Pekne zdravím toto vzdelané osadenstvo, chcel by som vás poprosiť o pomoc.
Nechtiac som klikol na jeden banner, keď som googlil a spustil sa mi automaticky nejaký screensaver, následne mi Eset nahodil 5hlášok o vyliečení, potreboval reštart ale nejaké hlášky ešte ostali...
Win. 7 64bit Home, Eset Endpoint všetko legál... Vďaka za pomoc
Prikladám úvodný RSIT log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Marek at 2013-01-26 20:47:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 138 GB (48%) free of 286 GB
Total RAM: 8078 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:49, on 26. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe
C:\Windows\syswow64\svchost.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files\trend micro\Marek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3220468
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe"
O4 - HKLM\..\Policies\Explorer\Run: [17277] C:\PROGRA~3\LOCALS~1\Temp\mskvvlzwx.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3058332585-1744576660-1299546663-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3058332585-1744576660-1299546663-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Program Files\Prey\platform\windows\cronsvc.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 14061 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 33649264
\??\C:\Windows\system32\conhost.exe "366440939-166230319283968460-916991051133532076-442982853-376803390-1861626688
/QuitInfo:000000000000048C;0000000000000490; /AddRef;
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Prey\platform\windows\cronsvc.exe"
"C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
WLIDSvcM.exe 2824
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {A6083B5D-DAAE-4F2F-8E19-B8EBACC5121B}
/QuitInfo:00000000000007D4;00000000000007D8; /AddRef;
/QuitInfo:00000000000007B8;00000000000007E0;
C:\Windows\Explorer.EXE
/loadhooks /Parent:0000000000000EBC
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe"
ATKOSD.exe
WDC.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe"
"C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE" -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDGesture.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\syswow64\svchost.exe
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a3c04c4d-ea99-4663-aef4-c41f524c6079 -SystemEventPortName:HostProcess-6ff014b1-92e6-4ec5-a888-97074eaa1e3c -IoCancelEventPortName:HostProcess-443d3470-1578-4472-a3cc-14c1a9ce230e -NonStateChangingEventPortName:HostProcess-b92bfa12-24ff-42b4-aed9-59da3a450f67 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f0457e63-ffe8-42cb-8738-907fc624f5cb -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\igfxpers.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Marek\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-05 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-05 155384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-22 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-22 398616]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-02-19 2661672]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-12-20 11406608]
"egui"=C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [2012-07-04 4133072]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"17277"=C:\PROGRA~3\LOCALS~1\Temp\mskvvlzwx.exe [2009-07-14 79872]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"SoftAuto.exe"=C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-07 102568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-12-18 38112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-12-05 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-02-21 12452456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2012-10-18 752736]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-02-24 3331312]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-07 291608]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-19 2319536]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25 322208]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-06-19 174752]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
""= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"17277"=C:\PROGRA~3\LOCALS~1\Temp\mskvvlzwx.exe [2009-07-14 79872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-22 430080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=1
"SynchronousUserGroupPolicy"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Marek\46357865364647353\winsvc.exe"="C:\Users\Marek\46357865364647353\winsvc.exe:*:Enabled:Microsoft Windows Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-01-26 20:47:46 ----D---- C:\rsit
2013-01-26 20:47:46 ----D---- C:\Program Files\trend micro
2013-01-26 20:39:42 ----D---- C:\ProgramData\Local Settings
2013-01-26 20:39:34 ----AH---- C:\Users\Marek\AppData\Roaming\winsvcns.sys
2013-01-22 21:21:23 ----D---- C:\Users\Marek\AppData\Roaming\XnView
2013-01-18 16:18:47 ----D---- C:\ProgramData\GoldWave
2013-01-18 15:58:12 ----D---- C:\Program Files (x86)\GoldWave
2013-01-15 18:34:35 ----D---- C:\Users\Marek\AppData\Roaming\ICQ
2013-01-15 18:34:29 ----D---- C:\Program Files (x86)\ICQ7M
2013-01-08 19:15:40 ----A---- C:\Windows\system32\msxml6.dll
2013-01-08 19:15:39 ----A---- C:\Windows\system32\msxml3.dll
2013-01-08 19:15:38 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-08 19:15:38 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-08 19:15:27 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-08 19:15:26 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-08 19:15:26 ----A---- C:\Windows\system32\kernel32.dll
2013-01-08 19:15:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-08 19:15:24 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-08 19:15:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-08 19:15:24 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-08 19:15:24 ----A---- C:\Windows\system32\wow64win.dll
2013-01-08 19:15:24 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-08 19:15:24 ----A---- C:\Windows\system32\wow64.dll
2013-01-08 19:15:24 ----A---- C:\Windows\system32\winsrv.dll
2013-01-08 19:15:24 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-08 19:15:24 ----A---- C:\Windows\system32\conhost.exe
2013-01-08 19:15:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-08 19:15:23 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-08 19:15:22 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-08 19:15:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-08 19:15:20 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-08 19:15:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-08 19:15:20 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-08 19:15:19 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-08 19:15:00 ----A---- C:\Windows\system32\Wpc.dll
2013-01-08 19:14:59 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-08 19:14:59 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-08 19:14:59 ----A---- C:\Windows\system32\gameux.dll
2013-01-08 19:14:36 ----A---- C:\Windows\system32\win32k.sys
2013-01-08 19:14:35 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-08 19:14:35 ----A---- C:\Windows\system32\usp10.dll
2013-01-08 19:14:35 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-08 19:14:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-08 19:14:32 ----A---- C:\Windows\system32\win32spl.dll
2013-01-08 19:14:31 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-08 19:14:31 ----A---- C:\Windows\system32\taskhost.exe
2013-01-08 08:50:07 ----HD---- C:\ProgramData\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2013-01-08 08:49:53 ----HD---- C:\ProgramData\{B7FA0661-862B-4AE4-A12A-F08D226ED546}
2013-01-05 22:49:22 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-01-05 22:46:16 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-01-05 22:46:16 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-01-05 22:46:16 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-01-05 22:46:16 ----A---- C:\Windows\system32\nvoglv64.dll
2013-01-05 22:46:16 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2013-01-05 22:46:16 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-01-05 22:46:15 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-01-05 22:46:15 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-01-05 22:46:15 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-01-05 22:46:15 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-01-05 22:46:15 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-01-05 22:46:15 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-01-05 22:46:15 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-01-05 22:46:15 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-01-05 22:46:15 ----A---- C:\Windows\system32\nvopencl.dll
2013-01-05 22:46:15 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-01-05 22:46:15 ----A---- C:\Windows\system32\nvcuvid.dll
2013-01-05 22:46:15 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-01-05 22:46:15 ----A---- C:\Windows\system32\nvcuda.dll
2013-01-05 22:46:15 ----A---- C:\Windows\system32\nvcompiler.dll
2013-01-05 22:45:09 ----D---- C:\NVIDIA
2013-01-04 19:03:40 ----A---- C:\Windows\SYSWOW64\TempWmicBatchFile.bat
2013-01-04 19:02:42 ----D---- C:\Program Files\Prey
2013-01-04 17:00:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-04 17:00:21 ----D---- C:\Windows\system32\Macromed
2013-01-03 21:53:40 ----D---- C:\Users\Marek\AppData\Roaming\Opera
2013-01-03 21:53:37 ----D---- C:\Program Files (x86)\Opera
2012-12-29 16:35:25 ----D---- C:\ProgramData\ArcSoft
2012-12-29 16:35:05 ----D---- C:\Program Files (x86)\ArcSoft
2012-12-29 16:34:35 ----D---- C:\Users\Marek\AppData\Roaming\ArcSoft
======List of files/folders modified in the last 1 months======
2013-01-26 20:47:48 ----D---- C:\Windows\Temp
2013-01-26 20:47:46 ----RD---- C:\Program Files
2013-01-26 20:45:48 ----D---- C:\Windows\SoftwareDistribution
2013-01-26 20:44:36 ----D---- C:\Windows
2013-01-26 20:44:30 ----D---- C:\Users\Marek\AppData\Roaming\DAEMON Tools Lite
2013-01-26 20:44:29 ----D---- C:\Users\Marek\AppData\Roaming\uTorrent
2013-01-26 20:44:15 ----D---- C:\Windows\Prefetch
2013-01-26 20:44:15 ----D---- C:\Windows\inf
2013-01-26 20:44:11 ----D---- C:\Windows\debug
2013-01-26 20:44:11 ----A---- C:\Windows\SYSWOW64\log.txt
2013-01-26 20:42:48 ----A---- C:\IFRToolLog.txt
2013-01-26 20:42:30 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2013-01-26 20:42:30 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-01-26 20:42:01 ----D---- C:\Windows\system32\config
2013-01-26 20:39:42 ----HD---- C:\ProgramData
2013-01-26 20:39:41 ----SD---- C:\Users\Marek\AppData\Roaming\Microsoft
2013-01-25 22:13:35 ----SHD---- C:\System Volume Information
2013-01-25 13:04:49 ----D---- C:\Users\Marek\AppData\Roaming\vlc
2013-01-23 07:41:48 ----D---- C:\Windows\System32
2013-01-23 07:41:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-21 23:09:41 ----D---- C:\Hry
2013-01-21 11:16:34 ----D---- C:\ProgramData\Asus
2013-01-21 09:42:54 ----D---- C:\Users\Marek\AppData\Roaming\Dropbox
2013-01-18 21:14:09 ----A---- C:\Windows\wcx_ftp.ini
2013-01-18 16:01:49 ----RD---- C:\Program Files (x86)
2013-01-18 11:03:16 ----AD---- C:\ProgramData\Temp
2013-01-15 18:34:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-14 17:57:35 ----D---- C:\Users\Marek\AppData\Roaming\Nero
2013-01-11 10:40:04 ----SHD---- C:\Windows\Installer
2013-01-11 10:39:00 ----D---- C:\Windows\SysWOW64
2013-01-09 00:58:50 ----D---- C:\Windows\rescache
2013-01-08 20:21:31 ----RSD---- C:\Windows\assembly
2013-01-08 20:21:31 ----D---- C:\Windows\Microsoft.NET
2013-01-08 19:31:09 ----D---- C:\Windows\winsxs
2013-01-08 19:27:50 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-01-08 19:27:47 ----D---- C:\Windows\system32\sk-SK
2013-01-08 19:27:31 ----D---- C:\Windows\AppPatch
2013-01-08 19:26:54 ----D---- C:\ProgramData\Microsoft Help
2013-01-08 19:26:29 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-01-08 19:21:13 ----A---- C:\Windows\system32\MRT.exe
2013-01-08 19:14:24 ----D---- C:\Windows\system32\catroot
2013-01-08 19:14:23 ----D---- C:\Windows\system32\catroot2
2013-01-08 08:50:06 ----D---- C:\Program Files (x86)\Creative
2013-01-07 22:14:26 ----D---- C:\Windows\system32\Tasks
2013-01-05 22:50:57 ----D---- C:\Windows\SYSWOW64\NV
2013-01-05 22:50:56 ----D---- C:\Windows\system32\NV
2013-01-05 22:50:55 ----D---- C:\ProgramData\NVIDIA
2013-01-05 22:49:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-01-05 22:47:34 ----D---- C:\Windows\system32\drivers
2013-01-05 22:47:24 ----D---- C:\Windows\system32\DriverStore
2013-01-04 21:24:03 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-01-04 19:31:02 ----D---- C:\Program Files (x86)\ASUS
2013-01-04 17:00:28 ----D---- C:\Windows\Tasks
2012-12-30 11:25:42 ----D---- C:\Windows\system32\wdi
2012-12-29 16:36:26 ----D---- C:\Users\Marek\AppData\Roaming\NVIDIA
2012-12-29 16:35:04 ----D---- C:\Program Files (x86)\Common Files
2012-12-29 14:03:53 ----D---- C:\ProgramData\YTD Video Downloader
2012-12-29 11:34:47 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvumdshimx.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvinitx.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvdispgenco64.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvdispco64.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvapi64.dll
2012-12-29 09:40:27 ----A---- C:\Windows\system32\nvsvc64.dll
2012-12-29 09:40:27 ----A---- C:\Windows\system32\nvcpl.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvvsvc.exe
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvsvcr.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvshext.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvmctray.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nv3dappshextr.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nv3dappshext.dll
2012-12-27 01:56:49 ----D---- C:\Windows\Logs
2012-12-27 01:56:40 ----D---- C:\Program Files\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-12-23 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-07 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-12-29 30648]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-04 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-07-10 213416]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-29 152136]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-29 140752]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys [2012-04-12 35968]
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys [2012-04-12 16512]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-22 14692224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-03-06 4763112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-07 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-07 787736]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2011-12-21 25496]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-01-09 11416576]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2011-12-28 292456]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-14 48488]
S3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-12-21 34200]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-09-16 39528]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-12 135952]
R2 CronService;Cron Service for Prey; C:\Program Files\Prey\platform\windows\cronsvc.exe [2012-11-28 23552]
R2 CTDevice_Srv;CT Device Query service; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2012-07-04 999704]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-12-08 618256]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-29 277784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-29 884152]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-12-08 148752]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 251400]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-22 276248]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2012-07-04 35720]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2012-07-04 190208]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-19 1044816]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-14 1492840]
S3 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-04 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Eset hlási kopu súborov
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Eset hlási kopu súborov
Naposledy upravil(a) Mc_Murphy dne 26 led 2013 21:04, celkem upraveno 1 x.
Důvod: Log odstraněn z [Code].
Důvod: Log odstraněn z [Code].
Re: Eset hlási kopu súborov
info.txt logfile of random's system information tool 1.08 2013-01-26 20:47:50
======Uninstall list======
„Windows Live Essentials“-->MsiExec.exe /I{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}
„Windows Live Mail“-->MsiExec.exe /I{2720009D-9566-45A7-A370-0E6DAC313F3F}
„Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis-->MsiExec.exe /I{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}
„Windows Live Messenger“-->MsiExec.exe /X{122800FE-3AAF-4974-9FBD-54B023FA756A}
„Windows Live“ fotogalerija-->MsiExec.exe /X{C877E454-FA36-409A-A00E-1240CEC61BBD}
-->"C:\Program Files (x86)\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->"C:\ProgramData\{26D901A1-2540-4430-81DC-0317F01BD7BE}\setup.exe" REMOVE=TRUE MODIFY=FALSE
-->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Abacus UAV Predator for FSX-->MsiExec.exe /X{5F1B0E61-396D-4E09-AC6B-04BD33284D3E}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex
Adobe Reader X (10.1.5) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Aerosoft's - Aerosoft Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}\setup.exe" -runfromtemp -l0x0409 -removeonly
Aerosoft's - DHC-6 Twin Otter X-->C:\Program Files (x86)\InstallShield Installation Information\{3A8DED06-80E7-4555-AA1F-FF4A2A4D353C}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
Aerosoft's - F-16 Fighting Falcon-->C:\Program Files (x86)\InstallShield Installation Information\{A663BED9-978C-4A04-82A3-3029245055BE}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - Lukla X - Mount Everest Mission-->C:\Program Files (x86)\InstallShield Installation Information\{794BF30D-0035-497B-B1C4-A41454483019}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Lukla X - Mount Everest-->C:\Program Files (x86)\InstallShield Installation Information\{EF32F291-8B08-43EF-8BAA-58B9F8C9540F}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
Aerosoft's - PBY Catalina X-->C:\Program Files (x86)\InstallShield Installation Information\{00606438-902C-4280-84DD-E665911DFBE1}\setup.exe -runfromtemp -l0x0009 -removeonly
Aerosoft's - Twin Otter X - Mission Pack-->C:\Program Files (x86)\InstallShield Installation Information\{E0BF8C31-2745-4186-A08D-05401FC95AE3}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
Aktualizácie NVIDIA 1.11.3-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{26D78D8D-E39D-468E-93DF-C7ABB125DB89}\NVI2.DLL",UninstallPackage Display.Update
ALABEO C188B AGTRUCK FSX-->C:\Hry\FSX\Uninstall_C188.exe
ArcSoft Panorama Maker 6-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E9CBC8FA-BF1F-4956-8B75-0D314682FE5F}\Setup.exe" -l0x9
ASUS FaceLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Instant Connect-->MsiExec.exe /I{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS USB Charger Plus-->MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS Virtual Touch-->MsiExec.exe /I{938CFBD4-0652-49E5-BB8B-153948865941}
ASUS_Scr_K_multiColor_noSound-->C:\Windows\ASUS_Scr_K_multiColor_noSound Uninstaller.exe
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Camtasia Studio 7-->MsiExec.exe /I{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}
Carenado C208B Grand Caravan-->C:\Hry\FSX\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Creative Centrale-->"C:\ProgramData\{B7FA0661-862B-4AE4-A12A-F08D226ED546}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
Creative Centrale-->C:\ProgramData\{B7FA0661-862B-4AE4-A12A-F08D226ED546}\Setup.exe
Creative MediaSource 5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove
Creative Software Update-->C:\ProgramData\{26D901A1-2540-4430-81DC-0317F01BD7BE}\setup.exe
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{1CC63C2F-8C54-4C99-8805-FBD1216B303F}" "1051" "0"
Easy CD-DA Extractor 16-->"C:\Program Files\Easy CD-DA Extractor 16\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 16\irunin.xml"
ETDWare PS/2-X64 10.5.9.0-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Fast Boot-->MsiExec.exe /I{13F4A7F3-EABC-4261-AF6B-1317777F0755}
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
GoldWave v5.67-->"C:\Program Files (x86)\GoldWave\unstall.exe" "GoldWave v5.67" "C:\Program Files (x86)\GoldWave\unstall.log"
Google Earth-->MsiExec.exe /X{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
High-Definition Video Playback-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
HP LaserJet P1000 series-->C:\Program Files (x86)\Avago-HP\{164a05b4-d90b-463b-86dd-c7a7a33fe105}\uninstall.exe SYSTEMHORNET "C:\Program Files (x86)\Avago-HP\{164a05b4-d90b-463b-86dd-c7a7a33fe105}"
HPSSupply-->MsiExec.exe /X{7902E313-FF0F-4493-ACB1-A8147B78DCD0}
ICQ7M-->"C:\Program Files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
InstantOn for NB-->MsiExec.exe /I{749F674B-2674-47E8-879C-5626A06B2A91}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Manageability Engine Firmware Recovery Agent-->MsiExec.exe /X{A6C48A9F-694A-4234-B3AA-62590B668927}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) OpenCL CPU Runtime-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed-->MsiExec.exe /X{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intel(R) WiDi-->MsiExec.exe /X{93F34C5C-ACAA-48F3-9B26-70359A117F12}
Intel® PROSet/Wireless WiFi Software-->MsiExec.exe /I{DF7756DD-656A-45C3-BA71-74673E8259A9}
Intel® Trusted Connect Service Client-->MsiExec.exe /X{09536BA1-E498-4CC3-B834-D884A67D7E34}
Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217009FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Kontrola Windows Live Mesh ActiveX za daljinske veze-->MsiExec.exe /I{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave-->MsiExec.exe /I{CA227A9D-09BE-4BFB-9764-48FED2DA5454}
Logitech Gaming Software 5.10-->MsiExec.exe /X{1444D2EE-C7AD-44A8-844F-2634B49353D1}
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Flight Simulator X: Acceleration-->C:\Windows\SysWOW64\msiexec.exe /qb /l*vx "%TEMP%\FlightSimUninstall.log" /uninstall {A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X: Acceleration-->MsiExec.exe /I{A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{9527A496-5DF9-412A-ADC7-168BA5379CA6}
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{70A3169E-288F-454F-A08D-20DF66639B50}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{0242505C-4E90-407F-9299-B5B275F50D86}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040E-1000-0000000FF1CE}" "{70A6C738-452C-4999-9780-B2C23339711D}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-041B-1000-0000000FF1CE}" "{8F7BCAD4-B6E7-485B-AA1A-F1D702A6A0CD}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-041B-1000-0000000FF1CE}" "{D5B1D4C9-AF5A-4653-AB6D-D8AFFBE363AC}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-1000-0000000FF1CE}" "{4A62DCE9-94CF-491F-B8EF-B5E3396F2421}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" "1051" "0"
Microsoft Office Access MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0015-041B-1000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0016-041B-1000-0000000FF1CE}
Microsoft Office Groove MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00BA-041B-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0044-041B-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00A1-041B-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001A-041B-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0018-041B-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2010-->MsiExec.exe /X{90140000-001F-040E-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2010-->MsiExec.exe /X{90140000-002C-041B-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0019-041B-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0043-041B-1000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2010-->MsiExec.exe /X{90140000-006E-041B-1000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001B-041B-1000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
MrvlUsgTracking-->MsiExec.exe /I{A82D052A-0806-42DF-80CD-1730A1AC0ED3}
MrvlUsgTracking64-->MsiExec.exe /I{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
myBitCast 1.0.0.3-->C:\Program Files\Windows Sidebar\Gadgets\myBitCast.Gadget\uninst.exe
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
NVIDIA Grafický ovládač 310.90-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{26D78D8D-E39D-468E-93DF-C7ABB125DB89}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
NVIDIA Softvér systému s podporou technológie PhysX 9.12.1031-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{26D78D8D-E39D-468E-93DF-C7ABB125DB89}\NVI2.DLL",UninstallPackage Display.PhysX
O&O Defrag Professional-->MsiExec.exe /I{BC39713D-B14D-4BB0-9663-BC9F7B8AB1F2}
OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
Opera 12.12-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia-->MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}
PMDG 737 8900 NGX-->C:\Program Files (x86)\InstallShield Installation Information\{20708FD5-E94D-4097-A21E-E28564CDBC06}\setup.exe -runfromtemp -l0x0009 -removeonly
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
QualityWings Ultimate 757 Collection FSX 1.2.2-->"C:\Hry\FSX\unins000.exe"
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{D2EC0616-5207-48E4-8AC2-478F107EF383}" "1051" "0"
Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{CE5FC4A7-94EC-40C7-B292-673DBA671209}" "1051" "0"
Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{5131017A-63D7-4B4D-9A15-C704C91177B2}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{527AC538-7A51-40A5-89D7-5C1FEBBEA4C3}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{C4BF81CC-3786-4CE4-9D9F-DD393678B9EC}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{0F6C4F72-6084-437B-9B35-F59B09E3C1B0}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7C04E5C7-C747-43DE-B648-09B97811D93E}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{297E6E47-5F6E-4DD8-B880-75944B5C1C7C}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{2B4B504B-6620-4FFD-94CB-3D640AB3FCD2}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{19B568F6-93AF-4C11-A085-7277ADEF8F04}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{19B568F6-93AF-4C11-A085-7277ADEF8F04}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{9DAE52D2-834F-4743-ABF7-DEBAB9A932E5}" "1051" "0"
Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{3E112FB8-14E5-4088-80AC-574FC376BCFE}" "1051" "0"
Security Update for Microsoft Visio 2010 (KB2687508) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{89993390-4A0D-4351-91E0-B43E20F5617D}" "1051" "0"
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{36B568AE-78F1-45EF-A7BF-EF0419904A21}" "1051" "0"
Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{000B67CC-2C25-46AA-8D02-752BB0DD6D86}" "1051" "0"
Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053}
Take On Helicopters-->C:\Hry\TakeOn Helicopters\Take On Helicopters\UnInstall.exe
The Neverhood-->C:\Hry\Neverhood\setup95.exe /uninstall
Total Commander 64-bit (Remove or Repair)-->c:\Program Files\TotalCMD\tcunin64.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{57CEB66B-DD29-4883-92A2-671331657B52}" "1051" "0"
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-041B-1000-0000000FF1CE}" "{E636FE63-842B-4F4B-9884-DA189ACC0B91}" "1051" "0"
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E636FE63-842B-4F4B-9884-DA189ACC0B91}" "1051" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1051" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1051" "0"
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}" "1051" "0"
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{2B00A738-659A-4E52-9391-D334FA0E64CB}" "1051" "0"
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-1000-0000000FF1CE}" "{AB834256-CB7C-46B3-9D53-CF1742BBC21D}" "1051" "0"
Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}" "1051" "0"
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{2D507B6C-B472-447F-B61F-8EF54D9893A5}" "1051" "0"
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}" "1051" "0"
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{7750DF63-F5DC-4198-8B8B-AE03B212F462}" "1051" "0"
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7750DF63-F5DC-4198-8B8B-AE03B212F462}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-041B-1000-0000000FF1CE}" "{E48FF507-2CD8-4574-99B1-DC0BE8CC19A0}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A3E1581D-1628-43DB-98B6-84ACE7E74AAD}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{A3E1581D-1628-43DB-98B6-84ACE7E74AAD}" "1051" "0"
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{4E854C1C-590F-4B1C-A524-79782A2D99F8}" "1051" "0"
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{57DCA0CF-8734-4468-9A3A-E6B1A760B02B}" "1051" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{C3F39DA8-301B-4212-B8C1-05FBB5C666B0}" "1051" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7861C766-2AA2-4A50-AB75-A57D451CEA76}" "1051" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E1757044-ECB2-4551-B1D5-5E39F7E109CE}" "1051" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E1757044-ECB2-4551-B1D5-5E39F7E109CE}" "1051" "0"
VLC media player 2.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows 7 Manager-->MsiExec.exe /I{58C51FD0-B9BA-4D1F-8E11-F56C2FF604EA}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}
Windows Live Essentials-->MsiExec.exe /I{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}
Windows Live Essentials-->MsiExec.exe /I{A1668729-C4D2-49AE-877B-FB608362FFF1}
Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}
Windows Live Family Safety-->MsiExec.exe /I{03E5CBD3-73E3-410D-890D-D3F48B2653A6}
Windows Live Family Safety-->MsiExec.exe /I{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}
Windows Live Family Safety-->MsiExec.exe /I{0F872589-F781-4EAF-9CBC-BF6A9809F17D}
Windows Live Family Safety-->MsiExec.exe /I{19E42E62-8C05-42DE-9DC4-C606F9F8927B}
Windows Live Family Safety-->MsiExec.exe /I{1E8F990F-A140-47D4-B266-402E9CF96FC3}
Windows Live Family Safety-->MsiExec.exe /I{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}
Windows Live Family Safety-->MsiExec.exe /I{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}
Windows Live Family Safety-->MsiExec.exe /I{5708148D-3A0E-4587-8311-DFCFA33F4D92}
Windows Live Family Safety-->MsiExec.exe /I{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}
Windows Live Family Safety-->MsiExec.exe /I{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}
Windows Live Family Safety-->MsiExec.exe /I{B96C4CA9-FA40-490C-B3BB-50F84A44694E}
Windows Live Family Safety-->MsiExec.exe /I{BCA3DCDA-170A-44DB-A888-78105ABACF43}
Windows Live Family Safety-->MsiExec.exe /I{D8F30372-43E3-4720-ABDE-11C95E562B71}
Windows Live Family Safety-->MsiExec.exe /X{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}
Windows Live fotoattelu galerija-->MsiExec.exe /X{CF936193-C584-458C-B793-15FA945621AF}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Foto-galerija-->MsiExec.exe /X{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}
Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{180C8888-50F1-426B-A9DC-AB83A1989C65}
Windows Live Mail-->MsiExec.exe /I{0B80A0FD-755A-4796-BFB0-A7B07366F33A}
Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail-->MsiExec.exe /I{F66430D8-08E6-4C96-B9B7-90E66E27D58C}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh ActiveX kontrola za daljinske veze-->MsiExec.exe /I{8985AE5E-622A-4980-8BF8-0A1830643220}
Windows Live Mesh ActiveX vadikla attalajiem savienojumiem-->MsiExec.exe /I{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}
Windows Live Mesh ActiveX-i juhtelement kaugühendustele-->MsiExec.exe /I{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz-->MsiExec.exe /I{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}
Windows Live Mesh-->MsiExec.exe /I{0A093C39-CBB3-4142-B93F-562F176B6305}
Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh-->MsiExec.exe /I{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{EAB1BDF2-734A-4D44-9169-7615D185C974}
Windows Live Mesh-->MsiExec.exe /I{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}
Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}
Windows Live Messenger-->MsiExec.exe /X{2F54E453-8C93-4B3B-936A-233C909E6CAC}
Windows Live Messenger-->MsiExec.exe /X{A3389C72-1782-4BB4-BBAA-33345DE52E3F}
Windows Live Messenger-->MsiExec.exe /X{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}
Windows Live Messenger-->MsiExec.exe /X{BD0C3887-64E6-41D8-9A38-BC6F34369352}
Windows Live Messenger-->MsiExec.exe /X{BD215FCB-27E8-4C86-9251-8B8C1D548743}
Windows Live Messenger-->MsiExec.exe /X{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Messenger-->MsiExec.exe /X{E9AD2143-26D5-4201-BED1-19DCC03B407D}
Windows Live Messenger-->MsiExec.exe /X{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}
Windows Live Messenger-->MsiExec.exe /X{F35DC85A-E96B-496B-ABE7-F04192824856}
Windows Live Messenger-->MsiExec.exe /X{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}
Windows Live Messenger-->MsiExec.exe /X{FA20D803-14E5-4B00-8F03-B519D46F9D4A}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}
Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker-->MsiExec.exe /X{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{1168ECF1-2932-4E86-BC83-560C256C8022}
Windows Live Photo Common-->MsiExec.exe /X{442032CB-900C-49C7-B4B4-2B76525DD403}
Windows Live Photo Common-->MsiExec.exe /X{5D163056-96B7-440F-A836-89BA5D3CFF2F}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Pošta-->MsiExec.exe /I{517EAAB9-C35E-4949-B8C2-20C241162BBB}
Windows Live Remote Client Resources-->MsiExec.exe /I{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}
Windows Live Remote Client Resources-->MsiExec.exe /I{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}
Windows Live Remote Client Resources-->MsiExec.exe /I{2F304EF4-0C31-47F4-8557-0641AAE4197C}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client Resources-->MsiExec.exe /I{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}
Windows Live Remote Client Resources-->MsiExec.exe /I{5F44A3A1-5D24-4708-8776-66B42B174C64}
Windows Live Remote Client Resources-->MsiExec.exe /I{641B32DB-8226-4250-86C9-34671162F5D5}
Windows Live Remote Client Resources-->MsiExec.exe /I{78654366-5889-4A70-90D9-04B00709EEE0}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client Resources-->MsiExec.exe /I{B680A663-1A15-47A5-A07C-7DF9A97558B7}
Windows Live Remote Client Resources-->MsiExec.exe /I{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}
Windows Live Remote Client Resources-->MsiExec.exe /I{ED421F97-E1C3-4E78-9F54-A53888215D58}
Windows Live Remote Client Resources-->MsiExec.exe /I{F0793412-6407-4870-9A8C-6FE198A4EB12}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}
Windows Live Remote Service Resources-->MsiExec.exe /I{29CFD07F-4971-41B0-B14D-621ACCC264AC}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service Resources-->MsiExec.exe /I{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}
Windows Live Remote Service Resources-->MsiExec.exe /I{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}
Windows Live Remote Service Resources-->MsiExec.exe /I{61407251-7F7D-4303-810D-226A04D5CFF3}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service Resources-->MsiExec.exe /I{6A2482BC-733A-404A-939A-2D5BC636E6F9}
Windows Live Remote Service Resources-->MsiExec.exe /I{97A295A7-8840-4B35-BB61-27A8F4512CA3}
Windows Live Remote Service Resources-->MsiExec.exe /I{9E9C960F-7F47-46D5-A95D-950B354DE2B8}
Windows Live Remote Service Resources-->MsiExec.exe /I{D157C6E7-5847-4FD1-BEDC-7389493874F6}
Windows Live Remote Service Resources-->MsiExec.exe /I{D3E4F422-7E0F-49C7-8B00-F42490D7A385}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2CC0789D-D31B-445F-8970-6E058BE39754}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{545192D4-E817-4EAA-834D-623EA50CF268}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{826A9D28-CAB2-4950-8AAA-B639DCA444CE}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources-->MsiExec.exe /X{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}
Windows Live Writer Resources-->MsiExec.exe /X{77DAF553-291A-4471-988C-5677D90DB57E}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources-->MsiExec.exe /X{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}
Windows Live Writer Resources-->MsiExec.exe /X{D987098B-3AD4-4E88-B80E-CF27A32D1955}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{047377C9-C74B-4345-82E8-03BAE5DF2C32}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer-->MsiExec.exe /X{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}
Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer-->MsiExec.exe /X{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live'i fotogalerii-->MsiExec.exe /X{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Wireless Console 3-->MsiExec.exe /I{19EA33FB-B34E-40EA-8B8A-61743AEB795A}
World of Tanks-->"C:\Hry\World_of_Tanks\unins000.exe"
XnView 1.99.5-->"C:\Program Files (x86)\XnView\unins000.exe"
YTD Video Downloader 3.9.6-->"C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe"
Zoner Photo Studio 15-->"C:\Program Files\Zoner\Photo Studio 15\unins000.exe"
??????????? ?? Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}
======System event log======
Computer Name: Marek-PC
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.
Record Number: 3575
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121204185429.048879-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 10002
Message: Modul WLAN Extensibility Module sa zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Record Number: 3574
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121204185429.033279-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 11
Message: Načítavajú sa vlastné knižnice dynamických prepojení pre všetky aplikácie. Správca systému by mal skontrolovať zoznam knižníc a zistiť, či patria dôveryhodným aplikáciám.
Record Number: 3455
Source Name: Microsoft-Windows-Wininit
Time Written: 20121205035204.951704-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.
Record Number: 3433
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121205035042.319808-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 10002
Message: Modul WLAN Extensibility Module sa zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Record Number: 3430
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121205035042.288608-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: Marek-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
5 user registry handles leaked from \Registry\User\S-1-5-21-3058332585-1744576660-1299546663-1001:
Process 1396 (\Device\HarddiskVolume3\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001
Process 1396 (\Device\HarddiskVolume3\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001
Process 1396 (\Device\HarddiskVolume3\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001
Process 756 (\Device\HarddiskVolume3\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001
Process 1396 (\Device\HarddiskVolume3\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001\Software\Microsoft\Windows\CurrentVersion\Explorer
Record Number: 2059
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20121204190550.638268-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 2044
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20121204190054.018947-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 2042
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20121204190053.894147-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3086
Message: The system locale has changed. Existing data will be deleted and the index must be recreated.
Context: Application, SystemIndex Catalog
Record Number: 2025
Source Name: Microsoft-Windows-Search
Time Written: 20121204185825.000000-000
Event Type: Warning
User:
Computer Name: Marek-PC
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.
Record Number: 1989
Source Name: Microsoft-Windows-Search
Time Written: 20121204185402.000000-000
Event Type: Warning
User:
=====Security event log=====
Computer Name: WIN-RSJUB0BQUBU
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: WIN-RSJUB0BQUBU$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x2f0
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4268
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121205035039.449403-000
Event Type: Audit Success
User:
Computer Name: WIN-RSJUB0BQUBU
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 4267
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121205035037.967400-000
Event Type: Audit Success
User:
Computer Name: WIN-RSJUB0BQUBU
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: WIN-RSJUB0BQUBU$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x2f0
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4266
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121205035037.967400-000
Event Type: Audit Success
User:
Computer Name: WIN-RSJUB0BQUBU
Event Code: 4738
Message: A user account was changed.
Subject:
Security ID: S-1-5-21-3058332585-1744576660-1299546663-500
Account Name: Administrator
Account Domain: WIN-RSJUB0BQUBU
Logon ID: 0x38896
Target Account:
Security ID: S-1-5-21-3058332585-1744576660-1299546663-500
Account Name: Administrator
Account Domain: WIN-RSJUB0BQUBU
Changed Attributes:
SAM Account Name: -
Display Name: -
User Principal Name: -
Home Directory: -
Home Drive: -
Script Path: -
Profile Path: -
User Workstations: -
Password Last Set: -
Account Expires: -
Primary Group ID: -
AllowedToDelegateTo: -
Old UAC Value: 0x211
New UAC Value: 0x211
User Account Control: -
User Parameters: -
SID History: -
Logon Hours: -
Additional Information:
Privileges: -
Record Number: 4265
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121205035035.845797-000
Event Type: Audit Success
User:
Computer Name: WIN-RSJUB0BQUBU
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-3058332585-1744576660-1299546663-500
Account Name: Administrator
Domain Name: WIN-RSJUB0BQUBU
Logon ID: 0x38896
Record Number: 4264
Source Name: Microsoft-Windows-Eventlog
Time Written: 20121205035030.916188-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%systemroot%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"configsetroot"=%SystemRoot%\ConfigSetRoot
-----------------EOF-----------------
======Uninstall list======
„Windows Live Essentials“-->MsiExec.exe /I{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}
„Windows Live Mail“-->MsiExec.exe /I{2720009D-9566-45A7-A370-0E6DAC313F3F}
„Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis-->MsiExec.exe /I{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}
„Windows Live Messenger“-->MsiExec.exe /X{122800FE-3AAF-4974-9FBD-54B023FA756A}
„Windows Live“ fotogalerija-->MsiExec.exe /X{C877E454-FA36-409A-A00E-1240CEC61BBD}
-->"C:\Program Files (x86)\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->"C:\ProgramData\{26D901A1-2540-4430-81DC-0317F01BD7BE}\setup.exe" REMOVE=TRUE MODIFY=FALSE
-->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Abacus UAV Predator for FSX-->MsiExec.exe /X{5F1B0E61-396D-4E09-AC6B-04BD33284D3E}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex
Adobe Reader X (10.1.5) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Aerosoft's - Aerosoft Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}\setup.exe" -runfromtemp -l0x0409 -removeonly
Aerosoft's - DHC-6 Twin Otter X-->C:\Program Files (x86)\InstallShield Installation Information\{3A8DED06-80E7-4555-AA1F-FF4A2A4D353C}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
Aerosoft's - F-16 Fighting Falcon-->C:\Program Files (x86)\InstallShield Installation Information\{A663BED9-978C-4A04-82A3-3029245055BE}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - Lukla X - Mount Everest Mission-->C:\Program Files (x86)\InstallShield Installation Information\{794BF30D-0035-497B-B1C4-A41454483019}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Lukla X - Mount Everest-->C:\Program Files (x86)\InstallShield Installation Information\{EF32F291-8B08-43EF-8BAA-58B9F8C9540F}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
Aerosoft's - PBY Catalina X-->C:\Program Files (x86)\InstallShield Installation Information\{00606438-902C-4280-84DD-E665911DFBE1}\setup.exe -runfromtemp -l0x0009 -removeonly
Aerosoft's - Twin Otter X - Mission Pack-->C:\Program Files (x86)\InstallShield Installation Information\{E0BF8C31-2745-4186-A08D-05401FC95AE3}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
Aktualizácie NVIDIA 1.11.3-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{26D78D8D-E39D-468E-93DF-C7ABB125DB89}\NVI2.DLL",UninstallPackage Display.Update
ALABEO C188B AGTRUCK FSX-->C:\Hry\FSX\Uninstall_C188.exe
ArcSoft Panorama Maker 6-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E9CBC8FA-BF1F-4956-8B75-0D314682FE5F}\Setup.exe" -l0x9
ASUS FaceLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Instant Connect-->MsiExec.exe /I{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS USB Charger Plus-->MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS Virtual Touch-->MsiExec.exe /I{938CFBD4-0652-49E5-BB8B-153948865941}
ASUS_Scr_K_multiColor_noSound-->C:\Windows\ASUS_Scr_K_multiColor_noSound Uninstaller.exe
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Camtasia Studio 7-->MsiExec.exe /I{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}
Carenado C208B Grand Caravan-->C:\Hry\FSX\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Creative Centrale-->"C:\ProgramData\{B7FA0661-862B-4AE4-A12A-F08D226ED546}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
Creative Centrale-->C:\ProgramData\{B7FA0661-862B-4AE4-A12A-F08D226ED546}\Setup.exe
Creative MediaSource 5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove
Creative Software Update-->C:\ProgramData\{26D901A1-2540-4430-81DC-0317F01BD7BE}\setup.exe
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{1CC63C2F-8C54-4C99-8805-FBD1216B303F}" "1051" "0"
Easy CD-DA Extractor 16-->"C:\Program Files\Easy CD-DA Extractor 16\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 16\irunin.xml"
ETDWare PS/2-X64 10.5.9.0-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Fast Boot-->MsiExec.exe /I{13F4A7F3-EABC-4261-AF6B-1317777F0755}
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
GoldWave v5.67-->"C:\Program Files (x86)\GoldWave\unstall.exe" "GoldWave v5.67" "C:\Program Files (x86)\GoldWave\unstall.log"
Google Earth-->MsiExec.exe /X{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
High-Definition Video Playback-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
HP LaserJet P1000 series-->C:\Program Files (x86)\Avago-HP\{164a05b4-d90b-463b-86dd-c7a7a33fe105}\uninstall.exe SYSTEMHORNET "C:\Program Files (x86)\Avago-HP\{164a05b4-d90b-463b-86dd-c7a7a33fe105}"
HPSSupply-->MsiExec.exe /X{7902E313-FF0F-4493-ACB1-A8147B78DCD0}
ICQ7M-->"C:\Program Files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
InstantOn for NB-->MsiExec.exe /I{749F674B-2674-47E8-879C-5626A06B2A91}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Manageability Engine Firmware Recovery Agent-->MsiExec.exe /X{A6C48A9F-694A-4234-B3AA-62590B668927}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) OpenCL CPU Runtime-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed-->MsiExec.exe /X{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intel(R) WiDi-->MsiExec.exe /X{93F34C5C-ACAA-48F3-9B26-70359A117F12}
Intel® PROSet/Wireless WiFi Software-->MsiExec.exe /I{DF7756DD-656A-45C3-BA71-74673E8259A9}
Intel® Trusted Connect Service Client-->MsiExec.exe /X{09536BA1-E498-4CC3-B834-D884A67D7E34}
Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217009FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Kontrola Windows Live Mesh ActiveX za daljinske veze-->MsiExec.exe /I{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave-->MsiExec.exe /I{CA227A9D-09BE-4BFB-9764-48FED2DA5454}
Logitech Gaming Software 5.10-->MsiExec.exe /X{1444D2EE-C7AD-44A8-844F-2634B49353D1}
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Flight Simulator X: Acceleration-->C:\Windows\SysWOW64\msiexec.exe /qb /l*vx "%TEMP%\FlightSimUninstall.log" /uninstall {A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X: Acceleration-->MsiExec.exe /I{A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{9527A496-5DF9-412A-ADC7-168BA5379CA6}
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{70A3169E-288F-454F-A08D-20DF66639B50}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{0242505C-4E90-407F-9299-B5B275F50D86}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040E-1000-0000000FF1CE}" "{70A6C738-452C-4999-9780-B2C23339711D}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-041B-1000-0000000FF1CE}" "{8F7BCAD4-B6E7-485B-AA1A-F1D702A6A0CD}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-041B-1000-0000000FF1CE}" "{D5B1D4C9-AF5A-4653-AB6D-D8AFFBE363AC}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-1000-0000000FF1CE}" "{4A62DCE9-94CF-491F-B8EF-B5E3396F2421}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-041B-1000-0000000FF1CE}" "{81C439F3-C0CB-4E02-B316-EFF566C1701B}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" "1051" "0"
Microsoft Office Access MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0015-041B-1000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0016-041B-1000-0000000FF1CE}
Microsoft Office Groove MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00BA-041B-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0044-041B-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00A1-041B-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001A-041B-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0018-041B-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2010-->MsiExec.exe /X{90140000-001F-040E-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2010-->MsiExec.exe /X{90140000-002C-041B-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0019-041B-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0043-041B-1000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2010-->MsiExec.exe /X{90140000-006E-041B-1000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001B-041B-1000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
MrvlUsgTracking-->MsiExec.exe /I{A82D052A-0806-42DF-80CD-1730A1AC0ED3}
MrvlUsgTracking64-->MsiExec.exe /I{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
myBitCast 1.0.0.3-->C:\Program Files\Windows Sidebar\Gadgets\myBitCast.Gadget\uninst.exe
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
NVIDIA Grafický ovládač 310.90-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{26D78D8D-E39D-468E-93DF-C7ABB125DB89}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
NVIDIA Softvér systému s podporou technológie PhysX 9.12.1031-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{26D78D8D-E39D-468E-93DF-C7ABB125DB89}\NVI2.DLL",UninstallPackage Display.PhysX
O&O Defrag Professional-->MsiExec.exe /I{BC39713D-B14D-4BB0-9663-BC9F7B8AB1F2}
OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
Opera 12.12-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia-->MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}
PMDG 737 8900 NGX-->C:\Program Files (x86)\InstallShield Installation Information\{20708FD5-E94D-4097-A21E-E28564CDBC06}\setup.exe -runfromtemp -l0x0009 -removeonly
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
QualityWings Ultimate 757 Collection FSX 1.2.2-->"C:\Hry\FSX\unins000.exe"
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{D2EC0616-5207-48E4-8AC2-478F107EF383}" "1051" "0"
Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{CE5FC4A7-94EC-40C7-B292-673DBA671209}" "1051" "0"
Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{5131017A-63D7-4B4D-9A15-C704C91177B2}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{527AC538-7A51-40A5-89D7-5C1FEBBEA4C3}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{C4BF81CC-3786-4CE4-9D9F-DD393678B9EC}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{0F6C4F72-6084-437B-9B35-F59B09E3C1B0}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7C04E5C7-C747-43DE-B648-09B97811D93E}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{297E6E47-5F6E-4DD8-B880-75944B5C1C7C}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{2B4B504B-6620-4FFD-94CB-3D640AB3FCD2}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{19B568F6-93AF-4C11-A085-7277ADEF8F04}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{19B568F6-93AF-4C11-A085-7277ADEF8F04}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{9DAE52D2-834F-4743-ABF7-DEBAB9A932E5}" "1051" "0"
Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{3E112FB8-14E5-4088-80AC-574FC376BCFE}" "1051" "0"
Security Update for Microsoft Visio 2010 (KB2687508) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{89993390-4A0D-4351-91E0-B43E20F5617D}" "1051" "0"
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{36B568AE-78F1-45EF-A7BF-EF0419904A21}" "1051" "0"
Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{000B67CC-2C25-46AA-8D02-752BB0DD6D86}" "1051" "0"
Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053}
Take On Helicopters-->C:\Hry\TakeOn Helicopters\Take On Helicopters\UnInstall.exe
The Neverhood-->C:\Hry\Neverhood\setup95.exe /uninstall
Total Commander 64-bit (Remove or Repair)-->c:\Program Files\TotalCMD\tcunin64.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{57CEB66B-DD29-4883-92A2-671331657B52}" "1051" "0"
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-041B-1000-0000000FF1CE}" "{E636FE63-842B-4F4B-9884-DA189ACC0B91}" "1051" "0"
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E636FE63-842B-4F4B-9884-DA189ACC0B91}" "1051" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1051" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1051" "0"
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}" "1051" "0"
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{2B00A738-659A-4E52-9391-D334FA0E64CB}" "1051" "0"
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-1000-0000000FF1CE}" "{AB834256-CB7C-46B3-9D53-CF1742BBC21D}" "1051" "0"
Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}" "1051" "0"
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{2D507B6C-B472-447F-B61F-8EF54D9893A5}" "1051" "0"
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}" "1051" "0"
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{7750DF63-F5DC-4198-8B8B-AE03B212F462}" "1051" "0"
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7750DF63-F5DC-4198-8B8B-AE03B212F462}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-041B-1000-0000000FF1CE}" "{E48FF507-2CD8-4574-99B1-DC0BE8CC19A0}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A3E1581D-1628-43DB-98B6-84ACE7E74AAD}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{A3E1581D-1628-43DB-98B6-84ACE7E74AAD}" "1051" "0"
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{4E854C1C-590F-4B1C-A524-79782A2D99F8}" "1051" "0"
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{57DCA0CF-8734-4468-9A3A-E6B1A760B02B}" "1051" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{C3F39DA8-301B-4212-B8C1-05FBB5C666B0}" "1051" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7861C766-2AA2-4A50-AB75-A57D451CEA76}" "1051" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E1757044-ECB2-4551-B1D5-5E39F7E109CE}" "1051" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E1757044-ECB2-4551-B1D5-5E39F7E109CE}" "1051" "0"
VLC media player 2.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows 7 Manager-->MsiExec.exe /I{58C51FD0-B9BA-4D1F-8E11-F56C2FF604EA}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}
Windows Live Essentials-->MsiExec.exe /I{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}
Windows Live Essentials-->MsiExec.exe /I{A1668729-C4D2-49AE-877B-FB608362FFF1}
Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}
Windows Live Family Safety-->MsiExec.exe /I{03E5CBD3-73E3-410D-890D-D3F48B2653A6}
Windows Live Family Safety-->MsiExec.exe /I{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}
Windows Live Family Safety-->MsiExec.exe /I{0F872589-F781-4EAF-9CBC-BF6A9809F17D}
Windows Live Family Safety-->MsiExec.exe /I{19E42E62-8C05-42DE-9DC4-C606F9F8927B}
Windows Live Family Safety-->MsiExec.exe /I{1E8F990F-A140-47D4-B266-402E9CF96FC3}
Windows Live Family Safety-->MsiExec.exe /I{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}
Windows Live Family Safety-->MsiExec.exe /I{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}
Windows Live Family Safety-->MsiExec.exe /I{5708148D-3A0E-4587-8311-DFCFA33F4D92}
Windows Live Family Safety-->MsiExec.exe /I{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}
Windows Live Family Safety-->MsiExec.exe /I{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}
Windows Live Family Safety-->MsiExec.exe /I{B96C4CA9-FA40-490C-B3BB-50F84A44694E}
Windows Live Family Safety-->MsiExec.exe /I{BCA3DCDA-170A-44DB-A888-78105ABACF43}
Windows Live Family Safety-->MsiExec.exe /I{D8F30372-43E3-4720-ABDE-11C95E562B71}
Windows Live Family Safety-->MsiExec.exe /X{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}
Windows Live fotoattelu galerija-->MsiExec.exe /X{CF936193-C584-458C-B793-15FA945621AF}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Foto-galerija-->MsiExec.exe /X{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}
Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{180C8888-50F1-426B-A9DC-AB83A1989C65}
Windows Live Mail-->MsiExec.exe /I{0B80A0FD-755A-4796-BFB0-A7B07366F33A}
Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail-->MsiExec.exe /I{F66430D8-08E6-4C96-B9B7-90E66E27D58C}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh ActiveX kontrola za daljinske veze-->MsiExec.exe /I{8985AE5E-622A-4980-8BF8-0A1830643220}
Windows Live Mesh ActiveX vadikla attalajiem savienojumiem-->MsiExec.exe /I{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}
Windows Live Mesh ActiveX-i juhtelement kaugühendustele-->MsiExec.exe /I{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz-->MsiExec.exe /I{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}
Windows Live Mesh-->MsiExec.exe /I{0A093C39-CBB3-4142-B93F-562F176B6305}
Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh-->MsiExec.exe /I{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{EAB1BDF2-734A-4D44-9169-7615D185C974}
Windows Live Mesh-->MsiExec.exe /I{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}
Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}
Windows Live Messenger-->MsiExec.exe /X{2F54E453-8C93-4B3B-936A-233C909E6CAC}
Windows Live Messenger-->MsiExec.exe /X{A3389C72-1782-4BB4-BBAA-33345DE52E3F}
Windows Live Messenger-->MsiExec.exe /X{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}
Windows Live Messenger-->MsiExec.exe /X{BD0C3887-64E6-41D8-9A38-BC6F34369352}
Windows Live Messenger-->MsiExec.exe /X{BD215FCB-27E8-4C86-9251-8B8C1D548743}
Windows Live Messenger-->MsiExec.exe /X{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Messenger-->MsiExec.exe /X{E9AD2143-26D5-4201-BED1-19DCC03B407D}
Windows Live Messenger-->MsiExec.exe /X{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}
Windows Live Messenger-->MsiExec.exe /X{F35DC85A-E96B-496B-ABE7-F04192824856}
Windows Live Messenger-->MsiExec.exe /X{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}
Windows Live Messenger-->MsiExec.exe /X{FA20D803-14E5-4B00-8F03-B519D46F9D4A}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}
Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker-->MsiExec.exe /X{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{1168ECF1-2932-4E86-BC83-560C256C8022}
Windows Live Photo Common-->MsiExec.exe /X{442032CB-900C-49C7-B4B4-2B76525DD403}
Windows Live Photo Common-->MsiExec.exe /X{5D163056-96B7-440F-A836-89BA5D3CFF2F}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Pošta-->MsiExec.exe /I{517EAAB9-C35E-4949-B8C2-20C241162BBB}
Windows Live Remote Client Resources-->MsiExec.exe /I{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}
Windows Live Remote Client Resources-->MsiExec.exe /I{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}
Windows Live Remote Client Resources-->MsiExec.exe /I{2F304EF4-0C31-47F4-8557-0641AAE4197C}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client Resources-->MsiExec.exe /I{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}
Windows Live Remote Client Resources-->MsiExec.exe /I{5F44A3A1-5D24-4708-8776-66B42B174C64}
Windows Live Remote Client Resources-->MsiExec.exe /I{641B32DB-8226-4250-86C9-34671162F5D5}
Windows Live Remote Client Resources-->MsiExec.exe /I{78654366-5889-4A70-90D9-04B00709EEE0}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client Resources-->MsiExec.exe /I{B680A663-1A15-47A5-A07C-7DF9A97558B7}
Windows Live Remote Client Resources-->MsiExec.exe /I{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}
Windows Live Remote Client Resources-->MsiExec.exe /I{ED421F97-E1C3-4E78-9F54-A53888215D58}
Windows Live Remote Client Resources-->MsiExec.exe /I{F0793412-6407-4870-9A8C-6FE198A4EB12}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}
Windows Live Remote Service Resources-->MsiExec.exe /I{29CFD07F-4971-41B0-B14D-621ACCC264AC}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service Resources-->MsiExec.exe /I{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}
Windows Live Remote Service Resources-->MsiExec.exe /I{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}
Windows Live Remote Service Resources-->MsiExec.exe /I{61407251-7F7D-4303-810D-226A04D5CFF3}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service Resources-->MsiExec.exe /I{6A2482BC-733A-404A-939A-2D5BC636E6F9}
Windows Live Remote Service Resources-->MsiExec.exe /I{97A295A7-8840-4B35-BB61-27A8F4512CA3}
Windows Live Remote Service Resources-->MsiExec.exe /I{9E9C960F-7F47-46D5-A95D-950B354DE2B8}
Windows Live Remote Service Resources-->MsiExec.exe /I{D157C6E7-5847-4FD1-BEDC-7389493874F6}
Windows Live Remote Service Resources-->MsiExec.exe /I{D3E4F422-7E0F-49C7-8B00-F42490D7A385}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2CC0789D-D31B-445F-8970-6E058BE39754}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{545192D4-E817-4EAA-834D-623EA50CF268}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{826A9D28-CAB2-4950-8AAA-B639DCA444CE}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources-->MsiExec.exe /X{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}
Windows Live Writer Resources-->MsiExec.exe /X{77DAF553-291A-4471-988C-5677D90DB57E}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources-->MsiExec.exe /X{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}
Windows Live Writer Resources-->MsiExec.exe /X{D987098B-3AD4-4E88-B80E-CF27A32D1955}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{047377C9-C74B-4345-82E8-03BAE5DF2C32}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer-->MsiExec.exe /X{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}
Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer-->MsiExec.exe /X{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live'i fotogalerii-->MsiExec.exe /X{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Wireless Console 3-->MsiExec.exe /I{19EA33FB-B34E-40EA-8B8A-61743AEB795A}
World of Tanks-->"C:\Hry\World_of_Tanks\unins000.exe"
XnView 1.99.5-->"C:\Program Files (x86)\XnView\unins000.exe"
YTD Video Downloader 3.9.6-->"C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe"
Zoner Photo Studio 15-->"C:\Program Files\Zoner\Photo Studio 15\unins000.exe"
??????????? ?? Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}
======System event log======
Computer Name: Marek-PC
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.
Record Number: 3575
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121204185429.048879-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 10002
Message: Modul WLAN Extensibility Module sa zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Record Number: 3574
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121204185429.033279-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 11
Message: Načítavajú sa vlastné knižnice dynamických prepojení pre všetky aplikácie. Správca systému by mal skontrolovať zoznam knižníc a zistiť, či patria dôveryhodným aplikáciám.
Record Number: 3455
Source Name: Microsoft-Windows-Wininit
Time Written: 20121205035204.951704-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.
Record Number: 3433
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121205035042.319808-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 10002
Message: Modul WLAN Extensibility Module sa zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Record Number: 3430
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121205035042.288608-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: Marek-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
5 user registry handles leaked from \Registry\User\S-1-5-21-3058332585-1744576660-1299546663-1001:
Process 1396 (\Device\HarddiskVolume3\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001
Process 1396 (\Device\HarddiskVolume3\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001
Process 1396 (\Device\HarddiskVolume3\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001
Process 756 (\Device\HarddiskVolume3\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001
Process 1396 (\Device\HarddiskVolume3\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3058332585-1744576660-1299546663-1001\Software\Microsoft\Windows\CurrentVersion\Explorer
Record Number: 2059
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20121204190550.638268-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 2044
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20121204190054.018947-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 2042
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20121204190053.894147-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Marek-PC
Event Code: 3086
Message: The system locale has changed. Existing data will be deleted and the index must be recreated.
Context: Application, SystemIndex Catalog
Record Number: 2025
Source Name: Microsoft-Windows-Search
Time Written: 20121204185825.000000-000
Event Type: Warning
User:
Computer Name: Marek-PC
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.
Record Number: 1989
Source Name: Microsoft-Windows-Search
Time Written: 20121204185402.000000-000
Event Type: Warning
User:
=====Security event log=====
Computer Name: WIN-RSJUB0BQUBU
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: WIN-RSJUB0BQUBU$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x2f0
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4268
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121205035039.449403-000
Event Type: Audit Success
User:
Computer Name: WIN-RSJUB0BQUBU
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 4267
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121205035037.967400-000
Event Type: Audit Success
User:
Computer Name: WIN-RSJUB0BQUBU
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: WIN-RSJUB0BQUBU$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x2f0
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4266
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121205035037.967400-000
Event Type: Audit Success
User:
Computer Name: WIN-RSJUB0BQUBU
Event Code: 4738
Message: A user account was changed.
Subject:
Security ID: S-1-5-21-3058332585-1744576660-1299546663-500
Account Name: Administrator
Account Domain: WIN-RSJUB0BQUBU
Logon ID: 0x38896
Target Account:
Security ID: S-1-5-21-3058332585-1744576660-1299546663-500
Account Name: Administrator
Account Domain: WIN-RSJUB0BQUBU
Changed Attributes:
SAM Account Name: -
Display Name: -
User Principal Name: -
Home Directory: -
Home Drive: -
Script Path: -
Profile Path: -
User Workstations: -
Password Last Set: -
Account Expires: -
Primary Group ID: -
AllowedToDelegateTo: -
Old UAC Value: 0x211
New UAC Value: 0x211
User Account Control: -
User Parameters: -
SID History: -
Logon Hours: -
Additional Information:
Privileges: -
Record Number: 4265
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121205035035.845797-000
Event Type: Audit Success
User:
Computer Name: WIN-RSJUB0BQUBU
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-3058332585-1744576660-1299546663-500
Account Name: Administrator
Domain Name: WIN-RSJUB0BQUBU
Logon ID: 0x38896
Record Number: 4264
Source Name: Microsoft-Windows-Eventlog
Time Written: 20121205035030.916188-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%systemroot%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"configsetroot"=%SystemRoot%\ConfigSetRoot
-----------------EOF-----------------
Naposledy upravil(a) Mc_Murphy dne 26 led 2013 21:05, celkem upraveno 1 x.
Důvod: Log odstraněn z [Code].
Důvod: Log odstraněn z [Code].
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Eset hlási kopu súborov
Zdravím!
Poprosím o log ComboFix:
Poprosím o log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Eset hlási kopu súborov
Vďaka a rýchlu reakciu 
ComboFix 13-01-26.02 - Marek . 01. 2013 21:25:59.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.8078.6396 [GMT 1:00]
Running from: c:\users\Marek\Desktop\ComboFix.exe
AV: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\programdata\Roaming
c:\users\Marek\46357865364647353
c:\windows\msvcr71.dll
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2012-12-26 to 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2013-01-26 20:30 . 2013-01-26 20:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-26 20:30 . 2013-01-26 20:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-26 19:47 . 2013-01-26 19:47 -------- d-----w- C:\rsit
2013-01-26 19:47 . 2013-01-26 19:47 -------- d-----w- c:\program files\trend micro
2013-01-26 19:39 . 2013-01-26 19:39 -------- d-----w- c:\programdata\Local Settings
2013-01-26 19:39 . 2013-01-26 19:41 0 ---ha-w- c:\users\Marek\AppData\Roaming\winsvcns.sys
2013-01-25 21:13 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE28F970-BF0D-440C-BF51-C1D2B3810933}\mpengine.dll
2013-01-22 20:21 . 2013-01-22 20:24 -------- d-----w- c:\users\Marek\AppData\Roaming\XnView
2013-01-18 15:18 . 2013-01-18 15:18 -------- d-----w- c:\programdata\GoldWave
2013-01-18 14:58 . 2013-01-18 14:58 -------- d-----w- c:\program files (x86)\GoldWave
2013-01-15 17:34 . 2013-01-20 21:49 -------- d-----w- c:\users\Marek\AppData\Roaming\ICQ
2013-01-15 17:34 . 2013-01-15 17:35 -------- d-----w- c:\program files (x86)\ICQ7M
2013-01-08 18:14 . 2012-12-07 13:15 2746368 ----a-w- c:\windows\system32\gameux.dll
2013-01-08 07:50 . 2013-01-08 07:50 -------- d--h--w- c:\programdata\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2013-01-08 07:49 . 2013-01-08 07:49 -------- d--h--w- c:\programdata\{B7FA0661-862B-4AE4-A12A-F08D226ED546}
2013-01-05 21:49 . 2013-01-05 21:49 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-01-05 21:45 . 2013-01-05 21:45 -------- d-----w- C:\NVIDIA
2013-01-04 18:03 . 2013-01-26 20:25 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
2013-01-04 18:02 . 2013-01-06 23:45 -------- d-----w- c:\program files\Prey
2013-01-04 16:00 . 2013-01-08 20:09 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-04 16:00 . 2013-01-08 20:09 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-04 16:00 . 2013-01-04 16:00 -------- d-----w- c:\windows\system32\Macromed
2013-01-03 20:53 . 2013-01-03 20:53 -------- d-----w- c:\users\Marek\AppData\Local\Opera
2013-01-03 20:53 . 2013-01-03 20:53 -------- d-----w- c:\program files (x86)\Opera
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\programdata\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\users\Marek\AppData\Local\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\program files (x86)\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2012-12-29 15:34 . 2012-12-29 15:35 -------- d-----w- c:\users\Marek\AppData\Roaming\ArcSoft
2012-12-29 15:34 . 2002-07-25 15:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-12-29 15:34 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-12-29 15:34 . 2001-09-05 03:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-12-29 15:34 . 2001-09-05 03:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-12-29 15:34 . 2001-09-05 03:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 20:10 . 2012-12-04 18:57 380 ----a-w- c:\users\Marek\AppData\Roaming\sp_data.sys
2013-01-08 18:21 . 2012-12-04 19:34 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-29 10:34 . 2012-12-05 03:34 1107592 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-12-05 03:34 246024 ----a-w- c:\windows\system32\nvinitx.dll
2012-12-29 10:34 . 2012-12-05 03:34 201728 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-12-29 10:34 . 2012-12-05 03:34 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 10:34 . 2012-12-05 03:34 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-08 10:42 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 08:40 . 2012-12-05 03:35 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2012-12-05 03:35 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-12-05 03:35 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2012-12-05 03:35 997816 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-29 08:40 . 2012-12-05 03:35 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2012-12-05 03:35 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2012-12-05 03:35 55736 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-29 08:40 . 2012-12-05 03:35 2558392 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2012-12-05 03:35 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-16 17:11 . 2012-12-20 20:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-20 20:04 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-20 20:04 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-20 20:04 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-09 09:56 . 2012-12-09 09:56 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-09 09:56 . 2012-12-09 09:56 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-12-09 09:56 . 2012-12-09 09:56 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-09 09:56 . 2012-12-09 09:56 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-12-05 03:45 . 2012-12-05 03:45 80512 ----a-w- c:\windows\ASUS_Scr_K_multiColor_noSound Uninstaller.exe
2012-12-05 03:45 . 2012-12-05 03:45 3058304 ----a-w- c:\windows\AsScrPro.exe
2012-12-04 23:12 . 2012-12-04 23:12 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-04 23:11 . 2012-12-04 23:12 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-04 23:11 . 2012-12-04 23:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-04 22:48 . 2012-12-04 22:48 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-12-04 21:10 . 2012-12-04 21:10 614400 ----a-w- c:\windows\AutoKMS.exe
2012-12-04 20:54 . 2012-12-04 20:54 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-04 20:47 . 2012-12-04 20:33 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-12-04 19:08 . 2011-03-29 02:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-30 04:45 . 2013-01-08 18:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-11 20:19 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-11 20:19 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-11 20:19 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-11 20:19 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-11 20:19 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-11 20:19 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-11 20:19 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-11 20:19 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-11 20:19 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-11 20:19 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-11 20:19 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-11 20:19 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-11 20:19 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-11 20:19 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-11 20:19 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-11 20:19 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-11 20:19 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-11 20:19 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-11 20:19 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-11 20:19 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-11 20:19 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-11 20:19 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-11 20:16 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-11 20:16 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-11 20:16 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-11 20:16 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-07 291608]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"17277"="c:\progra~3\LOCALS~1\Temp\mskvvlzwx.exe" [2009-07-14 79872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2012-07-04 190208]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-12-21 34200]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-07 16152]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-29 30648]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-04 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-07-10 213416]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-29 152136]
S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-09-16 39528]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-04 379520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-12 135952]
S2 CronService;Cron Service for Prey;c:\program files\Prey\platform\windows\cronsvc.exe [2012-11-28 23552]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2012-07-04 999704]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-29 140752]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys [2012-04-11 35968]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys [2012-04-11 16512]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-07 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-07 787736]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-12-21 25496]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys [2011-12-28 292456]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-23 21:49 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-04 20:09]
.
2013-01-26 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2012-12-04 21:10]
.
2012-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 11:40]
.
2012-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 11:40]
.
2013-01-26 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 21:41]
.
2013-01-26 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 21:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-22 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-22 398616]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-02-19 2661672]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
"egui"="c:\program files\ESET\ESET Endpoint Antivirus\egui.exe" [2012-07-04 4133072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3220468
mStart Page = hxxp://asus.msn.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 158.193.86.1 158.193.86.5
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3058332585-1744576660-1299546663-1001\Software\SecuROM\License information*]
"datasecu"=hex:3d,d0,88,03,f8,30,d5,8a,c4,c9,ad,b2,22,39,5e,60,68,5e,88,91,05,
20,64,1f,41,df,e9,55,01,54,95,c8,e6,00,84,11,d7,db,4f,b8,50,bf,74,60,fe,a9,\
"rkeysecu"=hex:e4,41,9f,d5,34,3e,1c,40,8b,b5,86,da,75,11,66,96
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="28DD9872BC374A16C37A86BCF98F68559E6A4F4F73C5B8DE0F16038AB52A07AEF2D33DCD24086F639A419390ABAE5C42B369A04E74BC9506CEBE17C635425D8BF2E3EC0607341F3FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DA6171C11EC38DE3DA2D97226D213B555B85F7CAC1587A2C45AEAC1F40243E9F837A46C09A7CEE7E7D60BC161BD9E634ECD888B00AF9F09CCCCC1B8FDF52B92E2C3AA99647D420F2C97F0255FA7A528F8DEB1C9B5D0AA8731B886DD16EBF9410BAFD88CB52C03548AA78F6238C256B85EE682E172A5BFFB7A23C5AA72E9BA7395A6C2ADDB33AFF7657F9EF519278635BCC97500D07F888764F7DF1DB71C0DEB5CBDCCEB2DB5FCFCD3FBA9DF2312210287CBDCD35E54440FE0040B3603CF25AF6C6B31BA6FFBB3A91FDD0EA2EAE42048E515D9139CBEC4BC137B4EFC6179C98A098CFC90DFF1AE0A464800C5F8A318F2B435E57582FB6FFBD37307F8D7AFD50AA66014672E2760EDFBC30457CBF6ACB2049C4CB8F96E407EB0E666B95B2C387FED882ABDFECF4B6527BEF6E4532C967B94A02D1DE09B443BE7B3705058CEF501BE8EC99868C308CBE1860781F4B5A385607AFA660A2D9D68711D7F522D1B24EA28DBD0FA79FEC339F95237460AA5B5CD91487EDD3AF1820672483E592D366F58F042F0F22FA1BD0EF3385E4E5FB74213878AD450ABDBBED3C9C02F829FEC952E13F12F0D00EF4B6D8436A53935C65159D7276A8E0C7F2FD5867426703FADEC10BA06665CD150533E96AC8EABC1D380E9C76886ECFE9746576DB64C48BA8959EA4A77C4770250532BC85FE9CBAD850351D4F93F4499030BE478BB1EB335B9586A5726CAF9E01E5B246EF6DE4695231BDD2CED0071E4C1174E529F6CE046187881AA554E81B1108EDB0D7E67C90A9AA3A533BA09D361FA99AA5C615C01F824DCE6432D7AB1AC1B274ADFE8D48B127B897F8138EED17EF8D2D12B6166C94C00BD15D0384B2F7EDDEF2A55094742A4FBCE0860259853A3A89A6107E7D7F3B2F264C8BA669427C49649F90F98B6A8B0748720D121C145A99A5B3A6C9E513F93E7B105988AF94697A9A8FD64326E7F95615EEA89B3F917600813020D1346EA496D999039DCF540FA1F15BBDFD68C0A29648F51EBC4A53F09C8D322CB3901BE2437A0731EF7574CED232C00BFEA04113342ECFD18A27CB4D9DA434641661E03661CE47E7CDC3FA35E841CD877389ADEF263DBE25B7D8A757CE01E603BD50E07C7951542BE6C230632B7AA9A2BE8EBC31856D4B2BAEB2F018E20AF27B8251699F0C3F2950070CC353F5530DA388F6793C64965E66C671D5DA283DB1170D6CD92046AD69194125A78541898772C9E4F249A142F3A5C4CDE92BE1797DD48"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-26 21:32:55
ComboFix-quarantined-files.txt 2013-01-26 20:32
.
Pre-Run: 144 795 201 536 bytes free
Post-Run: 144 170 057 728 bytes free
.
- - End Of File - - 6DDCD5859FDD92CF664C563D675C0D85
ComboFix 13-01-26.02 - Marek . 01. 2013 21:25:59.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.8078.6396 [GMT 1:00]
Running from: c:\users\Marek\Desktop\ComboFix.exe
AV: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\programdata\Roaming
c:\users\Marek\46357865364647353
c:\windows\msvcr71.dll
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2012-12-26 to 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2013-01-26 20:30 . 2013-01-26 20:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-26 20:30 . 2013-01-26 20:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-26 19:47 . 2013-01-26 19:47 -------- d-----w- C:\rsit
2013-01-26 19:47 . 2013-01-26 19:47 -------- d-----w- c:\program files\trend micro
2013-01-26 19:39 . 2013-01-26 19:39 -------- d-----w- c:\programdata\Local Settings
2013-01-26 19:39 . 2013-01-26 19:41 0 ---ha-w- c:\users\Marek\AppData\Roaming\winsvcns.sys
2013-01-25 21:13 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE28F970-BF0D-440C-BF51-C1D2B3810933}\mpengine.dll
2013-01-22 20:21 . 2013-01-22 20:24 -------- d-----w- c:\users\Marek\AppData\Roaming\XnView
2013-01-18 15:18 . 2013-01-18 15:18 -------- d-----w- c:\programdata\GoldWave
2013-01-18 14:58 . 2013-01-18 14:58 -------- d-----w- c:\program files (x86)\GoldWave
2013-01-15 17:34 . 2013-01-20 21:49 -------- d-----w- c:\users\Marek\AppData\Roaming\ICQ
2013-01-15 17:34 . 2013-01-15 17:35 -------- d-----w- c:\program files (x86)\ICQ7M
2013-01-08 18:14 . 2012-12-07 13:15 2746368 ----a-w- c:\windows\system32\gameux.dll
2013-01-08 07:50 . 2013-01-08 07:50 -------- d--h--w- c:\programdata\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2013-01-08 07:49 . 2013-01-08 07:49 -------- d--h--w- c:\programdata\{B7FA0661-862B-4AE4-A12A-F08D226ED546}
2013-01-05 21:49 . 2013-01-05 21:49 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-01-05 21:45 . 2013-01-05 21:45 -------- d-----w- C:\NVIDIA
2013-01-04 18:03 . 2013-01-26 20:25 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
2013-01-04 18:02 . 2013-01-06 23:45 -------- d-----w- c:\program files\Prey
2013-01-04 16:00 . 2013-01-08 20:09 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-04 16:00 . 2013-01-08 20:09 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-04 16:00 . 2013-01-04 16:00 -------- d-----w- c:\windows\system32\Macromed
2013-01-03 20:53 . 2013-01-03 20:53 -------- d-----w- c:\users\Marek\AppData\Local\Opera
2013-01-03 20:53 . 2013-01-03 20:53 -------- d-----w- c:\program files (x86)\Opera
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\programdata\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\users\Marek\AppData\Local\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\program files (x86)\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2012-12-29 15:34 . 2012-12-29 15:35 -------- d-----w- c:\users\Marek\AppData\Roaming\ArcSoft
2012-12-29 15:34 . 2002-07-25 15:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-12-29 15:34 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-12-29 15:34 . 2001-09-05 03:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-12-29 15:34 . 2001-09-05 03:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-12-29 15:34 . 2001-09-05 03:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 20:10 . 2012-12-04 18:57 380 ----a-w- c:\users\Marek\AppData\Roaming\sp_data.sys
2013-01-08 18:21 . 2012-12-04 19:34 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-29 10:34 . 2012-12-05 03:34 1107592 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-12-05 03:34 246024 ----a-w- c:\windows\system32\nvinitx.dll
2012-12-29 10:34 . 2012-12-05 03:34 201728 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-12-29 10:34 . 2012-12-05 03:34 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 10:34 . 2012-12-05 03:34 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-08 10:42 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 08:40 . 2012-12-05 03:35 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2012-12-05 03:35 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-12-05 03:35 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2012-12-05 03:35 997816 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-29 08:40 . 2012-12-05 03:35 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2012-12-05 03:35 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2012-12-05 03:35 55736 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-29 08:40 . 2012-12-05 03:35 2558392 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2012-12-05 03:35 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-16 17:11 . 2012-12-20 20:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-20 20:04 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-20 20:04 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-20 20:04 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-09 09:56 . 2012-12-09 09:56 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-09 09:56 . 2012-12-09 09:56 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-12-09 09:56 . 2012-12-09 09:56 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-09 09:56 . 2012-12-09 09:56 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-12-05 03:45 . 2012-12-05 03:45 80512 ----a-w- c:\windows\ASUS_Scr_K_multiColor_noSound Uninstaller.exe
2012-12-05 03:45 . 2012-12-05 03:45 3058304 ----a-w- c:\windows\AsScrPro.exe
2012-12-04 23:12 . 2012-12-04 23:12 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-04 23:11 . 2012-12-04 23:12 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-04 23:11 . 2012-12-04 23:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-04 22:48 . 2012-12-04 22:48 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-12-04 21:10 . 2012-12-04 21:10 614400 ----a-w- c:\windows\AutoKMS.exe
2012-12-04 20:54 . 2012-12-04 20:54 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-04 20:47 . 2012-12-04 20:33 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-12-04 19:08 . 2011-03-29 02:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-30 04:45 . 2013-01-08 18:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-11 20:19 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-11 20:19 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-11 20:19 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-11 20:19 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-11 20:19 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-11 20:19 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-11 20:19 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-11 20:19 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-11 20:19 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-11 20:19 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-11 20:19 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-11 20:19 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-11 20:19 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-11 20:19 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-11 20:19 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-11 20:19 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-11 20:19 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-11 20:19 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-11 20:19 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-11 20:19 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-11 20:19 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-11 20:19 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-11 20:16 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-11 20:16 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-11 20:16 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-11 20:16 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-07 291608]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"17277"="c:\progra~3\LOCALS~1\Temp\mskvvlzwx.exe" [2009-07-14 79872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2012-07-04 190208]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-12-21 34200]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-07 16152]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-29 30648]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-04 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-07-10 213416]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-29 152136]
S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-09-16 39528]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-04 379520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-12 135952]
S2 CronService;Cron Service for Prey;c:\program files\Prey\platform\windows\cronsvc.exe [2012-11-28 23552]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2012-07-04 999704]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-29 140752]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys [2012-04-11 35968]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys [2012-04-11 16512]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-07 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-07 787736]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-12-21 25496]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys [2011-12-28 292456]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-23 21:49 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-04 20:09]
.
2013-01-26 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2012-12-04 21:10]
.
2012-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 11:40]
.
2012-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 11:40]
.
2013-01-26 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 21:41]
.
2013-01-26 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 21:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-22 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-22 398616]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-02-19 2661672]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
"egui"="c:\program files\ESET\ESET Endpoint Antivirus\egui.exe" [2012-07-04 4133072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3220468
mStart Page = hxxp://asus.msn.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 158.193.86.1 158.193.86.5
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3058332585-1744576660-1299546663-1001\Software\SecuROM\License information*]
"datasecu"=hex:3d,d0,88,03,f8,30,d5,8a,c4,c9,ad,b2,22,39,5e,60,68,5e,88,91,05,
20,64,1f,41,df,e9,55,01,54,95,c8,e6,00,84,11,d7,db,4f,b8,50,bf,74,60,fe,a9,\
"rkeysecu"=hex:e4,41,9f,d5,34,3e,1c,40,8b,b5,86,da,75,11,66,96
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="28DD9872BC374A16C37A86BCF98F68559E6A4F4F73C5B8DE0F16038AB52A07AEF2D33DCD24086F639A419390ABAE5C42B369A04E74BC9506CEBE17C635425D8BF2E3EC0607341F3FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DA6171C11EC38DE3DA2D97226D213B555B85F7CAC1587A2C45AEAC1F40243E9F837A46C09A7CEE7E7D60BC161BD9E634ECD888B00AF9F09CCCCC1B8FDF52B92E2C3AA99647D420F2C97F0255FA7A528F8DEB1C9B5D0AA8731B886DD16EBF9410BAFD88CB52C03548AA78F6238C256B85EE682E172A5BFFB7A23C5AA72E9BA7395A6C2ADDB33AFF7657F9EF519278635BCC97500D07F888764F7DF1DB71C0DEB5CBDCCEB2DB5FCFCD3FBA9DF2312210287CBDCD35E54440FE0040B3603CF25AF6C6B31BA6FFBB3A91FDD0EA2EAE42048E515D9139CBEC4BC137B4EFC6179C98A098CFC90DFF1AE0A464800C5F8A318F2B435E57582FB6FFBD37307F8D7AFD50AA66014672E2760EDFBC30457CBF6ACB2049C4CB8F96E407EB0E666B95B2C387FED882ABDFECF4B6527BEF6E4532C967B94A02D1DE09B443BE7B3705058CEF501BE8EC99868C308CBE1860781F4B5A385607AFA660A2D9D68711D7F522D1B24EA28DBD0FA79FEC339F95237460AA5B5CD91487EDD3AF1820672483E592D366F58F042F0F22FA1BD0EF3385E4E5FB74213878AD450ABDBBED3C9C02F829FEC952E13F12F0D00EF4B6D8436A53935C65159D7276A8E0C7F2FD5867426703FADEC10BA06665CD150533E96AC8EABC1D380E9C76886ECFE9746576DB64C48BA8959EA4A77C4770250532BC85FE9CBAD850351D4F93F4499030BE478BB1EB335B9586A5726CAF9E01E5B246EF6DE4695231BDD2CED0071E4C1174E529F6CE046187881AA554E81B1108EDB0D7E67C90A9AA3A533BA09D361FA99AA5C615C01F824DCE6432D7AB1AC1B274ADFE8D48B127B897F8138EED17EF8D2D12B6166C94C00BD15D0384B2F7EDDEF2A55094742A4FBCE0860259853A3A89A6107E7D7F3B2F264C8BA669427C49649F90F98B6A8B0748720D121C145A99A5B3A6C9E513F93E7B105988AF94697A9A8FD64326E7F95615EEA89B3F917600813020D1346EA496D999039DCF540FA1F15BBDFD68C0A29648F51EBC4A53F09C8D322CB3901BE2437A0731EF7574CED232C00BFEA04113342ECFD18A27CB4D9DA434641661E03661CE47E7CDC3FA35E841CD877389ADEF263DBE25B7D8A757CE01E603BD50E07C7951542BE6C230632B7AA9A2BE8EBC31856D4B2BAEB2F018E20AF27B8251699F0C3F2950070CC353F5530DA388F6793C64965E66C671D5DA283DB1170D6CD92046AD69194125A78541898772C9E4F249A142F3A5C4CDE92BE1797DD48"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-26 21:32:55
ComboFix-quarantined-files.txt 2013-01-26 20:32
.
Pre-Run: 144 795 201 536 bytes free
Post-Run: 144 170 057 728 bytes free
.
- - End Of File - - 6DDCD5859FDD92CF664C563D675C0D85
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Eset hlási kopu súborov
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\Tasks\AutoKMS.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
Collect::
c:\progra~3\LOCALS~1\Temp\mskvvlzwx.exe
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"17277"=-
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
Regnull::
[HKEY_USERS\S-1-5-21-3058332585-1744576660-1299546663-1001\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Eset hlási kopu súborov
Deletol, nejaké malware vraj uploadol niekam... tu je log:
ComboFix 13-01-26.02 - Marek . 01. 2013 21:58:54.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.8078.5255 [GMT 1:00]
Running from: c:\users\Marek\Desktop\ComboFix.exe
Command switches used :: c:\users\Marek\Desktop\CFScript.txt
AV: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job"
"c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~3\LOCALS~1\Temp\mskvvlzwx.exe
c:\windows\Tasks\AutoKMS.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
.
.
((((((((((((((((((((((((( Files Created from 2012-12-26 to 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2013-01-26 21:03 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{059D4AEA-8ECC-4AC7-A25F-C69D3A1FBCC1}\mpengine.dll
2013-01-26 21:01 . 2013-01-26 21:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-26 19:47 . 2013-01-26 19:47 -------- d-----w- C:\rsit
2013-01-26 19:47 . 2013-01-26 19:47 -------- d-----w- c:\program files\trend micro
2013-01-26 19:39 . 2013-01-26 19:39 -------- d-----w- c:\programdata\Local Settings
2013-01-26 19:39 . 2013-01-26 19:41 0 ---ha-w- c:\users\Marek\AppData\Roaming\winsvcns.sys
2013-01-25 21:13 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE28F970-BF0D-440C-BF51-C1D2B3810933}\mpengine.dll
2013-01-22 20:21 . 2013-01-22 20:24 -------- d-----w- c:\users\Marek\AppData\Roaming\XnView
2013-01-18 15:18 . 2013-01-18 15:18 -------- d-----w- c:\programdata\GoldWave
2013-01-18 14:58 . 2013-01-18 14:58 -------- d-----w- c:\program files (x86)\GoldWave
2013-01-15 17:34 . 2013-01-20 21:49 -------- d-----w- c:\users\Marek\AppData\Roaming\ICQ
2013-01-15 17:34 . 2013-01-15 17:35 -------- d-----w- c:\program files (x86)\ICQ7M
2013-01-08 18:14 . 2012-12-07 13:15 2746368 ----a-w- c:\windows\system32\gameux.dll
2013-01-08 07:50 . 2013-01-08 07:50 -------- d--h--w- c:\programdata\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2013-01-08 07:49 . 2013-01-08 07:49 -------- d--h--w- c:\programdata\{B7FA0661-862B-4AE4-A12A-F08D226ED546}
2013-01-05 21:49 . 2013-01-05 21:49 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-01-05 21:45 . 2013-01-05 21:45 -------- d-----w- C:\NVIDIA
2013-01-04 18:03 . 2013-01-26 21:02 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
2013-01-04 18:02 . 2013-01-06 23:45 -------- d-----w- c:\program files\Prey
2013-01-04 16:00 . 2013-01-08 20:09 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-04 16:00 . 2013-01-08 20:09 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-04 16:00 . 2013-01-04 16:00 -------- d-----w- c:\windows\system32\Macromed
2013-01-03 20:53 . 2013-01-03 20:53 -------- d-----w- c:\users\Marek\AppData\Local\Opera
2013-01-03 20:53 . 2013-01-03 20:53 -------- d-----w- c:\program files (x86)\Opera
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\programdata\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\users\Marek\AppData\Local\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\program files (x86)\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2012-12-29 15:34 . 2012-12-29 15:35 -------- d-----w- c:\users\Marek\AppData\Roaming\ArcSoft
2012-12-29 15:34 . 2002-07-25 15:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-12-29 15:34 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-12-29 15:34 . 2001-09-05 03:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-12-29 15:34 . 2001-09-05 03:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-12-29 15:34 . 2001-09-05 03:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 21:04 . 2012-12-04 18:57 380 ----a-w- c:\users\Marek\AppData\Roaming\sp_data.sys
2013-01-08 18:21 . 2012-12-04 19:34 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-29 10:34 . 2012-12-05 03:34 1107592 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-12-05 03:34 246024 ----a-w- c:\windows\system32\nvinitx.dll
2012-12-29 10:34 . 2012-12-05 03:34 201728 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-12-29 10:34 . 2012-12-05 03:34 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 10:34 . 2012-12-05 03:34 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-08 10:42 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 08:40 . 2012-12-05 03:35 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2012-12-05 03:35 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-12-05 03:35 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2012-12-05 03:35 997816 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-29 08:40 . 2012-12-05 03:35 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2012-12-05 03:35 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2012-12-05 03:35 55736 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-29 08:40 . 2012-12-05 03:35 2558392 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2012-12-05 03:35 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-16 17:11 . 2012-12-20 20:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-20 20:04 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-20 20:04 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-20 20:04 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-09 09:56 . 2012-12-09 09:56 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-09 09:56 . 2012-12-09 09:56 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-12-09 09:56 . 2012-12-09 09:56 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-09 09:56 . 2012-12-09 09:56 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-12-05 03:45 . 2012-12-05 03:45 80512 ----a-w- c:\windows\ASUS_Scr_K_multiColor_noSound Uninstaller.exe
2012-12-05 03:45 . 2012-12-05 03:45 3058304 ----a-w- c:\windows\AsScrPro.exe
2012-12-04 23:12 . 2012-12-04 23:12 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-04 23:11 . 2012-12-04 23:12 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-04 23:11 . 2012-12-04 23:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-04 22:48 . 2012-12-04 22:48 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-12-04 21:10 . 2012-12-04 21:10 614400 ----a-w- c:\windows\AutoKMS.exe
2012-12-04 20:54 . 2012-12-04 20:54 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-04 20:47 . 2012-12-04 20:33 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-12-04 19:08 . 2011-03-29 02:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-30 04:45 . 2013-01-08 18:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-11 20:19 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-11 20:19 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-11 20:19 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-11 20:19 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-11 20:19 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-11 20:19 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-11 20:19 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-11 20:19 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-11 20:19 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-11 20:19 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-11 20:19 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-11 20:19 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-11 20:19 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-11 20:19 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-11 20:19 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-11 20:19 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-11 20:19 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-11 20:19 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-11 20:19 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-11 20:19 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-11 20:19 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-11 20:19 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-11 20:16 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-11 20:16 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-11 20:16 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-11 20:16 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-07 291608]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2012-07-04 190208]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-12-21 34200]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-07 16152]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-29 30648]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-04 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-07-10 213416]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-29 152136]
S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-09-16 39528]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-04 379520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-12 135952]
S2 CronService;Cron Service for Prey;c:\program files\Prey\platform\windows\cronsvc.exe [2012-11-28 23552]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2012-07-04 999704]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-29 140752]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys [2012-04-11 35968]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys [2012-04-11 16512]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-07 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-07 787736]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-12-21 25496]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys [2011-12-28 292456]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-23 21:49 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-04 20:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-22 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-22 398616]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-02-19 2661672]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
"egui"="c:\program files\ESET\ESET Endpoint Antivirus\egui.exe" [2012-07-04 4133072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3220468
mStart Page = hxxp://asus.msn.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 158.193.86.1 158.193.86.5
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Explorer_Run-17277 - c:\progra~3\LOCALS~1\Temp\mskvvlzwx.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="28DD9872BC374A16C37A86BCF98F68559E6A4F4F73C5B8DE0F16038AB52A07AEF2D33DCD24086F639A419390ABAE5C42B369A04E74BC9506CEBE17C635425D8BF2E3EC0607341F3FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DA6171C11EC38DE3DA2D97226D213B555B85F7CAC1587A2C45AEAC1F40243E9F837A46C09A7CEE7E7D60BC161BD9E634ECD888B00AF9F09CCCCC1B8FDF52B92E2C3AA99647D420F2C97F0255FA7A528F8DEB1C9B5D0AA8731B886DD16EBF9410BAFD88CB52C03548AA78F6238C256B85EE682E172A5BFFB7A23C5AA72E9BA7395A6C2ADDB33AFF7657F9EF519278635BCC97500D07F888764F7DF1DB71C0DEB5CBDCCEB2DB5FCFCD3FBA9DF2312210287CBDCD35E54440FE0040B3603CF25AF6C6B31BA6FFBB3A91FDD0EA2EAE42048E515D9139CBEC4BC137B4EFC6179C98A098CFC90DFF1AE0A464800C5F8A318F2B435E57582FB6FFBD37307F8D7AFD50AA66014672E2760EDFBC30457CBF6ACB2049C4CB8F96E407EB0E666B95B2C387FED882ABDFECF4B6527BEF6E4532C967B94A02D1DE09B443BE7B3705058CEF501BE8EC99868C308CBE1860781F4B5A385607AFA660A2D9D68711D7F522D1B24EA28DBD0FA79FEC339F95237460AA5B5CD91487EDD3AF1820672483E592D366F58F042F0F22FA1BD0EF3385E4E5FB74213878AD450ABDBBED3C9C02F829FEC952E13F12F0D00EF4B6D8436A53935C65159D7276A8E0C7F2FD5867426703FADEC10BA06665CD150533E96AC8EABC1D380E9C76886ECFE9746576DB64C48BA8959EA4A77C4770250532BC85FE9CBAD850351D4F93F4499030BE478BB1EB335B9586A5726CAF9E01E5B246EF6DE4695231BDD2CED0071E4C1174E529F6CE046187881AA554E81B1108EDB0D7E67C90A9AA3A533BA09D361FA99AA5C615C01F824DCE6432D7AB1AC1B274ADFE8D48B127B897F8138EED17EF8D2D12B6166C94C00BD15D0384B2F7EDDEF2A55094742A4FBCE0860259853A3A89A6107E7D7F3B2F264C8BA669427C49649F90F98B6A8B0748720D121C145A99A5B3A6C9E513F93E7B105988AF94697A9A8FD64326E7F95615EEA89B3F917600813020D1346EA496D999039DCF540FA1F15BBDFD68C0A29648F51EBC4A53F09C8D322CB3901BE2437A0731EF7574CED232C00BFEA04113342ECFD18A27CB4D9DA434641661E03661CE47E7CDC3FA35E841CD877389ADEF263DBE25B7D8A757CE01E603BD50E07C7951542BE6C230632B7AA9A2BE8EBC31856D4B2BAEB2F018E20AF27B8251699F0C3F2950070CC353F5530DA388F6793C64965E66C671D5DA283DB1170D6CD92046AD69194125A78541898772C9E4F249A142F3A5C4CDE92BE1797DD48"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Creative\Shared Files\CTDevSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\ASUS\FaceLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\windows\AsScrPro.exe
c:\windows\SysWOW64\ACEngSvr.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2013-01-26 22:07:12 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-26 21:07
ComboFix2.txt 2013-01-26 20:32
.
Pre-Run: 144 225 267 712 bytes free
Post-Run: 143 890 452 480 bytes free
.
- - End Of File - - D77F7B10D5E148632CCC56B3FD9E7E22
Upload was successful
ComboFix 13-01-26.02 - Marek . 01. 2013 21:58:54.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.8078.5255 [GMT 1:00]
Running from: c:\users\Marek\Desktop\ComboFix.exe
Command switches used :: c:\users\Marek\Desktop\CFScript.txt
AV: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job"
"c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~3\LOCALS~1\Temp\mskvvlzwx.exe
c:\windows\Tasks\AutoKMS.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
.
.
((((((((((((((((((((((((( Files Created from 2012-12-26 to 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2013-01-26 21:03 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{059D4AEA-8ECC-4AC7-A25F-C69D3A1FBCC1}\mpengine.dll
2013-01-26 21:01 . 2013-01-26 21:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-26 19:47 . 2013-01-26 19:47 -------- d-----w- C:\rsit
2013-01-26 19:47 . 2013-01-26 19:47 -------- d-----w- c:\program files\trend micro
2013-01-26 19:39 . 2013-01-26 19:39 -------- d-----w- c:\programdata\Local Settings
2013-01-26 19:39 . 2013-01-26 19:41 0 ---ha-w- c:\users\Marek\AppData\Roaming\winsvcns.sys
2013-01-25 21:13 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE28F970-BF0D-440C-BF51-C1D2B3810933}\mpengine.dll
2013-01-22 20:21 . 2013-01-22 20:24 -------- d-----w- c:\users\Marek\AppData\Roaming\XnView
2013-01-18 15:18 . 2013-01-18 15:18 -------- d-----w- c:\programdata\GoldWave
2013-01-18 14:58 . 2013-01-18 14:58 -------- d-----w- c:\program files (x86)\GoldWave
2013-01-15 17:34 . 2013-01-20 21:49 -------- d-----w- c:\users\Marek\AppData\Roaming\ICQ
2013-01-15 17:34 . 2013-01-15 17:35 -------- d-----w- c:\program files (x86)\ICQ7M
2013-01-08 18:14 . 2012-12-07 13:15 2746368 ----a-w- c:\windows\system32\gameux.dll
2013-01-08 07:50 . 2013-01-08 07:50 -------- d--h--w- c:\programdata\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2013-01-08 07:49 . 2013-01-08 07:49 -------- d--h--w- c:\programdata\{B7FA0661-862B-4AE4-A12A-F08D226ED546}
2013-01-05 21:49 . 2013-01-05 21:49 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-01-05 21:45 . 2013-01-05 21:45 -------- d-----w- C:\NVIDIA
2013-01-04 18:03 . 2013-01-26 21:02 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
2013-01-04 18:02 . 2013-01-06 23:45 -------- d-----w- c:\program files\Prey
2013-01-04 16:00 . 2013-01-08 20:09 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-04 16:00 . 2013-01-08 20:09 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-04 16:00 . 2013-01-04 16:00 -------- d-----w- c:\windows\system32\Macromed
2013-01-03 20:53 . 2013-01-03 20:53 -------- d-----w- c:\users\Marek\AppData\Local\Opera
2013-01-03 20:53 . 2013-01-03 20:53 -------- d-----w- c:\program files (x86)\Opera
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\programdata\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\users\Marek\AppData\Local\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\program files (x86)\ArcSoft
2012-12-29 15:35 . 2012-12-29 15:35 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2012-12-29 15:34 . 2012-12-29 15:35 -------- d-----w- c:\users\Marek\AppData\Roaming\ArcSoft
2012-12-29 15:34 . 2002-07-25 15:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-12-29 15:34 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-12-29 15:34 . 2001-09-05 03:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-12-29 15:34 . 2001-09-05 03:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-12-29 15:34 . 2001-09-05 03:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 21:04 . 2012-12-04 18:57 380 ----a-w- c:\users\Marek\AppData\Roaming\sp_data.sys
2013-01-08 18:21 . 2012-12-04 19:34 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-29 10:34 . 2012-12-05 03:34 1107592 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-12-05 03:34 246024 ----a-w- c:\windows\system32\nvinitx.dll
2012-12-29 10:34 . 2012-12-05 03:34 201728 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-12-29 10:34 . 2012-12-05 03:34 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 10:34 . 2012-12-05 03:34 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-08 10:42 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 08:40 . 2012-12-05 03:35 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2012-12-05 03:35 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-12-05 03:35 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2012-12-05 03:35 997816 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-29 08:40 . 2012-12-05 03:35 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2012-12-05 03:35 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2012-12-05 03:35 55736 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-29 08:40 . 2012-12-05 03:35 2558392 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2012-12-05 03:35 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-16 17:11 . 2012-12-20 20:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-20 20:04 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-20 20:04 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-20 20:04 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-09 09:56 . 2012-12-09 09:56 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-09 09:56 . 2012-12-09 09:56 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-12-09 09:56 . 2012-12-09 09:56 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-09 09:56 . 2012-12-09 09:56 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-12-05 03:45 . 2012-12-05 03:45 80512 ----a-w- c:\windows\ASUS_Scr_K_multiColor_noSound Uninstaller.exe
2012-12-05 03:45 . 2012-12-05 03:45 3058304 ----a-w- c:\windows\AsScrPro.exe
2012-12-04 23:12 . 2012-12-04 23:12 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-04 23:11 . 2012-12-04 23:12 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-04 23:11 . 2012-12-04 23:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-04 22:48 . 2012-12-04 22:48 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-12-04 21:10 . 2012-12-04 21:10 614400 ----a-w- c:\windows\AutoKMS.exe
2012-12-04 20:54 . 2012-12-04 20:54 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-04 20:47 . 2012-12-04 20:33 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-12-04 19:08 . 2011-03-29 02:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-30 04:45 . 2013-01-08 18:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-11 20:19 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-11 20:19 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-11 20:19 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-11 20:19 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-11 20:19 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-11 20:19 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-11 20:19 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-11 20:19 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-11 20:19 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-11 20:19 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-11 20:19 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-11 20:19 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-11 20:19 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-11 20:19 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-11 20:19 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-11 20:19 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-11 20:19 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-11 20:19 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-11 20:19 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-11 20:19 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-11 20:19 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-11 20:19 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-11 20:16 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-11 20:16 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-11 20:16 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-11 20:16 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-07 291608]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2012-07-04 190208]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-12-21 34200]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-07 16152]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-29 30648]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-04 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-07-10 213416]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-29 152136]
S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-09-16 39528]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-04 379520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-12 135952]
S2 CronService;Cron Service for Prey;c:\program files\Prey\platform\windows\cronsvc.exe [2012-11-28 23552]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2012-07-04 999704]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-29 140752]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys [2012-04-11 35968]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys [2012-04-11 16512]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-07 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-07 787736]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-12-21 25496]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys [2011-12-28 292456]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-23 21:49 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-04 20:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Marek\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-22 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-22 398616]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-02-19 2661672]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
"egui"="c:\program files\ESET\ESET Endpoint Antivirus\egui.exe" [2012-07-04 4133072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3220468
mStart Page = hxxp://asus.msn.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 158.193.86.1 158.193.86.5
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Explorer_Run-17277 - c:\progra~3\LOCALS~1\Temp\mskvvlzwx.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="28DD9872BC374A16C37A86BCF98F68559E6A4F4F73C5B8DE0F16038AB52A07AEF2D33DCD24086F639A419390ABAE5C42B369A04E74BC9506CEBE17C635425D8BF2E3EC0607341F3FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DA6171C11EC38DE3DA2D97226D213B555B85F7CAC1587A2C45AEAC1F40243E9F837A46C09A7CEE7E7D60BC161BD9E634ECD888B00AF9F09CCCCC1B8FDF52B92E2C3AA99647D420F2C97F0255FA7A528F8DEB1C9B5D0AA8731B886DD16EBF9410BAFD88CB52C03548AA78F6238C256B85EE682E172A5BFFB7A23C5AA72E9BA7395A6C2ADDB33AFF7657F9EF519278635BCC97500D07F888764F7DF1DB71C0DEB5CBDCCEB2DB5FCFCD3FBA9DF2312210287CBDCD35E54440FE0040B3603CF25AF6C6B31BA6FFBB3A91FDD0EA2EAE42048E515D9139CBEC4BC137B4EFC6179C98A098CFC90DFF1AE0A464800C5F8A318F2B435E57582FB6FFBD37307F8D7AFD50AA66014672E2760EDFBC30457CBF6ACB2049C4CB8F96E407EB0E666B95B2C387FED882ABDFECF4B6527BEF6E4532C967B94A02D1DE09B443BE7B3705058CEF501BE8EC99868C308CBE1860781F4B5A385607AFA660A2D9D68711D7F522D1B24EA28DBD0FA79FEC339F95237460AA5B5CD91487EDD3AF1820672483E592D366F58F042F0F22FA1BD0EF3385E4E5FB74213878AD450ABDBBED3C9C02F829FEC952E13F12F0D00EF4B6D8436A53935C65159D7276A8E0C7F2FD5867426703FADEC10BA06665CD150533E96AC8EABC1D380E9C76886ECFE9746576DB64C48BA8959EA4A77C4770250532BC85FE9CBAD850351D4F93F4499030BE478BB1EB335B9586A5726CAF9E01E5B246EF6DE4695231BDD2CED0071E4C1174E529F6CE046187881AA554E81B1108EDB0D7E67C90A9AA3A533BA09D361FA99AA5C615C01F824DCE6432D7AB1AC1B274ADFE8D48B127B897F8138EED17EF8D2D12B6166C94C00BD15D0384B2F7EDDEF2A55094742A4FBCE0860259853A3A89A6107E7D7F3B2F264C8BA669427C49649F90F98B6A8B0748720D121C145A99A5B3A6C9E513F93E7B105988AF94697A9A8FD64326E7F95615EEA89B3F917600813020D1346EA496D999039DCF540FA1F15BBDFD68C0A29648F51EBC4A53F09C8D322CB3901BE2437A0731EF7574CED232C00BFEA04113342ECFD18A27CB4D9DA434641661E03661CE47E7CDC3FA35E841CD877389ADEF263DBE25B7D8A757CE01E603BD50E07C7951542BE6C230632B7AA9A2BE8EBC31856D4B2BAEB2F018E20AF27B8251699F0C3F2950070CC353F5530DA388F6793C64965E66C671D5DA283DB1170D6CD92046AD69194125A78541898772C9E4F249A142F3A5C4CDE92BE1797DD48"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Creative\Shared Files\CTDevSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\ASUS\FaceLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\windows\AsScrPro.exe
c:\windows\SysWOW64\ACEngSvr.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2013-01-26 22:07:12 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-26 21:07
ComboFix2.txt 2013-01-26 20:32
.
Pre-Run: 144 225 267 712 bytes free
Post-Run: 143 890 452 480 bytes free
.
- - End Of File - - D77F7B10D5E148632CCC56B3FD9E7E22
Upload was successful
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Eset hlási kopu súborov
Log již vypadá čistý. CF na příkaz uploaduje soubory autorovi, který podle nich updatuje utilitu. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Eset hlási kopu súborov
Eset už po nabehnutí nehlási nič podozrivé. Myslím, že to už bude okey. Vďaka 
Myslím, že sa môže topic zamknúť, keby nastali nejaké komplikácie, ja sa ozvem. Vďaka za skutočne rýchlu pomoc
Myslím, že sa môže topic zamknúť, keby nastali nejaké komplikácie, ja sa ozvem. Vďaka za skutočne rýchlu pomoc
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Eset hlási kopu súborov
OK. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?