Poprosil by som o kontrolu
Napsal: 28 zář 2011 18:04
info.txt logfile of random's system information tool 1.09 2011-09-28 18:59:30
======Uninstall list======
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files (x86)\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files (x86)\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_Plugin.exe -maintain plugin
ArcaniA - Gothic 4 Demo-->"E:\HRY\ArcaniA - Gothic 4 Demo\unins000.exe"
Battlefield 1942-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x9
Battlefield 2(TM)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Battlefield Play4Free-->"E:\HRY\BF4free\uninstaller.exe" "E:\HRY\BF4free\Uninstall.xml"
Battletest2 DC v2.4-->E:\HRY\LOTR-BFME 2\Uninstall.exe
Centrum zariadení Windows Mobile-->MsiExec.exe /X{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}
CloneDVD 5.5.0.4-->"C:\Program Files (x86)\CloneDVD5\unins000.exe"
COMODO Internet Security-->MsiExec.exe /I{FD8E178D-8B4E-42DA-B434-EFF270329B1C}
Crysis® 2-->MsiExec.exe /X{6033673D-2530-4587-8AD0-EB059FC263F9}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Dangerous Waters-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DCFF5D9C-C618-45C9-A61E-14A6981F28C6}\Setup.exe" Uninstall
Forgotten Hope 0.70-->E:\HRY\BF1942\Mods\FH\uninst.exe
Gothic III Release Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1998BD34-1AAB-4169-ACFF-67342E2AF9B4}\setup.exe" -l0x9 -removeonly
Gothic III-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x9 -removeonly
HD Tune Pro 4.61-->"C:\Program Files (x86)\HD Tune Pro\unins000.exe"
ImageShack Uploader 2.2.0-->MsiExec.exe /X{8BCD7AE7-F713-4D50-BAB9-7839B9386870}
Java(TM) 6 Update 27-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216027FF}
JDownloader 0.9-->C:\Program Files (x86)\JDownloader\JDUninstall.exe
Men of War-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\HRY\men of war\Uninstall\setup.exe" -l0x5
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Visual J# 2.0 Redistributable Package - SE (x64)-->C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)\install.exe
Microsoft XNA Framework Redistributable 3.0-->MsiExec.exe /I{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}
Mozilla Firefox 6.0.2 (x86 sk)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (6.0.2)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
Need For Speed Most Wanted SK-->E:\HRY\NFSMW~1\Odinštalovať NFS-MW_SK.exe
Need for Speed™ Most Wanted-->E:\HRY\NFS MW\EAUninstall.exe
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Opera 11.51-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Pán Prsteňov: Bitka o Stredozem II - Vzostup Kráľa-čarodejníka SK-->E:\HRY\BFME 2 the rise of the Witch-king\Odinštalovať PP-BoS-II_VK_SK.exe
Pán Prsteňov: Bitka o Stredozem II SK-->E:\HRY\LOTR-BFME 2\Odinštalovať PP-BoS-II_SK.exe
PunkBuster Services-->E:\HRY\BF4free\pbsvc_p4f.exe -u
Red Orchestra 2 Heroes of Stalingrad-->"E:\HRY\Red Orchestra 2 Heroes of Stalingrad\unins000.exe"
Revo Uninstaller Pro 2.5.3-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
The Battle for Middle-earth (tm) II-->E:\HRY\LOTR-BFME 2\EAUninstall.exe
The Last Hope of the Third Age-->C:\Users\Marek\AppData\Roaming\My Battle for Middle-earth(tm) II Files\Uninstall.exe
The Lord of the Rings, The Rise of the Witch-king-->E:\HRY\BFME 2 the rise of the Witch-king\EAUninstall.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
uTorrentBar2 Toolbar-->C:\Program Files (x86)\uTorrentBar2\uninstall.exe toolbar
VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Tanks v.0.6.7-->"E:\HRY\World_of_Tanks\unins000.exe"
Xfire (remove only)-->"C:\Program Files (x86)\Xfire\uninst.exe"
======System event log======
Computer Name: Marek-PC
Event Code: 43029
Message: Display is not active
Record Number: 598
Source Name: atikmdag
Time Written: 20110910102730.302000-000
Event Type: Error
User:
Computer Name: Marek-PC
Event Code: 52236
Message: CPLIB :: General - Invalid Parameter
Record Number: 597
Source Name: atikmdag
Time Written: 20110910102730.302000-000
Event Type: Error
User:
Computer Name: Marek-PC
Event Code: 3
Message: Časový limit príkazu, ktorý bol odoslaný adaptéru, uplynul. Adaptér neodpovedal.
Record Number: 504
Source Name: BTHUSB
Time Written: 20110910102327.310800-000
Event Type: Warning
User:
Computer Name: Marek-PC
Event Code: 3
Message: Časový limit príkazu, ktorý bol odoslaný adaptéru, uplynul. Adaptér neodpovedal.
Record Number: 358
Source Name: BTHUSB
Time Written: 20110910102001.574400-000
Event Type: Warning
User:
Computer Name: 37L4247E29-32
Event Code: 3
Message: Časový limit príkazu, ktorý bol odoslaný adaptéru, uplynul. Adaptér neodpovedal.
Record Number: 268
Source Name: BTHUSB
Time Written: 20110910101806.117600-000
Event Type: Warning
User:
=====Application event log=====
Computer Name: Marek-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-933273348-2423133419-2440556482-1001:
Process 492 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-933273348-2423133419-2440556482-1001
Record Number: 333
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110910110122.079400-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 225
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20110910102851.299500-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 223
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20110910102851.217000-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.
Record Number: 100
Source Name: Microsoft-Windows-Search
Time Written: 20110910102132.000000-000
Event Type: Warning
User:
Computer Name: Marek-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 1012) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
Record Number: 95
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20110910102126.312800-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE
=====Security event log=====
Computer Name: 37L4247E29-32
Event Code: 4735
Message: A security-enabled local group was changed.
Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin
Changed Attributes:
SAM Account Name: -
SID History: -
Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101557.339600-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4731
Message: A security-enabled local group was created.
Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7
New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin
Attributes:
SAM Account Name: Backup Operators
SID History: -
Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101557.324000-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4902
Message: The Per-user audit policy table was created.
Number of Elements: 0
Policy ID: 0x32843
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101556.887200-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 0
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x4
Process Name:
Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101554.141600-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows is starting up.
This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101554.048000-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=AMD64 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
-----------------EOF-----------------
======Uninstall list======
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files (x86)\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files (x86)\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_Plugin.exe -maintain plugin
ArcaniA - Gothic 4 Demo-->"E:\HRY\ArcaniA - Gothic 4 Demo\unins000.exe"
Battlefield 1942-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x9
Battlefield 2(TM)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Battlefield Play4Free-->"E:\HRY\BF4free\uninstaller.exe" "E:\HRY\BF4free\Uninstall.xml"
Battletest2 DC v2.4-->E:\HRY\LOTR-BFME 2\Uninstall.exe
Centrum zariadení Windows Mobile-->MsiExec.exe /X{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}
CloneDVD 5.5.0.4-->"C:\Program Files (x86)\CloneDVD5\unins000.exe"
COMODO Internet Security-->MsiExec.exe /I{FD8E178D-8B4E-42DA-B434-EFF270329B1C}
Crysis® 2-->MsiExec.exe /X{6033673D-2530-4587-8AD0-EB059FC263F9}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Dangerous Waters-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DCFF5D9C-C618-45C9-A61E-14A6981F28C6}\Setup.exe" Uninstall
Forgotten Hope 0.70-->E:\HRY\BF1942\Mods\FH\uninst.exe
Gothic III Release Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1998BD34-1AAB-4169-ACFF-67342E2AF9B4}\setup.exe" -l0x9 -removeonly
Gothic III-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x9 -removeonly
HD Tune Pro 4.61-->"C:\Program Files (x86)\HD Tune Pro\unins000.exe"
ImageShack Uploader 2.2.0-->MsiExec.exe /X{8BCD7AE7-F713-4D50-BAB9-7839B9386870}
Java(TM) 6 Update 27-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216027FF}
JDownloader 0.9-->C:\Program Files (x86)\JDownloader\JDUninstall.exe
Men of War-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\HRY\men of war\Uninstall\setup.exe" -l0x5
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Visual J# 2.0 Redistributable Package - SE (x64)-->C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)\install.exe
Microsoft XNA Framework Redistributable 3.0-->MsiExec.exe /I{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}
Mozilla Firefox 6.0.2 (x86 sk)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (6.0.2)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
Need For Speed Most Wanted SK-->E:\HRY\NFSMW~1\Odinštalovať NFS-MW_SK.exe
Need for Speed™ Most Wanted-->E:\HRY\NFS MW\EAUninstall.exe
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Opera 11.51-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Pán Prsteňov: Bitka o Stredozem II - Vzostup Kráľa-čarodejníka SK-->E:\HRY\BFME 2 the rise of the Witch-king\Odinštalovať PP-BoS-II_VK_SK.exe
Pán Prsteňov: Bitka o Stredozem II SK-->E:\HRY\LOTR-BFME 2\Odinštalovať PP-BoS-II_SK.exe
PunkBuster Services-->E:\HRY\BF4free\pbsvc_p4f.exe -u
Red Orchestra 2 Heroes of Stalingrad-->"E:\HRY\Red Orchestra 2 Heroes of Stalingrad\unins000.exe"
Revo Uninstaller Pro 2.5.3-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
The Battle for Middle-earth (tm) II-->E:\HRY\LOTR-BFME 2\EAUninstall.exe
The Last Hope of the Third Age-->C:\Users\Marek\AppData\Roaming\My Battle for Middle-earth(tm) II Files\Uninstall.exe
The Lord of the Rings, The Rise of the Witch-king-->E:\HRY\BFME 2 the rise of the Witch-king\EAUninstall.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
uTorrentBar2 Toolbar-->C:\Program Files (x86)\uTorrentBar2\uninstall.exe toolbar
VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Tanks v.0.6.7-->"E:\HRY\World_of_Tanks\unins000.exe"
Xfire (remove only)-->"C:\Program Files (x86)\Xfire\uninst.exe"
======System event log======
Computer Name: Marek-PC
Event Code: 43029
Message: Display is not active
Record Number: 598
Source Name: atikmdag
Time Written: 20110910102730.302000-000
Event Type: Error
User:
Computer Name: Marek-PC
Event Code: 52236
Message: CPLIB :: General - Invalid Parameter
Record Number: 597
Source Name: atikmdag
Time Written: 20110910102730.302000-000
Event Type: Error
User:
Computer Name: Marek-PC
Event Code: 3
Message: Časový limit príkazu, ktorý bol odoslaný adaptéru, uplynul. Adaptér neodpovedal.
Record Number: 504
Source Name: BTHUSB
Time Written: 20110910102327.310800-000
Event Type: Warning
User:
Computer Name: Marek-PC
Event Code: 3
Message: Časový limit príkazu, ktorý bol odoslaný adaptéru, uplynul. Adaptér neodpovedal.
Record Number: 358
Source Name: BTHUSB
Time Written: 20110910102001.574400-000
Event Type: Warning
User:
Computer Name: 37L4247E29-32
Event Code: 3
Message: Časový limit príkazu, ktorý bol odoslaný adaptéru, uplynul. Adaptér neodpovedal.
Record Number: 268
Source Name: BTHUSB
Time Written: 20110910101806.117600-000
Event Type: Warning
User:
=====Application event log=====
Computer Name: Marek-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-933273348-2423133419-2440556482-1001:
Process 492 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-933273348-2423133419-2440556482-1001
Record Number: 333
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110910110122.079400-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 225
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20110910102851.299500-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 223
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20110910102851.217000-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.
Record Number: 100
Source Name: Microsoft-Windows-Search
Time Written: 20110910102132.000000-000
Event Type: Warning
User:
Computer Name: Marek-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 1012) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
Record Number: 95
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20110910102126.312800-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE
=====Security event log=====
Computer Name: 37L4247E29-32
Event Code: 4735
Message: A security-enabled local group was changed.
Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin
Changed Attributes:
SAM Account Name: -
SID History: -
Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101557.339600-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4731
Message: A security-enabled local group was created.
Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7
New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin
Attributes:
SAM Account Name: Backup Operators
SID History: -
Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101557.324000-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4902
Message: The Per-user audit policy table was created.
Number of Elements: 0
Policy ID: 0x32843
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101556.887200-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 0
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x4
Process Name:
Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101554.141600-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows is starting up.
This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110910101554.048000-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=AMD64 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
-----------------EOF-----------------
