
a zde je Extras :
OTL Extras logfile created on: 8/16/2010 12:48:34 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Lenka\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 51.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 189.46 Gb Free Space | 81.35% Space Free | Partition Type: NTFS
Drive D: | 218.23 Gb Total Space | 150.03 Gb Free Space | 68.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENKA-PC
Current User Name: Lenka
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hungarian) 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90120000-002A-0418-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Romanian) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120000-002A-0424-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovenian) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Pomocník pro přihlášení ke službě Windows Live ID
"{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}" = Windows Live Zabezpečení rodiny
"{D42F84B6-3709-4A50-8502-6719D16AE6C8}" = SRS Premium Sound Control Panel
"Elantech" = ETDWare PS/2-x64 7.0.5.7_WHQL
"NVIDIA Drivers" = NVIDIA Drivers
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}" = Windows Live Essentials
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2007
"{90120000-0015-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2007
"{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2007
"{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2007
"{90120000-0019-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2007
"{90120000-001A-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2007
"{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{6E3398C5-9A81-4054-B474-8B23A60F5048}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROHYBRIDR_{C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROHYBRIDR_{6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040E-1000-0000000FF1CE}_PROHYBRIDR_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0415-1000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0418-1000-0000000FF1CE}_PROHYBRIDR_{CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-041B-1000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0424-1000-0000000FF1CE}_PROHYBRIDR_{5983F0B6-A661-4378-AEA8-9EB1992D2FB0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_PROHYBRIDR_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2007
"{90120000-006E-0424-0000-0000000FF1CE}_PROHYBRIDR_{5983F0B6-A661-4378-AEA8-9EB1992D2FB0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A13DE9CB-8C84-4889-B114-C5A9661F844E}" = Windows Live Fotogalerie
"{A16656CE-4B17-4484-A13F-22B9500E5223}" = Fast Boot
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CF22161D-0E1B-489E-BBC8-684055836FE9}" = Windows Live Toolbar
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Hamachi" = Hamachi 1.0.3.0
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NOD32" = Antivirový systém NOD32
"PROHYBRIDR" = 2007 Microsoft Office system
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.2.9
"TmNationsForever_is1" = TmNationsForever
"Totalcmd" = Total Commander (Remove or Repair)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/16/2010 7:31:26 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x16d4 Čas spuštění chybující aplikace: 0x01cb3d368f558d20 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: cd790550-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:28 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x1448 Čas spuštění chybující aplikace: 0x01cb3d36906612c0 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: cebdba50-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:33 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x11e8 Čas spuštění chybující aplikace: 0x01cb3d3692f2b110 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d1b353a0-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:37 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x20d0 Čas spuštění chybující aplikace: 0x01cb3d3696486bc0 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d46442d0-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:39 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x980 Čas spuštění chybující aplikace: 0x01cb3d369795fa60 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d59f81f0-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:41 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x1fa0 Čas spuštění chybující aplikace: 0x01cb3d36985d6910 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d6997250-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:44 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x1f8c Čas spuštění chybující aplikace: 0x01cb3d3699fbafc0 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d87e8600-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:47 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x16ec Čas spuštění chybující aplikace: 0x01cb3d369b9f2690 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: da04fef0-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:58 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x218c Čas spuštění chybující aplikace: 0x01cb3d36a27e0800 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: e08d8300-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:59 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x510 Čas spuštění chybující aplikace: 0x01cb3d36a35d6b80 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: e19c33e0-a929-11df-9db3-ddb786f65fdd
[ OSession Events ]
Error - 5/9/2010 4:07:24 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1218
seconds with 1200 seconds of active time. This session ended with a crash.
Error - 8/1/2010 10:51:01 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/1/2010 11:49:36 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/4/2010 6:35:15 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/4/2010 6:37:50 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/4/2010 10:56:40 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/8/2010 2:57:12 PM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/8/2010 4:48:04 PM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/10/2010 3:07:16 PM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 8/16/2010 7:40:41 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7176
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:44 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7177
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:47 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7178
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:49 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7179
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:50 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7180
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:53 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7181
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:56 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7182
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:59 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7183
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:41:00 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7184
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:41:06 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7185
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
< End of report >
OTL Extras logfile created on: 8/16/2010 12:48:34 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Lenka\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 51.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 189.46 Gb Free Space | 81.35% Space Free | Partition Type: NTFS
Drive D: | 218.23 Gb Total Space | 150.03 Gb Free Space | 68.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENKA-PC
Current User Name: Lenka
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hungarian) 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90120000-002A-0418-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Romanian) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120000-002A-0424-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovenian) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Pomocník pro přihlášení ke službě Windows Live ID
"{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}" = Windows Live Zabezpečení rodiny
"{D42F84B6-3709-4A50-8502-6719D16AE6C8}" = SRS Premium Sound Control Panel
"Elantech" = ETDWare PS/2-x64 7.0.5.7_WHQL
"NVIDIA Drivers" = NVIDIA Drivers
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}" = Windows Live Essentials
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2007
"{90120000-0015-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2007
"{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2007
"{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2007
"{90120000-0019-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2007
"{90120000-001A-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2007
"{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{6E3398C5-9A81-4054-B474-8B23A60F5048}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROHYBRIDR_{C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROHYBRIDR_{6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040E-1000-0000000FF1CE}_PROHYBRIDR_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0415-1000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0418-1000-0000000FF1CE}_PROHYBRIDR_{CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-041B-1000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0424-1000-0000000FF1CE}_PROHYBRIDR_{5983F0B6-A661-4378-AEA8-9EB1992D2FB0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_PROHYBRIDR_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2007
"{90120000-006E-0424-0000-0000000FF1CE}_PROHYBRIDR_{5983F0B6-A661-4378-AEA8-9EB1992D2FB0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A13DE9CB-8C84-4889-B114-C5A9661F844E}" = Windows Live Fotogalerie
"{A16656CE-4B17-4484-A13F-22B9500E5223}" = Fast Boot
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CF22161D-0E1B-489E-BBC8-684055836FE9}" = Windows Live Toolbar
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Hamachi" = Hamachi 1.0.3.0
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NOD32" = Antivirový systém NOD32
"PROHYBRIDR" = 2007 Microsoft Office system
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.2.9
"TmNationsForever_is1" = TmNationsForever
"Totalcmd" = Total Commander (Remove or Repair)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/16/2010 7:31:26 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x16d4 Čas spuštění chybující aplikace: 0x01cb3d368f558d20 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: cd790550-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:28 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x1448 Čas spuštění chybující aplikace: 0x01cb3d36906612c0 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: cebdba50-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:33 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x11e8 Čas spuštění chybující aplikace: 0x01cb3d3692f2b110 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d1b353a0-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:37 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x20d0 Čas spuštění chybující aplikace: 0x01cb3d3696486bc0 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d46442d0-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:39 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x980 Čas spuštění chybující aplikace: 0x01cb3d369795fa60 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d59f81f0-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:41 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x1fa0 Čas spuštění chybující aplikace: 0x01cb3d36985d6910 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d6997250-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:44 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x1f8c Čas spuštění chybující aplikace: 0x01cb3d3699fbafc0 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: d87e8600-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:47 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x16ec Čas spuštění chybující aplikace: 0x01cb3d369b9f2690 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: da04fef0-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:58 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x218c Čas spuštění chybující aplikace: 0x01cb3d36a27e0800 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: e08d8300-a929-11df-9db3-ddb786f65fdd
Error - 8/16/2010 7:31:59 AM | Computer Name = Lenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Název chybujícího modulu: nod32krn.exe, verze: 2.70.39.0, časové razítko:
0x46440be6 Kód výjimky: 0xc0000005 Posun chyby: 0x0002a996 ID chybujícího procesu:
0x510 Čas spuštění chybující aplikace: 0x01cb3d36a35d6b80 Cesta k chybující aplikaci:
C:\Program Files (x86)\Eset\nod32krn.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\Eset\nod32krn.exe ID zprávy: e19c33e0-a929-11df-9db3-ddb786f65fdd
[ OSession Events ]
Error - 5/9/2010 4:07:24 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1218
seconds with 1200 seconds of active time. This session ended with a crash.
Error - 8/1/2010 10:51:01 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/1/2010 11:49:36 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/4/2010 6:35:15 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/4/2010 6:37:50 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/4/2010 10:56:40 AM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/8/2010 2:57:12 PM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/8/2010 4:48:04 PM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/10/2010 3:07:16 PM | Computer Name = Lenka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 8/16/2010 7:40:41 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7176
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:44 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7177
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:47 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7178
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:49 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7179
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:50 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7180
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:53 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7181
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:56 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7182
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:40:59 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7183
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:41:00 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7184
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error - 8/16/2010 7:41:06 AM | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 7185
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: rundll32 a svchost.exe
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
:OTL
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\..\URLSearchHook: - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1665229691-2970694427-3909060312-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
[1 C:\Users\Lenka\Desktop\*.tmp files -> C:\Users\Lenka\Desktop\*.tmp -> ]
[2010/08/04 20:40:51 | 000,000,250 | ---- | M] () -- C:\Windows\Tasks\Scheduled Update for Ask Toolbar.jobPodle mého názoru problémy způsobuje NOD32, kontaktujte technickou podporu produktu.
Re: rundll32 a svchost.exe
log je zde :
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 75 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Lenka
->Temp folder emptied: 1323542 bytes
->Temporary Internet Files folder emptied: 9687918 bytes
->FireFox cache emptied: 36296961 bytes
->Flash cache emptied: 19280 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1605750 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 47.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Lenka
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
Restore point Set: OTL Restore Point
========== OTL ==========
Service PnkBstrB stopped successfully!
Service PnkBstrB deleted successfully!
File C:\Windows\SysNative\PnkBstrB.exe not found.
Service PnkBstrA stopped successfully!
Service PnkBstrA deleted successfully!
File C:\Windows\SysNative\PnkBstrA.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1665229691-2970694427-3909060312-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-1665229691-2970694427-3909060312-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Lenka\Desktop\~WRL2295.tmp deleted successfully.
C:\Windows\Tasks\Scheduled Update for Ask Toolbar.job moved successfully.
OTL by OldTimer - Version 3.2.10.0 log created on 08162010_141531
Files\Folders moved on Reboot...
C:\Users\Lenka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\urlclassifier3.sqlite moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\XPC.mfl moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\XUL.mfl moved successfully.
File\Folder C:\Windows\temp\TMP00006FEE502A165629D1A45C not found!
File\Folder C:\Windows\temp\WER9429.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER942A.tmp.resp not found!
File\Folder C:\Windows\temp\WER94C5.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER94C6.tmp.resp not found!
File\Folder C:\Windows\temp\WER9533.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER9534.tmp.resp not found!
File\Folder C:\Windows\temp\WER9551.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER9552.tmp.resp not found!
File\Folder C:\Windows\temp\WER963B.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER99F3.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER99F4.tmp.resp not found!
File\Folder C:\Windows\temp\WER9C82.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WERA355.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WERA356.tmp.resp not found!
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 75 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Lenka
->Temp folder emptied: 1323542 bytes
->Temporary Internet Files folder emptied: 9687918 bytes
->FireFox cache emptied: 36296961 bytes
->Flash cache emptied: 19280 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1605750 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 47.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Lenka
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
Restore point Set: OTL Restore Point
========== OTL ==========
Service PnkBstrB stopped successfully!
Service PnkBstrB deleted successfully!
File C:\Windows\SysNative\PnkBstrB.exe not found.
Service PnkBstrA stopped successfully!
Service PnkBstrA deleted successfully!
File C:\Windows\SysNative\PnkBstrA.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1665229691-2970694427-3909060312-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-1665229691-2970694427-3909060312-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Lenka\Desktop\~WRL2295.tmp deleted successfully.
C:\Windows\Tasks\Scheduled Update for Ask Toolbar.job moved successfully.
OTL by OldTimer - Version 3.2.10.0 log created on 08162010_141531
Files\Folders moved on Reboot...
C:\Users\Lenka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\urlclassifier3.sqlite moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\XPC.mfl moved successfully.
C:\Users\Lenka\AppData\Local\Mozilla\Firefox\Profiles\bak8qmoj.default\XUL.mfl moved successfully.
File\Folder C:\Windows\temp\TMP00006FEE502A165629D1A45C not found!
File\Folder C:\Windows\temp\WER9429.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER942A.tmp.resp not found!
File\Folder C:\Windows\temp\WER94C5.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER94C6.tmp.resp not found!
File\Folder C:\Windows\temp\WER9533.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER9534.tmp.resp not found!
File\Folder C:\Windows\temp\WER9551.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER9552.tmp.resp not found!
File\Folder C:\Windows\temp\WER963B.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER99F3.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WER99F4.tmp.resp not found!
File\Folder C:\Windows\temp\WER9C82.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WERA355.tmp.resp.erc.xml not found!
File\Folder C:\Windows\temp\WERA356.tmp.resp not found!
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: rundll32 a svchost.exe
Odinstalujte všechny emulátory virtuálních mechanik. Stáhněte SPTD http://www.duplexsecure.com/en/downloads
- Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
- zvolte možnost Uninstall a restartujte PC.
Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe
- Klikněte na "Disable" a restartujte PC.
Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe Klikněte pravým tl. myši na soubor "MBR", zvolte "Vlastnosti" - "Kompatibilita" a zaškrtněte položku "Spustit tento program jako správce" - OK" Start > Spustit (Win + R)- Vyskočí okénko, zkopírujte do něj:
Kód: Vybrat vše
"%userprofile%\desktop\mbr" -t- Klikněte na OK
- Vytvoří se log s názvem mbr.log, vložte ho sem.
Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878Re: rundll32 a svchost.exe
zde první log mbr :
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: error reading MBR
a zde log gmer :
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-16 16:06:36
Windows 6.1.7600
Running: gmer.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind ???m?t????????????????????V??m?????????e?????????????a??????????NOD32?????????????????????4??m????????h??????????????????????????m??????????????t????m?????n??????????????????????????????:??m????????h?????system32\drivers\HdAudio.sys?????????m?????????e????Microsoft 1.1 UAA Function Driver for High Definition Audio Service???????b??m?????????e????????????????????@%SystemRoot%\system32\drivers\http.sys,-1??????????????????????????Net??i??system32\DRIVERS\HDAudBus.sys?DAudBus.sys???system32\drivers\HTTP.sys????????9???????????????????????????}?}?t??????????????t?????<??n????????h?????????????Microsoft UAA Bus Driver for High Definition Audio????????.????????????e??????????????????????????????????????????P??m????????h?????\SystemRoot\system32\DRIVERS\HpSAMD.sys?iv???????m??????p???SCSI Miniport?????T??m???????????d??hpsamd.inf_amd64_neutral_f4d0397ad0d9b1cc????m?m?m?m?m?m?m?????????????g????text????????????@%systemroot%\system32\drivers\hwpolicy.sys,-101??????<??m????????h??????????????????????? ??A??????p??????
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route ????AT???????d??Microsoft 6to4 Adapter #173??2??????????????????????CP????????????????????N??????????????????????????4?????s91??????????@machine.inf,%gendev_mfg%;(Standard system devices)??????????????i?????s??????8?????????????16??{4d36e972-e325-11ce-bfc1-08002be10318}\0199?????@nettun.inf,%msft%;Microsoft????? ???????????????t??tunnel??????????????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}??56??@nettun.inf,%msft%;Microsoft????tunnel??????Microsoft???????????????3???text?????????????T?? A??????????????????????????????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?FB-??????????????????????Microsoft 6to4 Adapter #191??2???????????????????????????????????????-???????????????????f??????{4d36e97d-e325-11ce-bfc1-08002be10318}\0033?? ??{4d36e97d-e325-11ce-bfc1-08002be10318}\0015?6.??@machine.inf,%*pnp0c02.devicedesc%;Motherboard resources?:??? r??????h???????~??? ??????????????????@oem6.inf,%nvidia_a%;NVIDIA? display types)?ma???????g???-???????.??Microsoft 6to4 Adapter #179??2???????V???????????.???????7??????????????Microso
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export ?????e??????1F??????????????????????s?????????????~?????????????? ?????????????????????/??"?????p???????c????????????A????????????z??????5??????7F???????????s???????s???????????0??s2??Net?8}??????????????????P?ipojen? k m?stn? s?ti* 147?e???????????r???e???????????????????????????????????r???????????n??????????????????????????????????????\Device\{80CEC371-45A3-414C-86B7-9494872B7987}??????? ??????????????????????????????????????1???? ???????@????????????????????$?N????????f????????????????????????????3?E1??? ????????????????????????????$?N???????????{187B5B18-3DED-43C6-8547-235C1C49BF75}???&??? ?????????????????????0????????????????????????????????????????????????????Microsoft???????????? ??????????????????????????????????????????tunnel??????? ?????????????????????0????????????????????? ?????????????????????0????????????????????????????????????????????????????????????????????? ??????????????n???6.1.7600.16385????????.?????????????? p?????????????????????? ?????????????????????0????????????????????? ?????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind ?????s???????????????????????????s?????????e????????????????ri???s??? ???????s???????????n????????4????? ???????????WdfLoadGroup?????????????s????T??s?????????e??????<??????t??????????????? ???????n?????s?????n??????????V????????V??????????????t????s???|?|?????s???s?s?s??? ???????|???????????n?:????????????&????????????????????????{?|?t???s?????s?????s??????????????t?????X??????????t???????????????e??system32\DRIVERS\vdrvroot.sys????|?|?????????????!???e??????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}???????????????????t???????????6??.1??????????? ???????s???????????s????????&????? ??????????????????????????????e????? ???????n?????s?? ??s????????$?????????c????????s?????????e????@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193??????????????????????????s?????????s????????h?????"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"?????????????????t??????s?????s?????? ????????????????s?????????n????@%s
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route ???????????????????????????????????g?????????????????????????????????????"??{7???????????E???e??????? ???????????0?????s48????N???????????D?????????????????? ???b???5???????5??? Z??????8?????f27??????????????????.NT?f}??6-21-2006???????????????? ??????????????x???????????????????? ????????????????????????????????6??????????????}??LegacyDriver??????N??????C?????Ded??? 0???????????????????????????6?????????????16????N??????5????DAD-???????????????e???????????B??????42??? ???????Z?????????????0????????????&????????????????????y??? ???????????????????@?0??????*?8??? ???????tu??????????? ??????????P?ipojen? k m?stn? s?ti* 20?tu??????????????????????????????????????????????????????????LegacyDriver??????8?????????????"???????????? ???????????????????i?/????????N? ??????o???????A???m???e??????????Microsoft???????????? ?? ????2??????x7??{4d36e97d-e325-11ce-bfc1-08002be10318}??????Extended Base????????k??tunnel?06???????????????????????????????????????????{4d36e96b-e325-11ce-bfc1-08002be10318}\0002?D5????6????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ????????????????????????????????tunnel?erf???????????e??In??int?????int?????????????@%SystemRoot%\system32\drivers\volmgrx.sys,-100???????:??t????????h??????????????a??t?????????????6??s??????????????Virtual WiFi Filter Driver??????????????tunnel??????S??ov? adresa????????8??????????????????????Net?????int??????????????|?|?|???????y??????????????????? ??????Net?????????????*6to4mp??????????4??????11??????*6to4mp?????Microsoft????????????|?|?|?|04???????????9???9???|?|?v??? ???????s???????? ???????????:?B??? ???????????? ???????n?????s?????s????????$?????????????@%SystemRoot%\ehome\ehres.dll,-15501?????????s??? ????h??4???????????????s??????????????????????Net?????tunnel?f-1????????????????????????????????l??????:??????? ???y???????????????|?|?o???????v????????????N?????? ???????????????????;????~??????????????????????f?le=???????y???????????6??????????????????????????t????????y???????????????e??@%SystemRoot%\system32\drivers\volmgrx.sys,-101??????? ??d??????p????????????j???e???????????s???????????s?????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind ????p???????????????????? ???????A???????????????????? ?<???????????volume_snapshot_install?????? ???m??????????????? ???????&??????n1??6.1.7600.16385?4&1????.?????????????????storage\volumesnapshot???????n??????????????????? <?????????????????St?nov? kopie obecn?ho svazku?????`??????4???????1??\\?\Root#*6TO4MP#0002#{cac88484-7515-4c03-82e6-71a87abac361}????\\?\Root#*6TO4MP#0003#{cac88484-7515-4c03-82e6-71a87abac361}?6??\\?\Root#*6TO4MP#0004#{cac88484-7515-4c03-82e6-71a87abac361}?E??\\?\Root#*6TO4MP#0005#{cac88484-7515-4c03-82e6-71a87abac361}????Root\*6TO4MP\0007?????z?????????????????Root\*6TO4MP\0008????????????????????5????t?????????????????????????? ??????????ACPI\PNP0C0A\0??????????????????????????????????\\?\HDAUDIO#FUNC_01&VEN_10EC&DEV_0662&SUBSYS_104316F3&REV_1001#4&3152ca26&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\RearLineOutWave3????\\?\HDAUDIO#FUNC_01&VEN_10EC&DEV_0662&SUBSYS_104316F3&REV_1001#4&3152ca26&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\RtMicInWave???????:??????t?g32??????ta?????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route ????o????????????????????????T???????????????k???C??sD??tunnel??????????????????????????*ISATAP?????????????????????????????????@machine.inf,%rdp_kbd.devicedesc%;Terminal Server Keyboard Driver?????N????????????D?????g?g?i?j?i?j?k?k?k???k???????g??????????Te????N????????????D??????N????????????D??????N??????"?????DA1??"???????????????????*6to4mp?????{00000000-0000-0000-0000-000000000000}????????N??????}????????????????????????????b????????????n?????????n??STORAGE\VolumeSnapshot??????????????????????? ???z???????????????s???????????????????????????????????2??????8}??? ??????????????n??????????????????? ??????????????????????tunnel?e?e???????????????????????????????????????? ??d???i??an??Microsoft????????????????????????`???&???&???????????7?????s}"???????????????????????n?????????????????s?????????????????t??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter?????? p??????????????????????s???b???e??? ???t????????????????????????????????N?????????????????LegacyDriver?????????????????????????B?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ????????????85??? ???????5???????5??????os??????????????????????????? ?????????????????????/????????N???????????{4d36e972-e325-11ce-bfc1-08002be10318}???????????j??????????? 0??????2?????}"???????????????????????? p???????????????????`??????????????????????????????????B??*6to4mp??5??????"???? ?????????????????????/?????????????????????????????????e???4??3e??x???? ?????????????????????/?????????????????f??? ?????????????f???????0??L????????? ???????????????????????????????? ?????????????????????0????????????&????????????????????n???????????????????????????????????.?????????????????????????V???f????????????????????????*6to4mp??T???????????????????????????$??????????????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0044?76??tunnel?AAD??????????????????????????????? ???????????????????e??????????@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter???????X?????? ???t??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter??????????????A??????FD????6?????????????16?????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Bind ?????????????????????????????????????????????????????????????j?z????????????????????????????????4m????????N?????? ??????????{293BA843-69CF-458E-B3C2-C1843883DD75}??????????????????{4d36e972-e325-11ce-bfc1-08002be10318}????????X??????r???????????e??int?????????2???? ???????U?????????????,????????$?x?<???????????????????????????????15?????????????????s????????????????????????? ?????????????????????,????????z?????#1EF???????????e???e??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?cpi???????????????????????????????f??????????????????????? ???????Z?????????????0??????????K?&????????????????????-???????????"??????????dl??Microsoft 6to4 Adapter #97??????{4d36e972-e325-11ce-bfc1-08002be10318}\0110??????????????????????????????????????????????????????????T??????2????????g??? ?????????????????????0??????*?:??? ???????BD????N????????????D????? p????????????3B5??????????Microsoft???????????????????????????@machine.inf,%gendev_mfg%;(Standard system devices)??????d?f?f?g?g?g?d???????????????8??????????@nettun.inf,%msft%;Microsof
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Route ?????8??????????????????????????{533c5b84-ec70-11d2-9505-00c04f79deaf}?-02???n?s?s??????????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0112?70??{4d36e972-e325-11ce-bfc1-08002be10318}\0111?A4???????????c?????sC4???????????????????1??25??ic??????03??????????????????Microsoft???????be??????}"??*6to4mp?es??????7-???????????n??.i??????????????????*6to4mp?F}??????? ?W????Microsoft 6to4 Adapter #99?6?2?????? ???????????????????????????????int??????????????????????????????????????????4??B}??????? ?????????????????????/??"?????p?E?????FF????X??????????t????N?????????????????????????????s ??????? ?????????????????????0????????????????????????????????????6.1.7600.16385??????????????????????? ???????Z?????????????0????????????&???????????????????????? ?????????????????????0??????*?8??? ???????????????????????????????d???????N????s????????????8??????i??r???P?ipojen? k m?stn? s?ti* 78???????????????6P?ipojen? k m?stn? s?ti* 66?????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Export ???????????????????g????? ???????6?????7?7???????????2?????s-4???????????????????????????????????????????s???v??e\???????????????????????????????????c??????9F??????????????????USB\VID_1005&PID_B113&REV_0100?USB\VID_1005&PID_B113????USB\Class_08&SubClass_06&Prot_50?USB\Class_08&SubClass_06?USB\Class_08??????????????*ISATAP?????????????nettun.inf:Microsoft.NTamd64:6to4mp.ndi:6.1.7600.16385:*6to4mp?4F-???????????7??D0???????????F??55??6.1.7600.16385?Dev????????????????????.?????????????Microsoft 6to4 Adapter?D35???????????????????????????8??ED??nettun.inf?D6-???????????????????????????-??2F??6to4mp.ndi?9DB???????????8??6D???????????C??B6???????????"??Tc???????d???p??"{???????????B??A-??Microsoft?????:?????? ??????????????????????????????????Root\*6TO4MP\0044???????????????s0??????????????????5????????????????y???????????????????e???????????-??25??@usbstor.inf,%genericbulkonly.devicedesc%;Velkokapacitn? pam??ov? za??zen? USB??????{53f3e143-4b8c-5123-ba95-d4c16c9e8c9e}?;Fi??{eec5ad98-8080-425f-922a-dabf3de3f69a}?
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Bind ?????s????~??????????e??nettun.inf:Microsoft.NTamd64:6to4mp.ndi:6.1.7600.16385:*6to4mp???3???????????????e??tunnel??????? .?????????????????Microsoft 6to4 Adapter??RO??????????????????????????????????????????????? ?????????????????????0??????????????????????????????????????????????????????????????????????.?????????????Microsoft 6to4 Adapter??????? p??????????????C??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter??t?????????????????????????????????????s????? ??????????????????????????????`????????e??? P?????????????????{CF859DCC-1EA5-49EF-B298-F034658C582E}????????*?????? ????d?????TCPIP6TUNNEL?Tcpip6?????\Device\{CF859DCC-1EA5-49EF-B298-F034658C582E}??s)???????????g???????f??????#???tunnel??????? ?????????????????????0????????????????????? ?????????????????????0????????????????????????????????????????????????????Microsoft???????????????????? ???????????????????????????????????????????????0??????eF??????????????11??????????? ?????????????????????0????????????????????? ?????????????????????0???????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Route ????????????? ?????????????????????0??????*????? ?????????????X??????u????????X??????????????????0??????ROOT\*6TO4MP\0125??????????????????d?????????????A??????????? ??????????????????????????????????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????Microsoft???????? ???????@????????????????????$?N???????????Microsoft 6to4 Adapter??? ??????????6.1.7600.16385???????????????-??????????????????????????????????? ??? ???????B??????n2??6.1.7600.16385??0E??????????????????????? ????????????????????????????????????$??????_???????????????????????e??????6to4mp.ndi??????????????????????? ??? ?????????????????????0????????????????????????????????????????? ?????????????????????0????????????????????????????????????????????????????????????Microsoft???????????? ??s???Net??t??????????? ??????????????????? ???????|???????????n?:??????????C?&????????????????????"??? ???????|?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Export ?????????????????????9??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter???????N??????3?????D45???????????????????????????????7??????42??????text?*????6P?ipojen? k m?stn? s?ti* 73??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????4Microsoft 6to4 Adapter #63????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Bind ????????? ??????? ?????????????9?????? ?N?????????????1boo??tunnel?9F9??????? ?????????????????????/??"?????p?????????????X??????1????????N?????????????????{4d36e972-e325-11ce-bfc1-08002be10318}? ????????????????s???? ????????????? ????\\?\Root#*6TO4MP#0142#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{A07E2557-6ED2-4354-9C65-6F06D8327A33}?????????????????????????? ???????:?????????????:????????????&???????????????????????? ???????-??????e7??S??ov? adresa???Root\*ISATAP\0041????????????????o??????????????Net???????*??????0????d?\D??? ???????????????????????????C??????????? .??????{?????C5D??*6to4mp??T??? ????????????????????????????$?N???????????{4d36e972-e325-11ce-bfc1-08002be10318}\0169?1c????????????????????????N?????????????????{CF859DCC-1EA5-49EF-B298-F034658C582E}???????????????y??????????????????????????? ???????r???????????????????t???????????0????????)?????????? ?????????????????????0????????????&????????????????????1??? ?????????????????????0??????*?:??? ????????????????????????????f??????????dN?????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Route ??????????????????????N???????????????????????N??????W????D.sy??Microsoft 6to4 Adapter #100??2?????t????????????????????????tu??Microsoft???????????????? P???????????????????*?????????????????Microsoft 6to4 Adapter???????????s??????????????????????????????????????? ??????????????????????????????`????????e??{88F306D9-DC07-46C4-AEF3-B063FD66F11C}??????????????????????? ???????|?????????????:????????????&???????????????????????????????????????????? ???????|?????????????:????????????&????????????????????e??P?ipojen? k m?stn? s?ti* 130??????N??????????????????????????????i?????????????????????????d????@nettun.inf,%msft%;Microsoft??????N??????0?????D10???????t??????sn??????4D??? ?????????????????????/??"?????p?g??????????????????????????????????e??????????ROOT\*6TO4MP\0103??????????????????e?????????t???????????????????????\??????tu????????????????????N?????????????????S??ov? adresa????????????????a??????????????? ???????|???????????k?:??????????M?&???????????????????????? ???????????????????????????~?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Export ?????????????????????????????????????????r???????? ?????????????Microsoft????????????r???e??????????? ??????????????64????N?????????????????????[??????????????????????????????s??????$??????????????????????????????????8?????e?7?????????????????????????????????????d??????????8?????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}?i5D????`?????????????????????????*6to4mp??n??????????????? p?????????????????{533c5b84-ec70-11d2-9505-00c04f79deaf}\0001?O0??????????????????6???????????????????????????????????????? ????????????????????N??????E?????D1?????????????????????????????????`??????????????????????????????p?????s????????\0??????? ???????|???????????i?:????????????&????????????????????8??? ???????4?????A47??Microsoft 6to4 Adapter #114??????????s??????????????un??un??????????????? ???????????????????????????????????????5???????????????t??????????????? ??int?????????????????????tunnel????????<?????????????Microsoft 6to4 Adapter Driver???? ??????????????????????????????"??? ???????????? ??????????????????tun
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0xA8 0xF3 0xF9 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Bind ?????????????n???j???????????????????????m??Net???????N????????????D????????int?????????????????????????????Typ?????{533c5b84-ec70-11d2-9505-00c04f79deaf}????????????????????????????$??????????????????????1???????????????????????????????????????????????????????????k?????????k????????????????????????{00000000-0000-0000-0000-000000000000}??6??????????????l?????????????????????????????????????A??????33???????????????????????????????0??5C??? 0????????????9????Microsoft???text????? .??????D?????66C??????P?ipojen? k m?stn? s?ti* 53???????<??????h?gMi??@volsnap.inf,%msft%;Microsoft????l?l?l?l?l?l?l?l?l?l?l??????t???????????????????? ???????????????????????????????????????????????h??????????????????????????????????????????????t????????????r???e??????????6-21-2006????????????????h??{533c5b84-ec70-11d2-9505-00c04f79deaf}\0037??"??Intel Processor Driver??????????????????????????????????????????????????????? ????????????????????$??????????????????????????????????????E?????e57??Root\*6TO4MP\0111???6to4mp.ndi????????$????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Route ????????????????? ???????????????????????????????????????????????h??????????????????????????????????????????????t????????????r???e??????????6-21-2006????????????????h??{533c5b84-ec70-11d2-9505-00c04f79deaf}\0037??"??Intel Processor Driver??????????????????????????????????????????????????????? ????????????????????$??????????????????????????????????????E?????e57??Root\*6TO4MP\0111???6to4mp.ndi????????$?????????????????Root\*6TO4MP\0115???????????????????????????????????????????????????????????? ???????3??????s"???????"??? ???????E?????"{8???????????3?????e9D???????????????????????e????????????????????????????????????????????N??????s??????????? ?????????????????????/??"?????p?2?????B-??nettun.inf???????????????t??????????????????? ???????@????????????????????$?N???????????{49E8D776-89E4-43DB-989D-3AC8AD875926}???????????????v???????s???????k???1???2????<??????2?g97????<????????g??????<????????g?????????????7???3????8??????1??????E6???????????r???e??????????????????????????????? ???????t???????t?????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Export ?????????????????????????????????t???????????????????????????????????????B??*6to4mp???????????????????`?????????????? ???????????????????????????n?????se ??tunnel??????????????????????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0157? "???????n???i???e???????????.??f,??Microsoft ISATAP Adapter #17?1??ROOT\*6TO4MP\0185???*6to4mp?e5??Microsoft?????????????N??????_??????????dr??????????????????nettun.inf??????????????????????????? ?????????????????????0??????*?:??? ???????????????????????????????d???????m???? ??????????P?ipojen? k m?stn? s?ti* 109?d???????????n??????????????m?????????????????$?????????????????ROOT\*6TO4MP\0098???????????????????????????????????????????? ??????????????????????????????<???????????? ??????????????????????????????????????????????????? ??????????????????????????????????????????????Typ?????????????????????????S??ov? adresa???? ??????????????????????????????????????????????????????????????Microsoft 6to4 Adapter Driver???? ??????????????????????????????"??? ???????????? ?????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind ???.?y????????????????????p??0???????????.???????.??? ???????,?????.???????/??????????????????????H??. ??????????????e?????/???/?????.??????????????a???????????? ???????,?????.???????/????????????????????? ???????.?????7?????~?/??"?????t???????????????? ???????.???????????.?/??????"?h?????????????h??. ???????????r?? ??? .??.???????????/???????@???j???????????????%???????j???????????????????????-???????n??? ???????.?????3???????/??"?????r???????????????? .??.?????????.?????????.???????e???.??h??????????????????????????????????????? ? ?????????%2??ACPI\PNP0C04?*PNP0C04???? ????N??.?????????D????{00000000-0000-0000-ffff-ffffffffffff}?000??? ???????.?????.?????.?/??(???$???????????????s????????????~?????.???!???-??????????????????????????ks.inf?wdmaudio.inf?????Battery??6??? ???????.???????????.?/??????"?H????????f??ACPI\ETD0001?*ETD0001????6???.?.?.???.???????????0?????????52&??? <??.???1?????EV_???????????????????????? ? ???????? ???????.?????.???????,????????????????????????0D?????.???????.?????0?0?.???.?????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route ???-?n????N??-???????????????4?4????????????????????? ???????,?????-???????/??(???????????????????s????????3???1????? ???????-?????-???????,???????????????????????????????-????? ???????-?????????????,?????????????????????y?????-????????????????????????????? ???????-?????????????0????????????????????? ???????-?????????????0????????????????????? ???????-?????????????0?????????????????????-??? ???????-?????????????0?????????????????????????-?????????????n?????6?6?????????-?????????????????6???6???6??ERS\???????????3??PC????`??6???g??????@system32\DRIVERS\pci.sys,#65536;PCI bus %1, device %2, function %3;(0,0,0)?????? ???????-?????????????/?????????????????f??? ???????-?????????????/??????????????????????s?????? ???-???????????-??? ???-?????????????????-?????8?9????? ???????-?????????????0????????????????????? ???????-?????????????0?????????? ?????????? ???????-?????????????0???????????????????????-???-???-???-???-???-???-???-???-???-???-???-???-???-???@?????????D??? ???????-?????????????0?????????? ????????????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export ???7?????????;???????????????~???~?????? ????????????6??Net??????????9??????????System??NO???????7???;???????????????j??????????????????????? 0??8??????????????????????? ???????:???????????7?,????????????&????????????????????7??? ???7??????????d???????????????? ???????7???????????7?,????????????&???????????????????????? ???7???????????????????????????????7???O??????System?fif??????? ???????:???????????7?:??????????<?&????????????????????s??? ???8?????????;??????h??7??? ??????pci\cc_0604??????7??? ???????????????????7?????????????????e????PCI standard PCI-to-PCI bridge??????@machine.inf,%pci\cc_0604.devicedesc%;PCI standard PCI-to-PCI bridge?5??? ???????.?????7???????0????????????&???????????????????????? ???????7?????7???????0???????????????????????7???????7???????7?????????????????7?????7?7??? ???????7?????7???????0?????????????????????????????7???7???????7???7???7?????7?????7?7?7?7?7?7?7?7?7?7?????????????6??????????? ?????????????7?????7????0?????^???$???????????????????? ????L??7???????????7??AHCI Link P
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind ???i?/???i?i?i?i????sW???????????????????????n??????????text?????????????????????????????????i?i?i?i????so?????? ????}?????s? ??????ri??????????????so???g?g?i?i????s???????????????????????????Volume?p6_??LegacyDriver???????? ??????????s??????<??j?????????e?????i?????????????????????i????Net??????????i??Volume???????????n???????????/???2????N??k????????D??????????n???i??????????????????????????????????????????s????????????e?????siv???????????4???????????j?k?j????N??m?????????????????????i?i??HidUsb?ver???i???????i???????p??USBSTOR?6.??srvnet???????????????c???e??USBSTOR???????6??j??????????????????????????t???????????tmtdi????????1??????????????????vo??.NTAMD64????LegacyDriver?????????????????????????r??????LR??????????????????????????????????h????i???????????l?l?l????N??j????????D??1??11???????g?i?i?i????????ROOT\mssmbios????6???i???????i???i??????????volume.inf:MSFT.NTamd64:volume_install:6.1.7600.16385:storage\volume?????????????????????????i?????????????????????i?????????????????????????i???????4???i?i???
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route ???i????Net??????????i??Volume???????????n???????????/???2????N??k????????D??????????n???i??????????????????????????????????????????s????????????e?????siv???????????4???????????j?k?j????N??m?????????????????????i?i??HidUsb?ver???i???????i???????p??USBSTOR?6.??srvnet???????????????c???e??USBSTOR???????6??j??????????????????????????t???????????tmtdi????????1??????????????????vo??.NTAMD64????LegacyDriver?????????????????????????r??????LR??????????????????????????????????h????i???????????l?l?l????N??j????????D??1??11???????g?i?i?i????????ROOT\mssmbios????6???i???????i???i??????????volume.inf:MSFT.NTamd64:volume_install:6.1.7600.16385:storage\volume?????????????????????????i?????????????????????i?????????????????????????i???????4???i?i?????????????4???????????i???t??ag??6.1.7600.16385?4?4???i?i?4????????????????????8??i??????????Microsoft Composite Battery??????i?i?????????????f??? ???????i??????????battery.inf??????i?i?????????????\??bd???????i??????????COMPBATT_Inst????i?it????????????4??? ???????i??????????.NT
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ???m?o???j???j???????????? ??8???????e??Net?????????????LegacyDriver?M???j??11????????N??????6????D784??*6to4mp?????Net??j???????????j???j?kiv???????????????????????????????????j?j?i???????????????????j?j?E??atapi_Inst????????????????????????*??????????????????????j??? ???????h?????h???????0????????????&????????????????????7??? ???????j?????????????0?????????????????????????????/???????????????????????????????????-??sF???f?j?j?j?????j???????????8?????sD-?????????????????s????Net??????????i???????9??????????ASMMAP64?????j????????????N??????????????????????????????????????i?i?i?i?i?i?i???j???????????????j???????????????????????????????j??Net??????????i???f?i?j?j?????j???????j???????e??tunnel??????????????Tcpip???????? ???????j?????j?????j?/??????????!? ???????V???????????????????????? ???????j???????????i?/????????\????????????????h???a???e???????n???????j??????????5.0.0.1??????????j???5??s0???????????????????????????C??????16???????j??????s????j????????????>??k?????g????text?????-?-?t???B???j???j?????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind ???i?i????X??k??????????volsnap???????X???????????????????????????????F??i?????g????{72631e54-78a4-11d0-bcf7-00aa00b7b32a}???????????????????????????E?????s&D???????????y???v?????i????CompositeBus???????? ????3???????????-?i?i?i????????? b????????????????????????????????s?????????????????????3???????i?i?????????????S??s1??Microsoft????????i??????s????????????????????????i???3???/????X??m???4???/???????i???????3??compositebus.inf:Microsoft.NTamd64:CompositeBus_Device:6.1.7600.16385:root\compositebus?ot???????????3???????????i???????????????????????????????i???????????????????i?i?????????????????????????i??????????6.1.7600.16385??6.???i?i?i???????????3????????2??i??????????Composite Bus Enumerator?????i?i?9????"??i???B??????compositebus.inf????{4d36e96a-e325-11ce-bfc1-08002be10318}\0001?-4???i?i?i???????????????????i?i?i???????????????????????i???3??????hal.inf??????i?i?i???????????????????????i???3??????ACPI_AMD64_HAL?HAL???i?i?i??acpiapic?????i???????????????? ??T??????p????????????????????????????s???a?????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route ???i????CompositeBus???????? ????3???????????-?i?i?i????????? b????????????????????????????????s?????????????????????3???????i?i?????????????S??s1??Microsoft????????i??????s????????????????????????i???3???/????X??m???4???/???????i???????3??compositebus.inf:Microsoft.NTamd64:CompositeBus_Device:6.1.7600.16385:root\compositebus?ot???????????3???????????i???????????????????????????????i???????????????????i?i?????????????????????????i??????????6.1.7600.16385??6.???i?i?i???????????3????????2??i??????????Composite Bus Enumerator?????i?i?9????"??i???B??????compositebus.inf????{4d36e96a-e325-11ce-bfc1-08002be10318}\0001?-4???i?i?i???????????????????i?i?i???????????????????????i???3??????hal.inf??????i?i?i???????????????????????i???3??????ACPI_AMD64_HAL?HAL???i?i?i??acpiapic?????i???????????????? ??T??????p????????????????????????????s???a???????i???1??8&??@%SystemRoot%\system32\drivers\netbt.sys,-2?????system32\drivers\nsiproxy.sys????????????????????????????????????????????????????i???????????+???????+????`??i?????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ???n?????????i???n???}?}????? ???????m?????????????/?????????????????f??????D2???n??? ???????m?????m???????0??L????????? ??????????????m???m???m??0000??? ???????m?????m???????0????????????&???????????????????????? ???????m?????m???????0????????????????????? ???????m???????????l?0????????????????????????????????t????j???t?????????????????????????????m????? ???????m?????m???????0???????????????????????m???m????? ???????m???????????l?0?????????????????????l?l?l?l?l?l?l?l?l?l?l???????i??????s??????m????? ???????m?????n???????0????????????&??????????????????????????m???m????? ???????m?????n???????0?????????????????????????n??????????????? ???????m???????????l?0?????????????????????????????<???????????e???n?n?m?n?n?n?nxnxn??? ???? n????? ???????m?????n???????0????????????????????6-21-2006???? ???????n???????????l?0????????????????????\SystemRoot\system32\DRIVERS\iaStorV.sys? ???}?}???????n????? ???????m?????n???????0???????????????????????????????????e????? ???????n???????????l?0????????$????????????????n??????p??
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Bind ???i?j???????????????????o???j??????????????t???????????????t??????????????????????????????g?????????t??*6to4mp?????? ???????t???????????i?:????????????,????????????????????????????????????????????????????????????????????t????????????????????????R??i????????h?????\SystemRoot\system32\DRIVERS\nfrd960.sys?e???n?n?n???i???????i??????p???SCSI Miniport?????V??i???????????d??nfrd960.inf_amd64_neutral_cfc8c0013e9ede68???????i?i?i?i?i?i??????N??n?????????e????nvlddmkm?j??Network??????i??????????????????????????????????????????co????(??i???i??????CompositeBus_Device??-???i?i?i???????????????3???????i??????????.NT??????i?i?i???????????3???3????$??i???3???3??root\compositebus????i?i?i???????????3???????????i??????????Microsoft????i?i?i???????????????????????????3???????i?i?i??????me??LegacyDriver????? ???i???V?????t?????????????t???????t???g?g?i?i?i???i???????????i?i?i???????????????????2?????sys??????????? ???????????8???????e???? ?????????p???Network????????????????????????????s????????????mrxsmb???????????????\???_?
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Route ???j?j???????????1???1??*6to4mp?????????????tunnel??????????Tc????X??k???????????????n???????9???1??s????????i???????????????????????????n??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?e10????N??k???t????Dd64????X??j??????????Keyboard Class Driver????????n???????????????i???n???j??????????????????????????????????? ??????????????????????????t???????????{53f3e143-4b8c-5123-ba95-d4c16c9e8c9e}?6.1?????????????????s????????????????????????Ovlada? disku?????R??j????????h?????System32\DRIVERS\srv.sys????????????????????????????????p????p?pp???@%systemroot%\system32\drivers\dfsc.sys,-101??????4??j????????h?????????????????Video Init??????????????????t????????????????????????????+??LDDM Graphics Subsystem????????????????g??????????????????????????8??????i??r????????????????????B???????o?????????n????? "??n???D?????636??????????@%systemroot%\system32\drivers\dfsc.sys,-102?????????????????????????n??????????????????\SystemRoot\System32\drivers\dxgkrnl.sys????????????????????????????p???Net?????????????????system32\DRIVERS\ET
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Export ???p?p???????s??????????????Auto????? ???????n?????p?????p?4??????$?p?W??????t??@%systemroot%\system32\eapsvc.dll,-1??????Z??p????????h?????%SystemRoot%\System32\svchost.exe -k netsvcs??????J??p?????????n????@%systemroot%\system32\eapsvc.dll,-2????? ???p??????????????????????????????????????????????t????????????????????????????p?????????????? ????????????????p???????????e??RPCSS?KeyIso??????,??p????????????????p??p??????????????????SeTcbPrivilege?SeDebugPrivilege?SeImpersonatePrivilege???????p?p?p?p?p?p?p?p?p?p?p?????????????????????????????????p???p????????? ???????p?????p???????4?????????????????s??? ???????p?????p?????p?4???????????????1???????p????? ???????p?????p???????4?? ????????????4???????p????? ???????p?????p???????4????????????????2??????p????? ???????p???????????p?4??????0?T?????1??????p????????????????:??p??????????????Windows Connect Now EAP Peer????? ?????????????????????p1????????????????????????????????????????????????????p?p?p???p?????????????????????I??????T??p?????????h????%SystemRoot%\Sy
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Bind ???ip?????X??i?????????e??????????????????????????6??i????????h??????????i??????p?????"??i??????p???File system???????^??i?????????e?????i??????????????????????? ???????t???????????i?:????????????,??????????????????????? ???????????????????????????????????????????????????????????????????????????t???@%SystemRoot%\system32\drivers\netbt.sys,-1?????????????????????Boot File System??????2??j????????h??????????????????????????????i?i?i????X??i?????????n????????????? ??te???????8??????????????t????????????e??t???System32\DRIVERS\netbt.sys???????i??? ???????t???????????i?:????????????,???????????????????????ev???????????-???????E???????????B???????0??@%SystemRoot%\system32\drivers\nsiproxy.sys,-2????????<??i????????h??????????U???a???????????d??????????????t??????????????g?????i?i?i?i?i???????????????s???????????????????????????????i??t.???????????s??????????????????????????@%SystemRoot%\system32\drivers\partmgr.sys,-100?????Boot Bus Extender?????????????????????$??i??????p???C:\ProgramData\Microsoft\MF??????????i?
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Route ???o?????o????????????????p??????j?j?o?o?o?o???????????????????n?????i?i?i?j?j?o?o?o?o?o?o?o?o????V????????????n????RPCSS??,?-??????????????t???????????????t???Global\MMF_BITS_s??????????????g??????b??o?????????n????Microsoft Composite Battery Driver?6?6???????????????????j?j?j?j?j?j?o?j?????????????????????j?j?j?j?j?o?j?o?j??System32\DRIVERS\fvevol.sys??????????????????????????????????????????????i?i?n?p????????????text?????????????????????????o???s?s?s?s?s???p?p?p??compositebus.inf_amd64_neutral_359017cc3e8461e7??????????????????????????????????#??t????????????o????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????@FirewallAPI.dll,-23505???????@FirewallAPI.dll,-23506??????????????????????????????????????????????????????????????????? ??????????? ????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P?????????????P???????????????????lA?????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Export ???n?m???????????????????B??????????????{71a27cdd-812a-11d0-bec7-08002be2092f}?163???????????t???????t????X??????&???&????:??k?????g?????????????????????????????????????B??{4d36e97d-e325-11ce-bfc1-08002be10318}???4??{4d36e97d-e325-11ce-bfc1-08002be10318}??????????????????????????tunnel????????????????N??l???N????D4:d??? l??????????????????l?l?l???????????2???????????k???????????????k??????????????? ???????j?????k?????i?/???????????? ???????D???ms_sstpminiport?????? ???????k?????????????/????????N????????????k?k?????????????s??t????k?kKB???3?????k?&????N??k???s????D??????????????????????????k???????????s??????na??machine.inf:GENDEV_SYS.NTamd64:SWENUM:6.1.7600.16385:root\swenum?E???????????????????????k???????2???????????????????????2???k?k????? ???????j?????k?????i?/????????????????????????? 4??????i???????k??? ???????k?????????????/????????N????????????k?k?k???????????????????k?k???????????k?&???????k???2???????k?k?2???????????????????????k???2??????6.1.7600.16385??6.???????????????2????R??k??????????Plug an
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Bind ???i?i??HidUsb?ver???i???????i???????p??USBSTOR?6.??srvnet???????????????c???e??USBSTOR???????6??j??????????????????????????t???????????tmtdi????????1??????????????????vo??.NTAMD64????LegacyDriver?????????????????????????r??????LR??????????????????????????????????h????i???????????l?l?l????N??j????????D??1??11???????g?i?i?i????????ROOT\mssmbios????6???i???????i???i??????????volume.inf:MSFT.NTamd64:volume_install:6.1.7600.16385:storage\volume?????????????????????????i?????????????????????i?????????????????????????i???????4???i?i?????????????4???????????i???t??ag??6.1.7600.16385?4?4???i?i?4????????????????????8??i??????????Microsoft Composite Battery??????i?i?????????????f??? ???????i??????????battery.inf??????i?i?????????????\??bd???????i??????????COMPBATT_Inst????i?it????????????4??? ???????i??????????.NT??????i?i?????????????????4????$??i???t??ag??composite_battery????i?iy????i?i?i???????????/?????/?0???????i???s??ar??ATA Channel 0????i?i?????????????????4???????i???4??????Microsoft??????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Route ???j?n?????????????g?????????n???????j??????s?????<??j?????g??????N??????s?????s?s??????90??????????????????????????????LegacyDriver?????j?j?j???l?l?l???????3???s?s?s?????????????????s????? ???k???????????.???????j???j??????????????????{8ECC055D-047F-11D1-A537-0000F8753ED1}??????Kernel Mode Driver Frameworks service????????????.??????.1????V??m???m????h?????? ???g???t???????????j???j?????????????????????????????????????????????????????s?????????????s??????gr???j?j?j???????????????f????????????N??????????????????????k??????????? ???????j?????j?????i?/???????????? ???????O?????N??j???.??????????? ???????j???????????i?/????????`???????????text????????????LegacyDriver?0???j?????????????????????j????{8ECC055D-047F-11D1-A537-0000F8753ED1}??pc???????????s??????Wi???????????j???????????B???????????-??????Net??????????j???p???????9???????e???????j??????s???? "??k???y?????r????????????????????LegacyDriver????????????&2????????????X??????????t??????????????????????11?}?D????????????????????N??l???B?????Den??Net?D2?????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Export ???n?n??Net???????6????????????e?????????????????n??tunnel?f?f?????n???n???n???n???n??BD0-4C87??? ???????t???????????n?,????????????&??????????????????????????t???n???n??}?\D??????!????????????????8???????????u???u??LocalSystem?t???????e???\Device\{C8C856C5-4512-4E2A-AFAE-EAE738430589}?\Device\{3B88A0ED-90C8-4D45-A9D6-06766CA4D353}?\Device\{F806D503-FBDB-4280-8A12-C18FE6DE5D2A}?\Device\{0175C40D-CBD0-4C87-A9E1-2007389D9B0C}?????"{C8C856C5-4512-4E2A-AFAE-EAE738430589}"?"{3B88A0ED-90C8-4D45-A9D6-06766CA4D353}"?"{F806D503-FBDB-4280-8A12-C18FE6DE5D2A}"?"{0175C40D-CBD0-4C87-A9E1-2007389D9B0C}"??????????????}????????????????????????????????????????????:???????????h??????????j??????e???system32\DRIVERS\AgileVpn.sys???????s????????t??@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100???????n???????4???????????????????????6????N??????t?????{??????X??????C??????*6to4mp??i???????????????h???:????????????????????*??n?????????e????????????????????mshome.net???????????????????????????1??-a??????.s??*pnp0000????????????????s??
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0xA8 0xF3 0xF9 ...
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Bind ???V?i????<??n?????????e?????????i??????????????????????????????????????LegacyDriver? ???? ??8???????e???? ??8???g???e??Security Driver??????????i??????p???battery.inf:Microsoft.NTamd64:COMPBATT_Inst:6.1.7600.16385:composite_battery?1??? ???????j?????i???????0????????????????????? ???????i???????????i?0?????????????????????????????????????????i???????????i?i?????i?i???????i????? ???????j?????i???????0???????????????????????j???i???i????hd??? ???????i???????????i?0????????????????????????????????? ???????????t?????dvo???i?i?i????z??????????????????????\??st???????????????????????i???????????i?iap???????????????????????i??????????Microsoft????i?i?i???????????????????????i??????????HAL??????i?i?i???????????????????????????????????i?i?i??????????????????????????????mrxsmb???????i?i?i??????`????-??????1D??{4d36e97d-e325-11ce-bfc1-08002be10318}\0004??????????i??????s????????????8??????-F???????i???????????2??????bf??????????????????????? ?????????????????d?/??{8ECC055D-047F-11D1-A537-0000F8753ED1}???????????i?????
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Route ???i?o???????????????????????????????k???????????i?i????? ???????i???????????i?0????????????????????volume_install?????????i????? ???????i?????k???????0?????????????????????????????????????????8???2?????????? ??????????s?????????i??????s???? ???????i?????i???????0?????????????????????i?i?????????????????????????????1??}????????i??? ???????????????????????i???????????i???n??????86??? ??j???????????????i?i?i?i????sC??????????? ??k??????????????? 0??k?????????n??????X?????????????*ISATAP?????????5C???????????????????????????????1???D??Net??????????????D??sM??11??????11??????????????????7????????????e??????NDProxy?? ???????i??????p???Net??????????n???????????_?????sE\???????j??Net??????????i??hamachi?????? T??n??????????? ??*6to4mp??????????????????????????????????????i???t???????????????????????.??????VgaSave???????N??k????????D??4??????????????ag???????????b??sC???????j???????.??????????E\???t???t???t??*ISATAP?????????????????????volsnap??????????j??????p???Net???????<??????a?gHo??????s:?????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Export ???j?j??LegacyDriver????LegacyDriver????Net?????MEDIA???A?????????????N??j????????D?{4??????????LegacyDriver?_??? "??j???e??????? ????X??j???&???&??Typ??????????????????????????~??int?e\???????????D??????Sp??.NTAMD64?5????N???????????D??????????????????????m???????e???e???e???????????????????????????????????/???j???????????????&???j????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Interface Un-quarantine filter?????????????????????????????????????????????????????????????????????? ??????????? ????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P?????????????P????????????????????????&???j??????????????????????????BFE???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Interface Un-quarantine filter?????????????????????????????????????????????????????????????????????????????????????? ????????
Reg HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0ae5a84f
---- Files - GMER 1.0.15 ----
File C:\ADSM_PData_0150 0 bytes
File C:\ADSM_PData_0150\DB 0 bytes
File C:\ADSM_PData_0150\DB\SI.db 624 bytes
File C:\ADSM_PData_0150\DB\UL.db 16 bytes
File C:\ADSM_PData_0150\DB\VL.db 16 bytes
File C:\ADSM_PData_0150\DB\WAL.db 2048 bytes
File C:\ADSM_PData_0150\DragWait.exe 315392 bytes executable
File C:\ADSM_PData_0150\_avt 512 bytes
File C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_1ee3709d 0 bytes
File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_10528729 0 bytes
File C:\Windows\Temp\TMP0000054A14B43D40F19B45F2 0 bytes
File C:\Windows\Temp\WERE5CC.tmp.resp.erc.xml 0 bytes
File C:\Windows\Temp\WERE5CD.tmp.resp 0 bytes
File C:\Windows\Temp\WEREABB.tmp.resp.erc.xml 0 bytes
File C:\Windows\Temp\WEREABC.tmp.resp 0 bytes
File C:\Windows\Temp\WEREC61.tmp.resp.erc.xml 0 bytes
File C:\Windows\Temp\WEREC71.tmp.resp 0 bytes
File C:\Windows\Temp\WERF2E6.tmp.resp.erc.xml 0 bytes
File C:\Windows\Temp\WERF2E7.tmp.resp 0 bytes
---- EOF - GMER 1.0.15 ----
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: error reading MBR
a zde log gmer :
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-16 16:06:36
Windows 6.1.7600
Running: gmer.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind ???m?t????????????????????V??m?????????e?????????????a??????????NOD32?????????????????????4??m????????h??????????????????????????m??????????????t????m?????n??????????????????????????????:??m????????h?????system32\drivers\HdAudio.sys?????????m?????????e????Microsoft 1.1 UAA Function Driver for High Definition Audio Service???????b??m?????????e????????????????????@%SystemRoot%\system32\drivers\http.sys,-1??????????????????????????Net??i??system32\DRIVERS\HDAudBus.sys?DAudBus.sys???system32\drivers\HTTP.sys????????9???????????????????????????}?}?t??????????????t?????<??n????????h?????????????Microsoft UAA Bus Driver for High Definition Audio????????.????????????e??????????????????????????????????????????P??m????????h?????\SystemRoot\system32\DRIVERS\HpSAMD.sys?iv???????m??????p???SCSI Miniport?????T??m???????????d??hpsamd.inf_amd64_neutral_f4d0397ad0d9b1cc????m?m?m?m?m?m?m?????????????g????text????????????@%systemroot%\system32\drivers\hwpolicy.sys,-101??????<??m????????h??????????????????????? ??A??????p??????
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route ????AT???????d??Microsoft 6to4 Adapter #173??2??????????????????????CP????????????????????N??????????????????????????4?????s91??????????@machine.inf,%gendev_mfg%;(Standard system devices)??????????????i?????s??????8?????????????16??{4d36e972-e325-11ce-bfc1-08002be10318}\0199?????@nettun.inf,%msft%;Microsoft????? ???????????????t??tunnel??????????????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}??56??@nettun.inf,%msft%;Microsoft????tunnel??????Microsoft???????????????3???text?????????????T?? A??????????????????????????????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?FB-??????????????????????Microsoft 6to4 Adapter #191??2???????????????????????????????????????-???????????????????f??????{4d36e97d-e325-11ce-bfc1-08002be10318}\0033?? ??{4d36e97d-e325-11ce-bfc1-08002be10318}\0015?6.??@machine.inf,%*pnp0c02.devicedesc%;Motherboard resources?:??? r??????h???????~??? ??????????????????@oem6.inf,%nvidia_a%;NVIDIA? display types)?ma???????g???-???????.??Microsoft 6to4 Adapter #179??2???????V???????????.???????7??????????????Microso
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export ?????e??????1F??????????????????????s?????????????~?????????????? ?????????????????????/??"?????p???????c????????????A????????????z??????5??????7F???????????s???????s???????????0??s2??Net?8}??????????????????P?ipojen? k m?stn? s?ti* 147?e???????????r???e???????????????????????????????????r???????????n??????????????????????????????????????\Device\{80CEC371-45A3-414C-86B7-9494872B7987}??????? ??????????????????????????????????????1???? ???????@????????????????????$?N????????f????????????????????????????3?E1??? ????????????????????????????$?N???????????{187B5B18-3DED-43C6-8547-235C1C49BF75}???&??? ?????????????????????0????????????????????????????????????????????????????Microsoft???????????? ??????????????????????????????????????????tunnel??????? ?????????????????????0????????????????????? ?????????????????????0????????????????????????????????????????????????????????????????????? ??????????????n???6.1.7600.16385????????.?????????????? p?????????????????????? ?????????????????????0????????????????????? ?????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind ?????s???????????????????????????s?????????e????????????????ri???s??? ???????s???????????n????????4????? ???????????WdfLoadGroup?????????????s????T??s?????????e??????<??????t??????????????? ???????n?????s?????n??????????V????????V??????????????t????s???|?|?????s???s?s?s??? ???????|???????????n?:????????????&????????????????????????{?|?t???s?????s?????s??????????????t?????X??????????t???????????????e??system32\DRIVERS\vdrvroot.sys????|?|?????????????!???e??????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}???????????????????t???????????6??.1??????????? ???????s???????????s????????&????? ??????????????????????????????e????? ???????n?????s?? ??s????????$?????????c????????s?????????e????@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193??????????????????????????s?????????s????????h?????"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"?????????????????t??????s?????s?????? ????????????????s?????????n????@%s
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route ???????????????????????????????????g?????????????????????????????????????"??{7???????????E???e??????? ???????????0?????s48????N???????????D?????????????????? ???b???5???????5??? Z??????8?????f27??????????????????.NT?f}??6-21-2006???????????????? ??????????????x???????????????????? ????????????????????????????????6??????????????}??LegacyDriver??????N??????C?????Ded??? 0???????????????????????????6?????????????16????N??????5????DAD-???????????????e???????????B??????42??? ???????Z?????????????0????????????&????????????????????y??? ???????????????????@?0??????*?8??? ???????tu??????????? ??????????P?ipojen? k m?stn? s?ti* 20?tu??????????????????????????????????????????????????????????LegacyDriver??????8?????????????"???????????? ???????????????????i?/????????N? ??????o???????A???m???e??????????Microsoft???????????? ?? ????2??????x7??{4d36e97d-e325-11ce-bfc1-08002be10318}??????Extended Base????????k??tunnel?06???????????????????????????????????????????{4d36e96b-e325-11ce-bfc1-08002be10318}\0002?D5????6????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ????????????????????????????????tunnel?erf???????????e??In??int?????int?????????????@%SystemRoot%\system32\drivers\volmgrx.sys,-100???????:??t????????h??????????????a??t?????????????6??s??????????????Virtual WiFi Filter Driver??????????????tunnel??????S??ov? adresa????????8??????????????????????Net?????int??????????????|?|?|???????y??????????????????? ??????Net?????????????*6to4mp??????????4??????11??????*6to4mp?????Microsoft????????????|?|?|?|04???????????9???9???|?|?v??? ???????s???????? ???????????:?B??? ???????????? ???????n?????s?????s????????$?????????????@%SystemRoot%\ehome\ehres.dll,-15501?????????s??? ????h??4???????????????s??????????????????????Net?????tunnel?f-1????????????????????????????????l??????:??????? ???y???????????????|?|?o???????v????????????N?????? ???????????????????;????~??????????????????????f?le=???????y???????????6??????????????????????????t????????y???????????????e??@%SystemRoot%\system32\drivers\volmgrx.sys,-101??????? ??d??????p????????????j???e???????????s???????????s?????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind ????p???????????????????? ???????A???????????????????? ?<???????????volume_snapshot_install?????? ???m??????????????? ???????&??????n1??6.1.7600.16385?4&1????.?????????????????storage\volumesnapshot???????n??????????????????? <?????????????????St?nov? kopie obecn?ho svazku?????`??????4???????1??\\?\Root#*6TO4MP#0002#{cac88484-7515-4c03-82e6-71a87abac361}????\\?\Root#*6TO4MP#0003#{cac88484-7515-4c03-82e6-71a87abac361}?6??\\?\Root#*6TO4MP#0004#{cac88484-7515-4c03-82e6-71a87abac361}?E??\\?\Root#*6TO4MP#0005#{cac88484-7515-4c03-82e6-71a87abac361}????Root\*6TO4MP\0007?????z?????????????????Root\*6TO4MP\0008????????????????????5????t?????????????????????????? ??????????ACPI\PNP0C0A\0??????????????????????????????????\\?\HDAUDIO#FUNC_01&VEN_10EC&DEV_0662&SUBSYS_104316F3&REV_1001#4&3152ca26&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\RearLineOutWave3????\\?\HDAUDIO#FUNC_01&VEN_10EC&DEV_0662&SUBSYS_104316F3&REV_1001#4&3152ca26&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\RtMicInWave???????:??????t?g32??????ta?????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route ????o????????????????????????T???????????????k???C??sD??tunnel??????????????????????????*ISATAP?????????????????????????????????@machine.inf,%rdp_kbd.devicedesc%;Terminal Server Keyboard Driver?????N????????????D?????g?g?i?j?i?j?k?k?k???k???????g??????????Te????N????????????D??????N????????????D??????N??????"?????DA1??"???????????????????*6to4mp?????{00000000-0000-0000-0000-000000000000}????????N??????}????????????????????????????b????????????n?????????n??STORAGE\VolumeSnapshot??????????????????????? ???z???????????????s???????????????????????????????????2??????8}??? ??????????????n??????????????????? ??????????????????????tunnel?e?e???????????????????????????????????????? ??d???i??an??Microsoft????????????????????????`???&???&???????????7?????s}"???????????????????????n?????????????????s?????????????????t??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter?????? p??????????????????????s???b???e??? ???t????????????????????????????????N?????????????????LegacyDriver?????????????????????????B?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ????????????85??? ???????5???????5??????os??????????????????????????? ?????????????????????/????????N???????????{4d36e972-e325-11ce-bfc1-08002be10318}???????????j??????????? 0??????2?????}"???????????????????????? p???????????????????`??????????????????????????????????B??*6to4mp??5??????"???? ?????????????????????/?????????????????????????????????e???4??3e??x???? ?????????????????????/?????????????????f??? ?????????????f???????0??L????????? ???????????????????????????????? ?????????????????????0????????????&????????????????????n???????????????????????????????????.?????????????????????????V???f????????????????????????*6to4mp??T???????????????????????????$??????????????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0044?76??tunnel?AAD??????????????????????????????? ???????????????????e??????????@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter???????X?????? ???t??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter??????????????A??????FD????6?????????????16?????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Bind ?????????????????????????????????????????????????????????????j?z????????????????????????????????4m????????N?????? ??????????{293BA843-69CF-458E-B3C2-C1843883DD75}??????????????????{4d36e972-e325-11ce-bfc1-08002be10318}????????X??????r???????????e??int?????????2???? ???????U?????????????,????????$?x?<???????????????????????????????15?????????????????s????????????????????????? ?????????????????????,????????z?????#1EF???????????e???e??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?cpi???????????????????????????????f??????????????????????? ???????Z?????????????0??????????K?&????????????????????-???????????"??????????dl??Microsoft 6to4 Adapter #97??????{4d36e972-e325-11ce-bfc1-08002be10318}\0110??????????????????????????????????????????????????????????T??????2????????g??? ?????????????????????0??????*?:??? ???????BD????N????????????D????? p????????????3B5??????????Microsoft???????????????????????????@machine.inf,%gendev_mfg%;(Standard system devices)??????d?f?f?g?g?g?d???????????????8??????????@nettun.inf,%msft%;Microsof
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Route ?????8??????????????????????????{533c5b84-ec70-11d2-9505-00c04f79deaf}?-02???n?s?s??????????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0112?70??{4d36e972-e325-11ce-bfc1-08002be10318}\0111?A4???????????c?????sC4???????????????????1??25??ic??????03??????????????????Microsoft???????be??????}"??*6to4mp?es??????7-???????????n??.i??????????????????*6to4mp?F}??????? ?W????Microsoft 6to4 Adapter #99?6?2?????? ???????????????????????????????int??????????????????????????????????????????4??B}??????? ?????????????????????/??"?????p?E?????FF????X??????????t????N?????????????????????????????s ??????? ?????????????????????0????????????????????????????????????6.1.7600.16385??????????????????????? ???????Z?????????????0????????????&???????????????????????? ?????????????????????0??????*?8??? ???????????????????????????????d???????N????s????????????8??????i??r???P?ipojen? k m?stn? s?ti* 78???????????????6P?ipojen? k m?stn? s?ti* 66?????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Export ???????????????????g????? ???????6?????7?7???????????2?????s-4???????????????????????????????????????????s???v??e\???????????????????????????????????c??????9F??????????????????USB\VID_1005&PID_B113&REV_0100?USB\VID_1005&PID_B113????USB\Class_08&SubClass_06&Prot_50?USB\Class_08&SubClass_06?USB\Class_08??????????????*ISATAP?????????????nettun.inf:Microsoft.NTamd64:6to4mp.ndi:6.1.7600.16385:*6to4mp?4F-???????????7??D0???????????F??55??6.1.7600.16385?Dev????????????????????.?????????????Microsoft 6to4 Adapter?D35???????????????????????????8??ED??nettun.inf?D6-???????????????????????????-??2F??6to4mp.ndi?9DB???????????8??6D???????????C??B6???????????"??Tc???????d???p??"{???????????B??A-??Microsoft?????:?????? ??????????????????????????????????Root\*6TO4MP\0044???????????????s0??????????????????5????????????????y???????????????????e???????????-??25??@usbstor.inf,%genericbulkonly.devicedesc%;Velkokapacitn? pam??ov? za??zen? USB??????{53f3e143-4b8c-5123-ba95-d4c16c9e8c9e}?;Fi??{eec5ad98-8080-425f-922a-dabf3de3f69a}?
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Bind ?????s????~??????????e??nettun.inf:Microsoft.NTamd64:6to4mp.ndi:6.1.7600.16385:*6to4mp???3???????????????e??tunnel??????? .?????????????????Microsoft 6to4 Adapter??RO??????????????????????????????????????????????? ?????????????????????0??????????????????????????????????????????????????????????????????????.?????????????Microsoft 6to4 Adapter??????? p??????????????C??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter??t?????????????????????????????????????s????? ??????????????????????????????`????????e??? P?????????????????{CF859DCC-1EA5-49EF-B298-F034658C582E}????????*?????? ????d?????TCPIP6TUNNEL?Tcpip6?????\Device\{CF859DCC-1EA5-49EF-B298-F034658C582E}??s)???????????g???????f??????#???tunnel??????? ?????????????????????0????????????????????? ?????????????????????0????????????????????????????????????????????????????Microsoft???????????????????? ???????????????????????????????????????????????0??????eF??????????????11??????????? ?????????????????????0????????????????????? ?????????????????????0???????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Route ????????????? ?????????????????????0??????*????? ?????????????X??????u????????X??????????????????0??????ROOT\*6TO4MP\0125??????????????????d?????????????A??????????? ??????????????????????????????????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????Microsoft???????? ???????@????????????????????$?N???????????Microsoft 6to4 Adapter??? ??????????6.1.7600.16385???????????????-??????????????????????????????????? ??? ???????B??????n2??6.1.7600.16385??0E??????????????????????? ????????????????????????????????????$??????_???????????????????????e??????6to4mp.ndi??????????????????????? ??? ?????????????????????0????????????????????????????????????????? ?????????????????????0????????????????????????????????????????????????????????????Microsoft???????????? ??s???Net??t??????????? ??????????????????? ???????|???????????n?:??????????C?&????????????????????"??? ???????|?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Export ?????????????????????9??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter???????N??????3?????D45???????????????????????????????7??????42??????text?*????6P?ipojen? k m?stn? s?ti* 73??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????4Microsoft 6to4 Adapter #63????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Bind ????????? ??????? ?????????????9?????? ?N?????????????1boo??tunnel?9F9??????? ?????????????????????/??"?????p?????????????X??????1????????N?????????????????{4d36e972-e325-11ce-bfc1-08002be10318}? ????????????????s???? ????????????? ????\\?\Root#*6TO4MP#0142#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{A07E2557-6ED2-4354-9C65-6F06D8327A33}?????????????????????????? ???????:?????????????:????????????&???????????????????????? ???????-??????e7??S??ov? adresa???Root\*ISATAP\0041????????????????o??????????????Net???????*??????0????d?\D??? ???????????????????????????C??????????? .??????{?????C5D??*6to4mp??T??? ????????????????????????????$?N???????????{4d36e972-e325-11ce-bfc1-08002be10318}\0169?1c????????????????????????N?????????????????{CF859DCC-1EA5-49EF-B298-F034658C582E}???????????????y??????????????????????????? ???????r???????????????????t???????????0????????)?????????? ?????????????????????0????????????&????????????????????1??? ?????????????????????0??????*?:??? ????????????????????????????f??????????dN?????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Route ??????????????????????N???????????????????????N??????W????D.sy??Microsoft 6to4 Adapter #100??2?????t????????????????????????tu??Microsoft???????????????? P???????????????????*?????????????????Microsoft 6to4 Adapter???????????s??????????????????????????????????????? ??????????????????????????????`????????e??{88F306D9-DC07-46C4-AEF3-B063FD66F11C}??????????????????????? ???????|?????????????:????????????&???????????????????????????????????????????? ???????|?????????????:????????????&????????????????????e??P?ipojen? k m?stn? s?ti* 130??????N??????????????????????????????i?????????????????????????d????@nettun.inf,%msft%;Microsoft??????N??????0?????D10???????t??????sn??????4D??? ?????????????????????/??"?????p?g??????????????????????????????????e??????????ROOT\*6TO4MP\0103??????????????????e?????????t???????????????????????\??????tu????????????????????N?????????????????S??ov? adresa????????????????a??????????????? ???????|???????????k?:??????????M?&???????????????????????? ???????????????????????????~?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Export ?????????????????????????????????????????r???????? ?????????????Microsoft????????????r???e??????????? ??????????????64????N?????????????????????[??????????????????????????????s??????$??????????????????????????????????8?????e?7?????????????????????????????????????d??????????8?????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}?i5D????`?????????????????????????*6to4mp??n??????????????? p?????????????????{533c5b84-ec70-11d2-9505-00c04f79deaf}\0001?O0??????????????????6???????????????????????????????????????? ????????????????????N??????E?????D1?????????????????????????????????`??????????????????????????????p?????s????????\0??????? ???????|???????????i?:????????????&????????????????????8??? ???????4?????A47??Microsoft 6to4 Adapter #114??????????s??????????????un??un??????????????? ???????????????????????????????????????5???????????????t??????????????? ??int?????????????????????tunnel????????<?????????????Microsoft 6to4 Adapter Driver???? ??????????????????????????????"??? ???????????? ??????????????????tun
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0xA8 0xF3 0xF9 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Bind ?????????????n???j???????????????????????m??Net???????N????????????D????????int?????????????????????????????Typ?????{533c5b84-ec70-11d2-9505-00c04f79deaf}????????????????????????????$??????????????????????1???????????????????????????????????????????????????????????k?????????k????????????????????????{00000000-0000-0000-0000-000000000000}??6??????????????l?????????????????????????????????????A??????33???????????????????????????????0??5C??? 0????????????9????Microsoft???text????? .??????D?????66C??????P?ipojen? k m?stn? s?ti* 53???????<??????h?gMi??@volsnap.inf,%msft%;Microsoft????l?l?l?l?l?l?l?l?l?l?l??????t???????????????????? ???????????????????????????????????????????????h??????????????????????????????????????????????t????????????r???e??????????6-21-2006????????????????h??{533c5b84-ec70-11d2-9505-00c04f79deaf}\0037??"??Intel Processor Driver??????????????????????????????????????????????????????? ????????????????????$??????????????????????????????????????E?????e57??Root\*6TO4MP\0111???6to4mp.ndi????????$????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Route ????????????????? ???????????????????????????????????????????????h??????????????????????????????????????????????t????????????r???e??????????6-21-2006????????????????h??{533c5b84-ec70-11d2-9505-00c04f79deaf}\0037??"??Intel Processor Driver??????????????????????????????????????????????????????? ????????????????????$??????????????????????????????????????E?????e57??Root\*6TO4MP\0111???6to4mp.ndi????????$?????????????????Root\*6TO4MP\0115???????????????????????????????????????????????????????????? ???????3??????s"???????"??? ???????E?????"{8???????????3?????e9D???????????????????????e????????????????????????????????????????????N??????s??????????? ?????????????????????/??"?????p?2?????B-??nettun.inf???????????????t??????????????????? ???????@????????????????????$?N???????????{49E8D776-89E4-43DB-989D-3AC8AD875926}???????????????v???????s???????k???1???2????<??????2?g97????<????????g??????<????????g?????????????7???3????8??????1??????E6???????????r???e??????????????????????????????? ???????t???????t?????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Export ?????????????????????????????????t???????????????????????????????????????B??*6to4mp???????????????????`?????????????? ???????????????????????????n?????se ??tunnel??????????????????????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0157? "???????n???i???e???????????.??f,??Microsoft ISATAP Adapter #17?1??ROOT\*6TO4MP\0185???*6to4mp?e5??Microsoft?????????????N??????_??????????dr??????????????????nettun.inf??????????????????????????? ?????????????????????0??????*?:??? ???????????????????????????????d???????m???? ??????????P?ipojen? k m?stn? s?ti* 109?d???????????n??????????????m?????????????????$?????????????????ROOT\*6TO4MP\0098???????????????????????????????????????????? ??????????????????????????????<???????????? ??????????????????????????????????????????????????? ??????????????????????????????????????????????Typ?????????????????????????S??ov? adresa???? ??????????????????????????????????????????????????????????????Microsoft 6to4 Adapter Driver???? ??????????????????????????????"??? ???????????? ?????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind ???.?y????????????????????p??0???????????.???????.??? ???????,?????.???????/??????????????????????H??. ??????????????e?????/???/?????.??????????????a???????????? ???????,?????.???????/????????????????????? ???????.?????7?????~?/??"?????t???????????????? ???????.???????????.?/??????"?h?????????????h??. ???????????r?? ??? .??.???????????/???????@???j???????????????%???????j???????????????????????-???????n??? ???????.?????3???????/??"?????r???????????????? .??.?????????.?????????.???????e???.??h??????????????????????????????????????? ? ?????????%2??ACPI\PNP0C04?*PNP0C04???? ????N??.?????????D????{00000000-0000-0000-ffff-ffffffffffff}?000??? ???????.?????.?????.?/??(???$???????????????s????????????~?????.???!???-??????????????????????????ks.inf?wdmaudio.inf?????Battery??6??? ???????.???????????.?/??????"?H????????f??ACPI\ETD0001?*ETD0001????6???.?.?.???.???????????0?????????52&??? <??.???1?????EV_???????????????????????? ? ???????? ???????.?????.???????,????????????????????????0D?????.???????.?????0?0?.???.?????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route ???-?n????N??-???????????????4?4????????????????????? ???????,?????-???????/??(???????????????????s????????3???1????? ???????-?????-???????,???????????????????????????????-????? ???????-?????????????,?????????????????????y?????-????????????????????????????? ???????-?????????????0????????????????????? ???????-?????????????0????????????????????? ???????-?????????????0?????????????????????-??? ???????-?????????????0?????????????????????????-?????????????n?????6?6?????????-?????????????????6???6???6??ERS\???????????3??PC????`??6???g??????@system32\DRIVERS\pci.sys,#65536;PCI bus %1, device %2, function %3;(0,0,0)?????? ???????-?????????????/?????????????????f??? ???????-?????????????/??????????????????????s?????? ???-???????????-??? ???-?????????????????-?????8?9????? ???????-?????????????0????????????????????? ???????-?????????????0?????????? ?????????? ???????-?????????????0???????????????????????-???-???-???-???-???-???-???-???-???-???-???-???-???-???@?????????D??? ???????-?????????????0?????????? ????????????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export ???7?????????;???????????????~???~?????? ????????????6??Net??????????9??????????System??NO???????7???;???????????????j??????????????????????? 0??8??????????????????????? ???????:???????????7?,????????????&????????????????????7??? ???7??????????d???????????????? ???????7???????????7?,????????????&???????????????????????? ???7???????????????????????????????7???O??????System?fif??????? ???????:???????????7?:??????????<?&????????????????????s??? ???8?????????;??????h??7??? ??????pci\cc_0604??????7??? ???????????????????7?????????????????e????PCI standard PCI-to-PCI bridge??????@machine.inf,%pci\cc_0604.devicedesc%;PCI standard PCI-to-PCI bridge?5??? ???????.?????7???????0????????????&???????????????????????? ???????7?????7???????0???????????????????????7???????7???????7?????????????????7?????7?7??? ???????7?????7???????0?????????????????????????????7???7???????7???7???7?????7?????7?7?7?7?7?7?7?7?7?7?????????????6??????????? ?????????????7?????7????0?????^???$???????????????????? ????L??7???????????7??AHCI Link P
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind ???i?/???i?i?i?i????sW???????????????????????n??????????text?????????????????????????????????i?i?i?i????so?????? ????}?????s? ??????ri??????????????so???g?g?i?i????s???????????????????????????Volume?p6_??LegacyDriver???????? ??????????s??????<??j?????????e?????i?????????????????????i????Net??????????i??Volume???????????n???????????/???2????N??k????????D??????????n???i??????????????????????????????????????????s????????????e?????siv???????????4???????????j?k?j????N??m?????????????????????i?i??HidUsb?ver???i???????i???????p??USBSTOR?6.??srvnet???????????????c???e??USBSTOR???????6??j??????????????????????????t???????????tmtdi????????1??????????????????vo??.NTAMD64????LegacyDriver?????????????????????????r??????LR??????????????????????????????????h????i???????????l?l?l????N??j????????D??1??11???????g?i?i?i????????ROOT\mssmbios????6???i???????i???i??????????volume.inf:MSFT.NTamd64:volume_install:6.1.7600.16385:storage\volume?????????????????????????i?????????????????????i?????????????????????????i???????4???i?i???
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route ???i????Net??????????i??Volume???????????n???????????/???2????N??k????????D??????????n???i??????????????????????????????????????????s????????????e?????siv???????????4???????????j?k?j????N??m?????????????????????i?i??HidUsb?ver???i???????i???????p??USBSTOR?6.??srvnet???????????????c???e??USBSTOR???????6??j??????????????????????????t???????????tmtdi????????1??????????????????vo??.NTAMD64????LegacyDriver?????????????????????????r??????LR??????????????????????????????????h????i???????????l?l?l????N??j????????D??1??11???????g?i?i?i????????ROOT\mssmbios????6???i???????i???i??????????volume.inf:MSFT.NTamd64:volume_install:6.1.7600.16385:storage\volume?????????????????????????i?????????????????????i?????????????????????????i???????4???i?i?????????????4???????????i???t??ag??6.1.7600.16385?4?4???i?i?4????????????????????8??i??????????Microsoft Composite Battery??????i?i?????????????f??? ???????i??????????battery.inf??????i?i?????????????\??bd???????i??????????COMPBATT_Inst????i?it????????????4??? ???????i??????????.NT
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ???m?o???j???j???????????? ??8???????e??Net?????????????LegacyDriver?M???j??11????????N??????6????D784??*6to4mp?????Net??j???????????j???j?kiv???????????????????????????????????j?j?i???????????????????j?j?E??atapi_Inst????????????????????????*??????????????????????j??? ???????h?????h???????0????????????&????????????????????7??? ???????j?????????????0?????????????????????????????/???????????????????????????????????-??sF???f?j?j?j?????j???????????8?????sD-?????????????????s????Net??????????i???????9??????????ASMMAP64?????j????????????N??????????????????????????????????????i?i?i?i?i?i?i???j???????????????j???????????????????????????????j??Net??????????i???f?i?j?j?????j???????j???????e??tunnel??????????????Tcpip???????? ???????j?????j?????j?/??????????!? ???????V???????????????????????? ???????j???????????i?/????????\????????????????h???a???e???????n???????j??????????5.0.0.1??????????j???5??s0???????????????????????????C??????16???????j??????s????j????????????>??k?????g????text?????-?-?t???B???j???j?????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind ???i?i????X??k??????????volsnap???????X???????????????????????????????F??i?????g????{72631e54-78a4-11d0-bcf7-00aa00b7b32a}???????????????????????????E?????s&D???????????y???v?????i????CompositeBus???????? ????3???????????-?i?i?i????????? b????????????????????????????????s?????????????????????3???????i?i?????????????S??s1??Microsoft????????i??????s????????????????????????i???3???/????X??m???4???/???????i???????3??compositebus.inf:Microsoft.NTamd64:CompositeBus_Device:6.1.7600.16385:root\compositebus?ot???????????3???????????i???????????????????????????????i???????????????????i?i?????????????????????????i??????????6.1.7600.16385??6.???i?i?i???????????3????????2??i??????????Composite Bus Enumerator?????i?i?9????"??i???B??????compositebus.inf????{4d36e96a-e325-11ce-bfc1-08002be10318}\0001?-4???i?i?i???????????????????i?i?i???????????????????????i???3??????hal.inf??????i?i?i???????????????????????i???3??????ACPI_AMD64_HAL?HAL???i?i?i??acpiapic?????i???????????????? ??T??????p????????????????????????????s???a?????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route ???i????CompositeBus???????? ????3???????????-?i?i?i????????? b????????????????????????????????s?????????????????????3???????i?i?????????????S??s1??Microsoft????????i??????s????????????????????????i???3???/????X??m???4???/???????i???????3??compositebus.inf:Microsoft.NTamd64:CompositeBus_Device:6.1.7600.16385:root\compositebus?ot???????????3???????????i???????????????????????????????i???????????????????i?i?????????????????????????i??????????6.1.7600.16385??6.???i?i?i???????????3????????2??i??????????Composite Bus Enumerator?????i?i?9????"??i???B??????compositebus.inf????{4d36e96a-e325-11ce-bfc1-08002be10318}\0001?-4???i?i?i???????????????????i?i?i???????????????????????i???3??????hal.inf??????i?i?i???????????????????????i???3??????ACPI_AMD64_HAL?HAL???i?i?i??acpiapic?????i???????????????? ??T??????p????????????????????????????s???a???????i???1??8&??@%SystemRoot%\system32\drivers\netbt.sys,-2?????system32\drivers\nsiproxy.sys????????????????????????????????????????????????????i???????????+???????+????`??i?????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ???n?????????i???n???}?}????? ???????m?????????????/?????????????????f??????D2???n??? ???????m?????m???????0??L????????? ??????????????m???m???m??0000??? ???????m?????m???????0????????????&???????????????????????? ???????m?????m???????0????????????????????? ???????m???????????l?0????????????????????????????????t????j???t?????????????????????????????m????? ???????m?????m???????0???????????????????????m???m????? ???????m???????????l?0?????????????????????l?l?l?l?l?l?l?l?l?l?l???????i??????s??????m????? ???????m?????n???????0????????????&??????????????????????????m???m????? ???????m?????n???????0?????????????????????????n??????????????? ???????m???????????l?0?????????????????????????????<???????????e???n?n?m?n?n?n?nxnxn??? ???? n????? ???????m?????n???????0????????????????????6-21-2006???? ???????n???????????l?0????????????????????\SystemRoot\system32\DRIVERS\iaStorV.sys? ???}?}???????n????? ???????m?????n???????0???????????????????????????????????e????? ???????n???????????l?0????????$????????????????n??????p??
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Bind ???i?j???????????????????o???j??????????????t???????????????t??????????????????????????????g?????????t??*6to4mp?????? ???????t???????????i?:????????????,????????????????????????????????????????????????????????????????????t????????????????????????R??i????????h?????\SystemRoot\system32\DRIVERS\nfrd960.sys?e???n?n?n???i???????i??????p???SCSI Miniport?????V??i???????????d??nfrd960.inf_amd64_neutral_cfc8c0013e9ede68???????i?i?i?i?i?i??????N??n?????????e????nvlddmkm?j??Network??????i??????????????????????????????????????????co????(??i???i??????CompositeBus_Device??-???i?i?i???????????????3???????i??????????.NT??????i?i?i???????????3???3????$??i???3???3??root\compositebus????i?i?i???????????3???????????i??????????Microsoft????i?i?i???????????????????????????3???????i?i?i??????me??LegacyDriver????? ???i???V?????t?????????????t???????t???g?g?i?i?i???i???????????i?i?i???????????????????2?????sys??????????? ???????????8???????e???? ?????????p???Network????????????????????????????s????????????mrxsmb???????????????\???_?
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Route ???j?j???????????1???1??*6to4mp?????????????tunnel??????????Tc????X??k???????????????n???????9???1??s????????i???????????????????????????n??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?e10????N??k???t????Dd64????X??j??????????Keyboard Class Driver????????n???????????????i???n???j??????????????????????????????????? ??????????????????????????t???????????{53f3e143-4b8c-5123-ba95-d4c16c9e8c9e}?6.1?????????????????s????????????????????????Ovlada? disku?????R??j????????h?????System32\DRIVERS\srv.sys????????????????????????????????p????p?pp???@%systemroot%\system32\drivers\dfsc.sys,-101??????4??j????????h?????????????????Video Init??????????????????t????????????????????????????+??LDDM Graphics Subsystem????????????????g??????????????????????????8??????i??r????????????????????B???????o?????????n????? "??n???D?????636??????????@%systemroot%\system32\drivers\dfsc.sys,-102?????????????????????????n??????????????????\SystemRoot\System32\drivers\dxgkrnl.sys????????????????????????????p???Net?????????????????system32\DRIVERS\ET
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Export ???p?p???????s??????????????Auto????? ???????n?????p?????p?4??????$?p?W??????t??@%systemroot%\system32\eapsvc.dll,-1??????Z??p????????h?????%SystemRoot%\System32\svchost.exe -k netsvcs??????J??p?????????n????@%systemroot%\system32\eapsvc.dll,-2????? ???p??????????????????????????????????????????????t????????????????????????????p?????????????? ????????????????p???????????e??RPCSS?KeyIso??????,??p????????????????p??p??????????????????SeTcbPrivilege?SeDebugPrivilege?SeImpersonatePrivilege???????p?p?p?p?p?p?p?p?p?p?p?????????????????????????????????p???p????????? ???????p?????p???????4?????????????????s??? ???????p?????p?????p?4???????????????1???????p????? ???????p?????p???????4?? ????????????4???????p????? ???????p?????p???????4????????????????2??????p????? ???????p???????????p?4??????0?T?????1??????p????????????????:??p??????????????Windows Connect Now EAP Peer????? ?????????????????????p1????????????????????????????????????????????????????p?p?p???p?????????????????????I??????T??p?????????h????%SystemRoot%\Sy
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Bind ???ip?????X??i?????????e??????????????????????????6??i????????h??????????i??????p?????"??i??????p???File system???????^??i?????????e?????i??????????????????????? ???????t???????????i?:????????????,??????????????????????? ???????????????????????????????????????????????????????????????????????????t???@%SystemRoot%\system32\drivers\netbt.sys,-1?????????????????????Boot File System??????2??j????????h??????????????????????????????i?i?i????X??i?????????n????????????? ??te???????8??????????????t????????????e??t???System32\DRIVERS\netbt.sys???????i??? ???????t???????????i?:????????????,???????????????????????ev???????????-???????E???????????B???????0??@%SystemRoot%\system32\drivers\nsiproxy.sys,-2????????<??i????????h??????????U???a???????????d??????????????t??????????????g?????i?i?i?i?i???????????????s???????????????????????????????i??t.???????????s??????????????????????????@%SystemRoot%\system32\drivers\partmgr.sys,-100?????Boot Bus Extender?????????????????????$??i??????p???C:\ProgramData\Microsoft\MF??????????i?
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Route ???o?????o????????????????p??????j?j?o?o?o?o???????????????????n?????i?i?i?j?j?o?o?o?o?o?o?o?o????V????????????n????RPCSS??,?-??????????????t???????????????t???Global\MMF_BITS_s??????????????g??????b??o?????????n????Microsoft Composite Battery Driver?6?6???????????????????j?j?j?j?j?j?o?j?????????????????????j?j?j?j?j?o?j?o?j??System32\DRIVERS\fvevol.sys??????????????????????????????????????????????i?i?n?p????????????text?????????????????????????o???s?s?s?s?s???p?p?p??compositebus.inf_amd64_neutral_359017cc3e8461e7??????????????????????????????????#??t????????????o????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????@FirewallAPI.dll,-23505???????@FirewallAPI.dll,-23506??????????????????????????????????????????????????????????????????? ??????????? ????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P?????????????P???????????????????lA?????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Export ???n?m???????????????????B??????????????{71a27cdd-812a-11d0-bec7-08002be2092f}?163???????????t???????t????X??????&???&????:??k?????g?????????????????????????????????????B??{4d36e97d-e325-11ce-bfc1-08002be10318}???4??{4d36e97d-e325-11ce-bfc1-08002be10318}??????????????????????????tunnel????????????????N??l???N????D4:d??? l??????????????????l?l?l???????????2???????????k???????????????k??????????????? ???????j?????k?????i?/???????????? ???????D???ms_sstpminiport?????? ???????k?????????????/????????N????????????k?k?????????????s??t????k?kKB???3?????k?&????N??k???s????D??????????????????????????k???????????s??????na??machine.inf:GENDEV_SYS.NTamd64:SWENUM:6.1.7600.16385:root\swenum?E???????????????????????k???????2???????????????????????2???k?k????? ???????j?????k?????i?/????????????????????????? 4??????i???????k??? ???????k?????????????/????????N????????????k?k?k???????????????????k?k???????????k?&???????k???2???????k?k?2???????????????????????k???2??????6.1.7600.16385??6.???????????????2????R??k??????????Plug an
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Bind ???i?i??HidUsb?ver???i???????i???????p??USBSTOR?6.??srvnet???????????????c???e??USBSTOR???????6??j??????????????????????????t???????????tmtdi????????1??????????????????vo??.NTAMD64????LegacyDriver?????????????????????????r??????LR??????????????????????????????????h????i???????????l?l?l????N??j????????D??1??11???????g?i?i?i????????ROOT\mssmbios????6???i???????i???i??????????volume.inf:MSFT.NTamd64:volume_install:6.1.7600.16385:storage\volume?????????????????????????i?????????????????????i?????????????????????????i???????4???i?i?????????????4???????????i???t??ag??6.1.7600.16385?4?4???i?i?4????????????????????8??i??????????Microsoft Composite Battery??????i?i?????????????f??? ???????i??????????battery.inf??????i?i?????????????\??bd???????i??????????COMPBATT_Inst????i?it????????????4??? ???????i??????????.NT??????i?i?????????????????4????$??i???t??ag??composite_battery????i?iy????i?i?i???????????/?????/?0???????i???s??ar??ATA Channel 0????i?i?????????????????4???????i???4??????Microsoft??????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Route ???j?n?????????????g?????????n???????j??????s?????<??j?????g??????N??????s?????s?s??????90??????????????????????????????LegacyDriver?????j?j?j???l?l?l???????3???s?s?s?????????????????s????? ???k???????????.???????j???j??????????????????{8ECC055D-047F-11D1-A537-0000F8753ED1}??????Kernel Mode Driver Frameworks service????????????.??????.1????V??m???m????h?????? ???g???t???????????j???j?????????????????????????????????????????????????????s?????????????s??????gr???j?j?j???????????????f????????????N??????????????????????k??????????? ???????j?????j?????i?/???????????? ???????O?????N??j???.??????????? ???????j???????????i?/????????`???????????text????????????LegacyDriver?0???j?????????????????????j????{8ECC055D-047F-11D1-A537-0000F8753ED1}??pc???????????s??????Wi???????????j???????????B???????????-??????Net??????????j???p???????9???????e???????j??????s???? "??k???y?????r????????????????????LegacyDriver????????????&2????????????X??????????t??????????????????????11?}?D????????????????????N??l???B?????Den??Net?D2?????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Export ???n?n??Net???????6????????????e?????????????????n??tunnel?f?f?????n???n???n???n???n??BD0-4C87??? ???????t???????????n?,????????????&??????????????????????????t???n???n??}?\D??????!????????????????8???????????u???u??LocalSystem?t???????e???\Device\{C8C856C5-4512-4E2A-AFAE-EAE738430589}?\Device\{3B88A0ED-90C8-4D45-A9D6-06766CA4D353}?\Device\{F806D503-FBDB-4280-8A12-C18FE6DE5D2A}?\Device\{0175C40D-CBD0-4C87-A9E1-2007389D9B0C}?????"{C8C856C5-4512-4E2A-AFAE-EAE738430589}"?"{3B88A0ED-90C8-4D45-A9D6-06766CA4D353}"?"{F806D503-FBDB-4280-8A12-C18FE6DE5D2A}"?"{0175C40D-CBD0-4C87-A9E1-2007389D9B0C}"??????????????}????????????????????????????????????????????:???????????h??????????j??????e???system32\DRIVERS\AgileVpn.sys???????s????????t??@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100???????n???????4???????????????????????6????N??????t?????{??????X??????C??????*6to4mp??i???????????????h???:????????????????????*??n?????????e????????????????????mshome.net???????????????????????????1??-a??????.s??*pnp0000????????????????s??
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0xA8 0xF3 0xF9 ...
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Bind ???V?i????<??n?????????e?????????i??????????????????????????????????????LegacyDriver? ???? ??8???????e???? ??8???g???e??Security Driver??????????i??????p???battery.inf:Microsoft.NTamd64:COMPBATT_Inst:6.1.7600.16385:composite_battery?1??? ???????j?????i???????0????????????????????? ???????i???????????i?0?????????????????????????????????????????i???????????i?i?????i?i???????i????? ???????j?????i???????0???????????????????????j???i???i????hd??? ???????i???????????i?0????????????????????????????????? ???????????t?????dvo???i?i?i????z??????????????????????\??st???????????????????????i???????????i?iap???????????????????????i??????????Microsoft????i?i?i???????????????????????i??????????HAL??????i?i?i???????????????????????????????????i?i?i??????????????????????????????mrxsmb???????i?i?i??????`????-??????1D??{4d36e97d-e325-11ce-bfc1-08002be10318}\0004??????????i??????s????????????8??????-F???????i???????????2??????bf??????????????????????? ?????????????????d?/??{8ECC055D-047F-11D1-A537-0000F8753ED1}???????????i?????
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Route ???i?o???????????????????????????????k???????????i?i????? ???????i???????????i?0????????????????????volume_install?????????i????? ???????i?????k???????0?????????????????????????????????????????8???2?????????? ??????????s?????????i??????s???? ???????i?????i???????0?????????????????????i?i?????????????????????????????1??}????????i??? ???????????????????????i???????????i???n??????86??? ??j???????????????i?i?i?i????sC??????????? ??k??????????????? 0??k?????????n??????X?????????????*ISATAP?????????5C???????????????????????????????1???D??Net??????????????D??sM??11??????11??????????????????7????????????e??????NDProxy?? ???????i??????p???Net??????????n???????????_?????sE\???????j??Net??????????i??hamachi?????? T??n??????????? ??*6to4mp??????????????????????????????????????i???t???????????????????????.??????VgaSave???????N??k????????D??4??????????????ag???????????b??sC???????j???????.??????????E\???t???t???t??*ISATAP?????????????????????volsnap??????????j??????p???Net???????<??????a?gHo??????s:?????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Export ???j?j??LegacyDriver????LegacyDriver????Net?????MEDIA???A?????????????N??j????????D?{4??????????LegacyDriver?_??? "??j???e??????? ????X??j???&???&??Typ??????????????????????????~??int?e\???????????D??????Sp??.NTAMD64?5????N???????????D??????????????????????m???????e???e???e???????????????????????????????????/???j???????????????&???j????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Interface Un-quarantine filter?????????????????????????????????????????????????????????????????????? ??????????? ????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P?????????????P????????????????????????&???j??????????????????????????BFE???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Interface Un-quarantine filter?????????????????????????????????????????????????????????????????????????????????????? ????????
Reg HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_0ae5a84f
---- Files - GMER 1.0.15 ----
File C:\ADSM_PData_0150 0 bytes
File C:\ADSM_PData_0150\DB 0 bytes
File C:\ADSM_PData_0150\DB\SI.db 624 bytes
File C:\ADSM_PData_0150\DB\UL.db 16 bytes
File C:\ADSM_PData_0150\DB\VL.db 16 bytes
File C:\ADSM_PData_0150\DB\WAL.db 2048 bytes
File C:\ADSM_PData_0150\DragWait.exe 315392 bytes executable
File C:\ADSM_PData_0150\_avt 512 bytes
File C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_1ee3709d 0 bytes
File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nod32krn.exe_7075562bf2f703de96483421ae462828e63ad_10528729 0 bytes
File C:\Windows\Temp\TMP0000054A14B43D40F19B45F2 0 bytes
File C:\Windows\Temp\WERE5CC.tmp.resp.erc.xml 0 bytes
File C:\Windows\Temp\WERE5CD.tmp.resp 0 bytes
File C:\Windows\Temp\WEREABB.tmp.resp.erc.xml 0 bytes
File C:\Windows\Temp\WEREABC.tmp.resp 0 bytes
File C:\Windows\Temp\WEREC61.tmp.resp.erc.xml 0 bytes
File C:\Windows\Temp\WEREC71.tmp.resp 0 bytes
File C:\Windows\Temp\WERF2E6.tmp.resp.erc.xml 0 bytes
File C:\Windows\Temp\WERF2E7.tmp.resp 0 bytes
---- EOF - GMER 1.0.15 ----
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: rundll32 a svchost.exe
MBR jste nespustil tak, jak jsem psal.
Caroprd111 píše:
- Vyskočí okénko, zkopírujte do něj:
Kód: Vybrat vše
"%userprofile%\desktop\mbr" -t
- Klikněte na OK
- Vytvoří se log s názvem mbr.log, vložte ho sem.
Re: rundll32 a svchost.exe
Vše dělám dle Vašeho postupu, po zkopírování "%userprofile%\desktop\mbr" -t do okénka spustit mi naskočí jiné okénko s upozorněním zabezpečení - dám spustit => na ploše se mi objeví pouze textový dokument s obsahem zmíněným výše..
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: rundll32 a svchost.exe
Bohužel stále stejné, v procesech je rundll32 stále okolo 40x.. svchost.exe stále několikrát, využití procesoru 100% a jakmile pustim nějakou aplikaci tak se to pěkně hryže
ale i tak moc děkuju za snahu
ale i tak moc děkuju za snahu
Přispějete na provoz fóra?