malware v NTB

Zpráva

orion05 · #1 Příspěvek od **orion05** » 18 srp 2013 08:54

Zdravím, pred pár dňami som posielal cez ftp na web súbor, čím som ho infikoval a tak mi je jasné, že mám v notebooku nejakú háveď

tu je rsit log

info.txt logfile of random's system information tool 1.09 2013-08-18 09:11:59

======Uninstall list======

Tools for .Net 3.5-->MsiExec.exe /X{1690CE56-2231-4E59-9006-A0876D949EA8}
-->"C:\ProgramData\MagniPic\uninstall.exe" /path=C:\ProgramData\MagniPic
-->C:\PROGRA~3\INSTAL~1\{699C9~1\Setup.exe /remove /q0
-->C:\PROGRA~3\INSTAL~1\{8A3DC~1\Setup.exe /remove /q0
-->C:\PROGRA~3\INSTAL~1\MagniPic\Setup.exe /remove /q0
-->C:\Program Files (x86)\Toolbar Cleaner\uninstall.exe
-->C:\Program Files\Conexant\SAII\SETUP64.EXE -U -ISAII -SM=SmartAudio.EXE,1801
-->MsiExec.exe /I{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049} /S /v/qn
µTorrent-->"D:\utorrent\uTorrent.exe" /UNINSTALL
7-Zip 9.20-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
AceIt v1.3.1-->"C:\Program Files (x86)\AceIt\unins000.exe"
Acrobat.com-->MsiExec.exe /X{77DCDCE3-2DED-62F3-8154-05E745472D07}
Ad-Aware Browsing Protection-->C:\ProgramData\Ad-Aware Browsing Protection\uninstall.exe
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
Adobe Community Help-->msiexec /qb /x {3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Community Help-->MsiExec.exe /I{3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -maintain plugin
Adobe Photoshop CS5.1-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{9158FF30-78D7-40EF-B83E-451AC5334640}"
Adobe Reader XI (11.0.03) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Adobe SVG Viewer 3.0-->C:\Program Files (x86)\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files (x86)\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Aerosoft's - Aerosoft Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}\setup.exe" -runfromtemp -l0x0409 -removeonly
Android Studio-->C:\Users\Administrator\AppData\Local\Android\android-studio\uninstall.exe
ApexDC++ 1.5.6-->"C:\Program Files\ApexDC++\Uninstall\unins000.exe"
ASUS Power4Gear Hybrid-->MsiExec.exe /I{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}
ATI AVIVO64 Codecs-->MsiExec.exe /X{489F2C5A-83B9-79D5-714C-1DEF32A898E5}
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Avanquest update-->"C:\Program Files (x86)\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly
Bandicam-->"C:\Program Files (x86)\Bandicam\uninstall.exe"
Bandisoft MPEG-1 Decoder-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"
Blend for Visual Studio 2012 ENU resources-->MsiExec.exe /I{532DBCC8-9468-435C-AEF6-30B7F50735A2}
Blend for Visual Studio 2012-->MsiExec.exe /I{57F20F04-014D-453F-B6A3-AE9485C4DFAB}
CamStudio version 2.7-->"C:\Program Files (x86)\CamStudio 2.7\unins000.exe"
Canon IJ Network Scan Utility-->"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\uninst.ini
Canon IJ Network Tool-->C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Canon MP Navigator EX 3.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 3.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 3.0\uninst.ini
Canon MP640 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series
Canon MP640 series User Registration-->C:\Program Files (x86)\Canon\IJEREG\MP640 series\UNINST.EXE
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
Canon Utilities Solution Menu-->C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe uninst.ini uinstrsc.dll
Catalyst Control Center - Branding-->MsiExec.exe /I{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}
CD-LabelPrint-->"C:\Program Files (x86)\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
ConBuilder-->C:\Program Files (x86)\ConBuilder\UnInstall_22740.exe
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -IK52CC2wa.INF
ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink PhotoNow-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
CyberLink PhotoNow-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Cyklotrasy 2.27-->C:\Program Files (x86)\Cyklotrasy\Uninstal.exe
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Dotfuscator and Analytics Community Edition-->MsiExec.exe /X{372D17F6-A54E-4A01-B264-1314890FFE61}
Enterprise Architect 9 - 30 Day Trial Edition-->MsiExec.exe /I{4C78E7B2-AE8C-492E-8A97-BA6A641C616B}
Entity Framework Designer for Visual Studio 2012 - enu-->MsiExec.exe /X{0A1A1D48-DB23-443A-BC7B-49255D138020}
ETDWare PS/2-x64 7.0.5.10_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Evernote v. 4.6.4-->MsiExec.exe /X{DDAFC46A-90E2-11E2-B700-984BE15F174E}
Fast Boot-->MsiExec.exe /X{13F4A7F3-EABC-4261-AF6B-1317777F0755}
Fotogaléria-->MsiExec.exe /X{08466673-3905-4437-93E8-34A221B7CA4E}
Free YouTube Download version 3.2.0.128-->C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
GeoGebra 4.2-->"C:\Program Files (x86)\GeoGebra 4.2\uninstaller.exe"
GetDataBack for NTFS-->"E:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\Uninstall.exe" "E:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\install.log" -u
Google Earth Pro 7.1.1.1871 Final-->"C:\Program Files (x86)\Google Earth Pro 7.1.1.1871 Final\uninstall.exe" "/U:C:\Program Files (x86)\Google Earth Pro 7.1.1.1871 Final\Uninstall\uninstall.xml"
Google Earth-->MsiExec.exe /X{1B30DAC0-DE51-11E2-9A5B-B8AC6F98CCE3}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Graph 4.4.2-->"C:\Program Files (x86)\Graph\unins000.exe"
IIS 8.0 Express-->MsiExec.exe /X{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}
IIS Express Application Compatibility Database for x64-->%windir%\system32\sdbinst.exe -u "C:\Windows\AppPatch\Custom\Custom64\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb"
IIS Express Application Compatibility Database for x86-->%windir%\system32\sdbinst.exe -u "C:\Windows\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb"
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Java 7 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217017FF}
Java 7 Update 25 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417025FF}
JMicron Ethernet Adapter NDIS Driver-->"C:\Program Files (x86)\JMicron\JME_DIR\setup.exe" delpkg
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
Junk Mail filter update-->MsiExec.exe /I{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}
K-Lite Codec Pack 9.7.5 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
LocalESPC-->MsiExec.exe /I{BDBE5D2A-AAB7-77BD-7A0E-5006665CE7C6}
LocalESPCui for en-us-->MsiExec.exe /I{B5DA9D49-9BD8-0F2F-52FC-C7E66BC8D944}
MagniPic-->C:\PROGRA~3\INSTAL~1\{576CA~1\Setup.exe /remove /q0
MediaShow-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\Setup.exe" -uninstall
Microsoft .NET Framework 4 Multi-Targeting Pack-->MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}
Microsoft .NET Framework 4.5 Multi-Targeting Pack-->MsiExec.exe /X{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}
Microsoft .NET Framework 4.5 SDK-->MsiExec.exe /X{1948E039-EC79-4591-951D-9867A8C14C90}
Microsoft .NET Framework 4.5-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5-->MsiExec.exe /X{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update-->MsiExec.exe /X{2F6CE32A-018D-4656-895B-9E5E20D7740A}
Microsoft ASP.NET MVC 3-->MsiExec.exe /X{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools-->MsiExec.exe /X{59D87F40-6C4B-4F80-A42B-FAA0E6EAFAB6}
Microsoft ASP.NET MVC 4 Runtime-->MsiExec.exe /X{942CC691-5B98-42A3-8BC5-A246BA69D983}
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools-->MsiExec.exe /X{6F066545-40A2-4C38-A8F7-78581CC5C442}
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools-->MsiExec.exe /X{57D782D7-49FD-48DE-AB47-A690A1519A2D}
Microsoft ASP.NET Web Pages 2 Runtime-->MsiExec.exe /X{FBBC8076-BB21-4E06-9FA0-309AEF6E35EE}
Microsoft ASP.NET Web Pages-->MsiExec.exe /X{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}
Microsoft Help Viewer 2.0-->msiexec.exe /X{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}
Microsoft Help Viewer 2.0-->MsiExec.exe /X{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}
Microsoft Image Composite Editor-->MsiExec.exe /I{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}
Microsoft LightSwitch for Visual Studio 2012 Core-->MsiExec.exe /I{7437A4B9-314F-3B8F-827B-22909146E471}
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU-->MsiExec.exe /I{E4ADE757-7FE9-322D-9CAE-C77D77A2D2BF}
Microsoft NuGet - Visual Studio 2012-->MsiExec.exe /I{00EC8ABC-3C5A-40F8-A8CB-E7DCD5ABFA05}
Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2010-->MsiExec.exe /X{90140000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0116-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE}
Microsoft Office Standard 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
Microsoft Office Standard 2010-->MsiExec.exe /X{90140000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE}
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu-->MsiExec.exe /X{BAD0254F-9BDB-3D14-A5AC-9C0EF51F3D09}
Microsoft Portable Library Multi-Targeting Pack-->MsiExec.exe /X{C4CAD994-6EA2-3121-8352-DA593150B322}
Microsoft Report Viewer Add-On for Visual Studio 2012-->MsiExec.exe /I{1DB43E5A-2F24-4F51-92B0-A2C0EBF5C742}
Microsoft Silverlight 4 SDK-->MsiExec.exe /X{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}
Microsoft Silverlight 5 SDK-->MsiExec.exe /X{E1FBB3D4-ADB0-4949-B101-855DA061C735}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2012 Command Line Utilities -->MsiExec.exe /I{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}
Microsoft SQL Server 2012 Data-Tier App Framework -->MsiExec.exe /I{36E619BC-A234-4EC3-849B-779A7C865A45}
Microsoft SQL Server 2012 Data-Tier App Framework -->MsiExec.exe /I{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}
Microsoft SQL Server 2012 Express LocalDB -->MsiExec.exe /I{13D558FE-A863-402C-B115-160007277033}
Microsoft SQL Server 2012 Management Objects (x64)-->MsiExec.exe /I{FA0A244E-F3C2-4589-B42A-3D522DE79A42}
Microsoft SQL Server 2012 Management Objects -->MsiExec.exe /I{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}
Microsoft SQL Server 2012 Native Client -->MsiExec.exe /I{49D665A2-4C2A-476E-9AB8-FCC425F526FC}
Microsoft SQL Server 2012 Transact-SQL Compiler Service -->MsiExec.exe /I{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}
Microsoft SQL Server 2012 Transact-SQL ScriptDom -->MsiExec.exe /I{0E8670B8-3965-4930-ADA6-570348B67153}
Microsoft SQL Server 2012 T-SQL Language Service -->MsiExec.exe /I{6D6D43E5-218C-4B05-92D3-2240810F4760}
Microsoft SQL Server Compact 4.0 SP1 x64 ENU-->MsiExec.exe /X{78909610-D229-459C-A936-25D92283D3FD}
Microsoft SQL Server Data Tools - enu (11.1.20627.00)-->MsiExec.exe /X{FA804794-2CCB-4301-954F-2C2894698876}
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)-->MsiExec.exe /X{790E9425-8570-493F-9AE7-81AFC9E46930}
Microsoft SQL Server System CLR Types (x64)-->MsiExec.exe /I{4701DEDE-1888-49E0-BAE5-857875924CA2}
Microsoft SQL Server System CLR Types-->MsiExec.exe /I{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}
Microsoft System CLR Types for SQL Server 2012 (x64)-->MsiExec.exe /I{F1949145-EB64-4DE7-9D81-E6D27937146C}
Microsoft System CLR Types for SQL Server 2012-->MsiExec.exe /I{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}
Microsoft Train Simulator-->"E:\Program Files (x86)\Microsoft Games\Train Simulator_rhb\UNINSTAL.EXE" /runtemp /addremove
Microsoft Visual C++ 2005 Redistributable - KB2467175-->MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727-->MsiExec.exe /X{D9F3D00D-E946-3B3D-A4A6-93D5020DB9F7}
Microsoft Visual C++ 2012 Compilers - ENU Resources-->MsiExec.exe /X{A4366F69-CE22-4DB7-9C8C-46A5845AF997}
Microsoft Visual C++ 2012 Compilers-->MsiExec.exe /X{1F8E06E2-BA93-40DC-B183-E024CBD853A8}
Microsoft Visual C++ 2012 Core Libraries-->MsiExec.exe /X{AD1AEE2A-D9C0-3FAC-8D6B-B5E07B47257B}
Microsoft Visual C++ 2012 Extended Libraries-->MsiExec.exe /X{731C183B-86A0-3442-BE55-68A7C92581E9}
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries-->MsiExec.exe /X{29F259D7-C517-3EED-84B4-237573CFD39C}
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727-->MsiExec.exe /X{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727-->MsiExec.exe /X{2B997E80-3BEC-3222-9114-98DBE1182B2E}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727-->MsiExec.exe /X{1C163D33-33B3-33EB-A617-0D4D852BE8E1}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}
Microsoft Visual Studio 2010 Office Developer Tools (x64)-->MsiExec.exe /X{572E796D-C52B-3797-A685-2FB6F895D4BE}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->c:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{24C3AEE0-4BCE-3190-8EE0-BBA0BF72CAC1}
Microsoft Visual Studio 2012 Devenv Resources-->MsiExec.exe /I{B1465D1D-6427-4CA1-AE29-8B699209E663}
Microsoft Visual Studio 2012 Devenv-->MsiExec.exe /I{330E5D98-20D2-4CA4-AE51-FCB8AA80F634}
Microsoft Visual Studio 2012 Performance Collection Tools - ENU-->MsiExec.exe /I{FE74AC04-F248-4641-B3A9-89C6AA4339CD}
Microsoft Visual Studio 2012 Performance Collection Tools-->MsiExec.exe /I{633AB014-DDE6-403E-A302-8920CC32C543}
Microsoft Visual Studio 2012 Preparation-->MsiExec.exe /I{16DD6E8B-E10B-4B6D-BC2D-B2BF631094F2}
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack-->MsiExec.exe /X{B9F35D86-242E-3FA4-B9F8-A982E0DF918D}
Microsoft Visual Studio 2012 SharePoint Developer Tools-->MsiExec.exe /X{A3A6D5EA-B6B5-3C05-BDA8-EAB99C09CDDC}
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies-->MsiExec.exe /I{820C677A-41B2-48C3-8136-FEE35A052E73}
Microsoft Visual Studio 2012 Shell (Minimum) Resources-->MsiExec.exe /I{38FC6E9A-F719-431A-A83D-4C86D5FD6555}
Microsoft Visual Studio 2012 Shell (Minimum)-->MsiExec.exe /I{800F484E-9D69-492D-B656-7BAA32586142}
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU-->MsiExec.exe /I{E818AE7C-244B-4A50-9C86-C0E4A8B69159}
Microsoft Visual Studio Professional 2012-->"C:\ProgramData\Package Cache\{17c2e197-cf26-443b-8beb-53151940df3f}\vs_professional.exe" /uninstall
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU-->MsiExec.exe /I{68A48EF1-DF03-394F-AF40-1E4FE42BB8DD}
Microsoft Visual Studio Team Foundation Server 2012 Object Model-->MsiExec.exe /I{6F07A6C2-9068-3673-A120-DC10012468C6}
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU-->MsiExec.exe /I{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer-->MsiExec.exe /I{6DAB46E3-D017-3E2B-85D8-F57A230384C0}
Microsoft Web Deploy 3.0-->MsiExec.exe /I{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}
Microsoft Web Deploy dbSqlPackage Provider - enu-->MsiExec.exe /X{E4C33F5B-1B2F-466E-957E-B274F08151A0}
Microsoft Web Developer Tools - Visual Studio 2012-->MsiExec.exe /I{B96FCD4F-6EDD-4258-8A6D-0FCEA8445E3E}
Microsoft Web Platform Installer 4.0-->MsiExec.exe /X{E2B8249D-895C-4685-8C83-00F3B1A13028}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Microsoft_VC90_MFCLOC_x86_x64-->MsiExec.exe /I{90BF0360-A1DB-4599-A643-95AB90A52C1E}
Microsoft_VC90_MFCLOC_x86-->MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
Movie Maker-->MsiExec.exe /X{45898170-E68C-4F02-AA35-C2186BF347A3}
Movie Maker-->MsiExec.exe /X{CFBFE244-6269-41DC-85B6-86F99C88ED02}
Mozilla Firefox 23.0.1 (x86 sk)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MRCE 189 2.0-->"E:\Program Files (x86)\Microsoft Games\Train Simulator\unins000.exe"
MSTS Bernina Bahn v0.7.3-->"E:\Program Files (x86)\Microsoft Games\Train Simulator_rhb\unins000.exe"
MSTS Bernina Bahn v0.7.5-->"E:\Program Files (x86)\Microsoft Games\Train Simulator_rhb\unins001.exe"
MSTS Patch 1.8.0521 EN-->E:\Program Files (x86)\Microsoft Games\Train Simulator_rhb\Uninst_MSTS Patch 1.8.0521 EN.exe /U "E:\Program Files (x86)\Microsoft Games\Train Simulator_rhb\Uninst_MSTS Patch 1.8.0521 EN.log"
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
NB Probe-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\Setup.exe" -l0x9
OMSI - Addon Wien-->"C:\Program Files (x86)\InstallShield Installation Information\{7194EE66-1674-4082-85F3-769B844D6BD0}\setup.exe" -runfromtemp -l0x0409 -removeonly
OMSI - Der Omnibussimulator-->"C:\Program Files (x86)\InstallShield Installation Information\{9AE850A4-B89D-4875-A159-B1B64D717EFB}\setup.exe" -runfromtemp -l0x0409 -removeonly
OMSI - Hamburg-->"C:\Program Files (x86)\InstallShield Installation Information\{CBAF25BB-BD31-4663-84C8-13104B3D3DCC}\setup.exe" -runfromtemp -l0x0409 -removeonly
Opera 12.16-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Oracle VM VirtualBox 4.2.8-->MsiExec.exe /I{C017D5C7-E2C0-4276-8C8A-0CB6D5914DDD}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Photo Common-->MsiExec.exe /X{140754E1-C019-44A9-A81B-2D7625AABE8A}
Photo Gallery-->MsiExec.exe /X{0F929651-F516-4956-90F2-FFBD2CD5D30E}
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" -l0x000409 /z-uninstall
PowerProducer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
PreEmptive Analytics Visual Studio Components-->MsiExec.exe /X{2C76E3DA-BA76-4FAD-B1B1-72B46D639028}
Prerequisites for SSDT -->MsiExec.exe /I{9169C939-ED01-446A-BD0C-29873BAF4E48}
PrivitizeVPN-->C:\Program Files (x86)\PrivitizeVPN\uninstall.exe /vpn
Pro Cycling Manager - Season 2012 version 1.2.0.0-->"E:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2012\unins000.exe"
PSPad editor-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
Quest Software Toad Data Modeler Freeware 2.25-->"C:\Program Files (x86)\Quest Software\Toad Data Modeler Freeware\Uninstall_TDM_GBI_Freeware\unins000.exe"
Quest Software Toad Data Modeler-->MsiExec.exe /I{2CAF0576-1BAD-4C3E-A1DB-D6D585495DED}
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Renault Karosa Citybus 12M-->E:\Program Files (x86)\OMSI\Uninstal.exe
Rigs of Rods 0.38.67-->"E:\Program Files (x86)\Rigs of Rods 0.38\uninst.exe"
Sandboxie 3.76 (64-bit)-->"C:\Windows\Installer\SandboxieInstall64.exe" /remove
SketchUp 2013-->MsiExec.exe /X{72B622C9-AA10-47D7-A10C-377CF9BC8502}
SketchUp 8-->MsiExec.exe /X{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 6.3-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Speccy-->"C:\Program Files\Speccy\uninst.exe"
SpinTires Tech Demo (June 060613)-->MsiExec.exe /I{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}
TeamViewer 8-->C:\Program Files (x86)\TeamViewer\Version8\uninstall.exe
TGATool2A version 4.00.34-->"C:\Program Files (x86)\MW\TGATool2\unins000.exe"
Todoist version 2.1-->"C:\Program Files (x86)\Todoist\unins000.exe"
TopStyle 5-->"C:\Program Files (x86)\TopStyle 5\unins000.exe"
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Train Store V3.2-->C:\Program Files (x86)\J A Formoso\Train Store\Uninstal.exe
Trainz Simulator 12-->"E:\Program Files (x86)\N3V Games\TS12\unins000.exe"
Trend Micro Internet Security-->C:\Program Files\Trend Micro\Internet Security\remove.exe
Trend Micro Internet Security-->MsiExec.exe /X{9D2B0322-44AE-460E-9283-4D2D7A9205AE}
Update for (KB2504637)-->C:\Windows\SysWOW64\msiexec.exe /package {CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE} /uninstall {815F0BC1-7E54-300C-9ACA-C9460FDF6F78} /qb+ REBOOTPROMPT=""
USB2.0 UVC VGA WebCam-->C:\Windows\snuninst.exe /name='USB2.0 UVC VGA WebCam'
Visual Studio 2012 Prerequisites - ENU Language Pack-->MsiExec.exe /X{13417784-A359-3CDD-8DE1-B7108707D647}
Visual Studio 2012 Prerequisites-->MsiExec.exe /X{61862D7C-CDBC-48D5-8AE1-3B8BD1E23BC5}
Visual Studio Extensions for Windows Library for JavaScript-->MsiExec.exe /I{89B4532E-19CE-4FA9-9692-10BFD5A38532}
VLC media player 2.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WCF Data Services 5.0 (for OData v3) Primary Components-->MsiExec.exe /I{0BCC836F-0B28-4090-B58A-64883BAA3B2F}
WCF Data Services Tools for Microsoft Visual Studio 2012-->MsiExec.exe /I{148878BD-A2A5-4CF1-A103-2BA632F41953}
WCF RIA Services V1.0 SP2-->MsiExec.exe /X{3A523AF9-D32F-4C85-8388-0335731F3405}
WIDCOMM Bluetooth Software-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
Windows App Certification Kit Native Components-->MsiExec.exe /I{3FA063D7-EDC1-AFA8-54AF-0563C7DEE070}
Windows App Certification Kit x64-->MsiExec.exe /I{02213A81-CB13-7262-5ABE-1FFA2C75559F}
Windows Live Communications Platform-->MsiExec.exe /I{03D562B5-C4E2-4846-A920-33178788BE00}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FA29B84F-8306-4A62-A340-F2C41305E7AF}
Windows Live Family Safety-->MsiExec.exe /I{57ADCDED-9C85-43D1-97B3-BC961476190F}
Windows Live Family Safety-->MsiExec.exe /X{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{CE52672C-A0E9-4450-8875-88A221D5CD50}
Windows Live Installer-->MsiExec.exe /I{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}
Windows Live Mail-->MsiExec.exe /I{D604900F-A275-416C-AF9D-CDEDF58B72DB}
Windows Live Mail-->MsiExec.exe /I{F2CEE664-F9A3-4235-A11A-42B15884F4D4}
Windows Live MIME IFilter-->MsiExec.exe /I{5EEC477F-8E9B-4420-8829-16E7426227DB}
Windows Live Photo Common-->MsiExec.exe /X{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}
Windows Live PIMT Platform-->MsiExec.exe /I{E3445598-4424-4EE2-B71C-C23325F7FB71}
Windows Live SOXE Definitions-->MsiExec.exe /I{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}
Windows Live SOXE-->MsiExec.exe /I{6B6923B9-8719-425B-916C-CD2908F31AAF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{28950295-A98C-4081-AC82-045E9879945E}
Windows Live UX Platform-->MsiExec.exe /I{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}
Windows Live Writer Resources-->MsiExec.exe /X{8C55FF2F-D9AC-4EBC-8AA2-90E2552634C0}
Windows Live Writer-->MsiExec.exe /X{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}
Windows Live Writer-->MsiExec.exe /X{DD351214-3151-4A87-B22F-AE2B58F1575F}
Windows Live Writer-->MsiExec.exe /X{EFBCA571-617D-484A-9ECA-E301BB6D0750}
Windows Runtime Intellisense Content - en-us-->MsiExec.exe /I{C81452EB-CBCF-B8EB-3124-48C5B3D506B0}
Windows Software Development Kit DirectX x64 Remote-->MsiExec.exe /I{5FB4C443-6BD6-1514-2717-3827D65AE6FB}
Windows Software Development Kit DirectX x86 Remote-->MsiExec.exe /I{23176E97-26CB-C72A-19EB-BFB21AC1D15A}
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote-->MsiExec.exe /I{27EF252D-800C-ED42-9904-459FE0046225}
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote-->MsiExec.exe /I{42F61556-29ED-8122-F39E-6F04EA5FF279}
Windows Software Development Kit for Windows Store Apps-->MsiExec.exe /I{D11F66FF-82B3-DDB8-1146-525370552BE1}
Windows Software Development Kit-->MsiExec.exe /I{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}
WinHTTrack Website Copier 3.43-9D-->"C:\Program Files (x86)\WinHTTrack\unins000.exe"
WinRAR 4.20 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
WinSCP 5.1.4-->"C:\Program Files (x86)\WinSCP\unins000.exe"
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
XAMPP 1.8.1-->"c:\xampp\uninstall.exe"
Xpress 7.3-->"C:\Program Files (x86)\InstallShield Installation Information\{16B0FDDD-BE74-4A4C-92A9-5A5263352A4E}\setup.exe" -runfromtemp -l0x0409 -uninst -removeonly
Zend Studio 9.0.3-->MsiExec.exe /I{A73D4BEE-2BBE-4285-BF6C-4B8C7C001920}

======System event log======

Computer Name: Martin-PC
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 269211
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20130716080537.045566-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Martin-PC
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 267961
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20130715212130.585821-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Martin-PC
Event Code: 1014
Message: Name resolution for the name sport.sme.sk timed out after none of the configured DNS servers responded.
Record Number: 267832
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130715164234.008156-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Martin-PC
Event Code: 1073
Message: Pokus používateľa Martin-PC\Administrator o reštartovanie alebo vypnutie počítača MARTIN-PC zlyhal.
Record Number: 267656
Source Name: USER32
Time Written: 20130715133535.000000-000
Event Type: Warning
User: Martin-PC\Administrator

Computer Name: Martin-PC
Event Code: 1014
Message: Name resolution for the name oldsharpeye.thumblogger.com timed out after none of the configured DNS servers responded.
Record Number: 267049
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130715114948.199301-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: Martin-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 230
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20130221163556.787132-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Martin-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 228
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20130221163556.693126-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Martin-PC
Event Code: 1534
Message: Profile notification of event Create for component {56EA1054-1959-467f-BE3B-A2A787C4B6EA} failed, error code is ???.

Record Number: 183
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20130221163105.240311-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Martin-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 288) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
Record Number: 178
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20130221163028.260220-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Martin-PC
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 96
Source Name: Microsoft-Windows-Search
Time Written: 20130221162825.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: A security-enabled local group was changed.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Changed Attributes:
SAM Account Name: -
SID History: -

Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130221162032.734451-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: A security-enabled local group was created.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7

New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Attributes:
SAM Account Name: Backup Operators
SID History: -

Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130221162032.734451-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x590ba
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130221162032.282050-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130221162030.410047-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130221162030.378847-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%XPRESSDIR%\bin;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files (x86)\Windows Kits\8.0\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=2502
"XPRESSDIR"=C:\xpressmp
"INCLUDE"=%XPRESSDIR%\include;
"LIB"=%XPRESSDIR%\lib;
"CLASSPATH"=%XPRESSDIR%\lib\xprs.jar;%XPRESSDIR%\lib\xprb.jar;%XPRESSDIR%\lib\xprm.jar;
"VBOX_INSTALL_PATH"=C:\Program Files\Oracle\VirtualBox\
"VS110COMNTOOLS"=C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\Tools\

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 18 srp 2013 10:23

Zdravím!
Tento log je mi k ničemu. Potřebuji vidět obsah souboru log.txt (druhý, který se otevře po ukončení skenu RSIT).

orion05 · #3 Příspěvek od **orion05** » 18 srp 2013 10:42

aha, no trochu som sa ponáhľal, tu je log

Kód: Vybrat vše

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-08-18 09:44:41
Microsoft Windows 7 Ultimate  
System drive C: has 34 GB (27%) free of 127 GB
Total RAM: 3948 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:44:44, on 18. 8. 2013
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Users\Administrator\Local Settings\Apps\F.lux\flux.exe
C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchou.com/?id=d41254070000000000001a4bd6a723b5
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~2\Zend\ZENDST~1.3\toolbars\ZENDIE~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\4.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [F.lux] "C:\Users\Administrator\Local Settings\Apps\F.lux\flux.exe" /noshow
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_361C1DD22E1256C6B68316A32E8B1949] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~2\Zend\ZENDST~1.3\toolbars\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~2\Zend\ZENDST~1.3\toolbars\ZENDIE~1.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:   c:\progra~2\magnipic\assist~1.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15886 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2396
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {714AA52B-D4AF-4215-AAD4-C8F9E7A397A6}
"C:\Program Files\P4G\BatteryLife.exe" 
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe" 
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" 
"C:\Program Files\Elantech\ETDCtrl.exe" 
"C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" 
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Users\Administrator\Local Settings\Apps\F.lux\flux.exe" /noshow
"C:\Program Files\Sandboxie\SbieCtrl.exe" 
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" 
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe" 
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" 
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" 
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe --run-from-service --silent
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" 
"C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe"
"C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Trend Micro\Internet Security\TmProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Trend Micro\BM\TMBMSRV.exe" /service
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\Administrator\Desktop\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\MagniPicUpdaterTask{56511B83-4698-4273-8AFB-554537371753}.job
C:\Windows\tasks\MagniPicUpdaterTask{6864671F-2A7F-400F-B929-0E15DFC8D4F6}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\g339385d.default

prefs.js - "browser.startup.homepage" -  "http://searchou.com/?id=d41254070000000000001a4bd6a723b5"
prefs.js - "keyword.URL" -  ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\g339385d.default\extensions\
lpcigkd@gaahs.net
rkb@tqcouuy.org

C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\g339385d.default\searchplugins\
bingp.xml
privitize.xml
Searchou.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-27 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-07-12 6308736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2009-12-30 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-27 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-03-19 583008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-07-12 4532096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2009-12-30 561040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95188727-288F-4581-A48D-EAB3BD027314} - Zend Studio - C:\PROGRA~2\Zend\ZENDST~1.3\toolbars\ZENDIE~1.DLL [2007-12-06 192512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-01-13 635784]
"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2010-02-23 1022904]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-26 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"F.lux"=C:\Users\Administrator\Local Settings\Apps\F.lux\flux.exe [2009-08-29 966656]
"GoogleChromeAutoLaunch_361C1DD22E1256C6B68316A32E8B1949"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-07-25 846288]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2012-12-16 765200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [2008-02-22 62760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2008-04-02 87336]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2009-12-31 91520]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]
"UpdatePPShortCut"=C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-01-04 222504]
"UpdatePSTShortCut"=C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-10-22 210216]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-02-21 222504]
"Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2013-05-15 554408]
"Ad-Aware Antivirus"=C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-08-18 09:19:30 ----D---- C:\Program Files\CCleaner
2013-08-18 09:11:47 ----D---- C:\rsit
2013-08-18 00:10:54 ----A---- C:\Windows\Sandboxie.ini
2013-08-18 00:09:47 ----D---- C:\Program Files\Sandboxie
2013-08-17 10:35:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-16 20:00:08 ----D---- C:\Program Files\Speccy
2013-08-13 17:43:05 ----D---- C:\Program Files (x86)\MW
2013-08-13 17:42:21 ----D---- C:\Program Files (x86)\AceIt
2013-08-13 17:41:40 ----N---- C:\Windows\SYSWOW64\mwgfxvb.dll
2013-08-13 17:41:40 ----N---- C:\Windows\SYSWOW64\mwgfxcopy.exe
2013-08-13 17:41:39 ----N---- C:\Windows\SYSWOW64\mwgfx24.dll
2013-08-13 17:41:39 ----N---- C:\Windows\SYSWOW64\mwgfx.dll
2013-08-13 17:41:39 ----N---- C:\Windows\SYSWOW64\mwdlg.dll
2013-08-13 17:41:38 ----N---- C:\Windows\SYSWOW64\mwddsvb.dll
2013-08-13 17:41:38 ----N---- C:\Windows\SYSWOW64\mwdds.dll
2013-08-13 17:41:38 ----N---- C:\Windows\SYSWOW64\mwacevb.dll
2013-08-13 17:41:38 ----N---- C:\Windows\SYSWOW64\mwace.dll
2013-08-13 17:40:23 ----D---- C:\Program Files (x86)\Route_Riter
2013-08-12 22:54:42 ----D---- C:\Users\Administrator\AppData\Roaming\Blender Foundation
2013-08-12 21:44:34 ----D---- C:\Program Files (x86)\Blender
2013-07-28 11:03:33 ----D---- C:\ProgramData\EAGLE Software
2013-07-28 11:03:29 ----D---- C:\Program Files (x86)\Cyklotrasy
2013-07-20 19:47:20 ----D---- C:\Windows\SYSWOW64\directx

======List of files/folders modified in the last 1 month======

2013-08-18 09:44:43 ----D---- C:\Program Files\Trend Micro
2013-08-18 09:44:41 ----D---- C:\Windows\Temp
2013-08-18 09:44:41 ----D---- C:\Windows\system32\drivers\etc
2013-08-18 09:41:25 ----SHD---- C:\Windows\Installer
2013-08-18 09:41:22 ----RD---- C:\Program Files (x86)
2013-08-18 09:41:19 ----HD---- C:\ProgramData
2013-08-18 09:39:53 ----SHD---- C:\System Volume Information
2013-08-18 09:38:34 ----D---- C:\Program Files (x86)\Common Files
2013-08-18 09:38:30 ----RSD---- C:\Windows\assembly
2013-08-18 09:30:40 ----D---- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
2013-08-18 09:30:30 ----D---- C:\Users\Administrator\AppData\Roaming\uTorrent
2013-08-18 09:29:19 ----D---- C:\Windows\Panther
2013-08-18 09:29:19 ----D---- C:\Windows\inf
2013-08-18 09:29:18 ----D---- C:\Windows\Minidump
2013-08-18 09:29:18 ----D---- C:\Windows\Logs
2013-08-18 09:29:18 ----D---- C:\Windows\debug
2013-08-18 09:29:18 ----D---- C:\Windows
2013-08-18 09:19:33 ----D---- C:\Windows\system32\Tasks
2013-08-18 09:19:30 ----RD---- C:\Program Files
2013-08-18 09:19:19 ----D---- C:\Windows\Prefetch
2013-08-18 08:44:55 ----D---- C:\Users\Administrator\AppData\Roaming\Dropbox
2013-08-18 08:44:35 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-08-18 08:44:28 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-08-18 08:43:34 ----A---- C:\Windows\SYSWOW64\log.txt
2013-08-17 23:08:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 22:13:33 ----D---- C:\Users\Administrator\AppData\Roaming\Skype
2013-08-17 22:01:26 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2013-08-17 10:11:10 ----D---- C:\Windows\System32
2013-08-17 10:11:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-16 19:55:43 ----D---- C:\Users\Administrator\AppData\Roaming\vlc
2013-08-15 11:58:15 ----D---- C:\Users\Administrator\AppData\Roaming\Pro Cycling Manager 2012
2013-08-15 11:06:13 ----D---- C:\Users\Administrator\AppData\Roaming\PSpad
2013-08-13 17:41:40 ----D---- C:\Windows\SysWOW64
2013-08-13 14:24:56 ----D---- C:\Windows\system32\config
2013-08-12 16:07:35 ----D---- C:\Program Files\Microsoft Games
2013-08-10 07:17:04 ----D---- C:\Windows\system32\catroot2
2013-08-07 11:05:45 ----D---- C:\ProgramData\CanonIJPLM
2013-08-07 11:05:45 ----D---- C:\ProgramData\CanonIJ
2013-07-28 08:37:52 ----D---- C:\Program Files (x86)\Thread Manager
2013-07-22 19:17:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-21 09:12:14 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-07-02 14456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-23 564824]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-23 283200]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2009-09-29 107536]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-02-20 237840]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-02-20 120080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 17464]
R2 sbapifs;sbapifs; C:\Windows\system32\DRIVERS\sbapifs.sys [2012-09-12 82872]
R2 tmpreflt;tmpreflt; C:\Windows\system32\DRIVERS\tmpreflt.sys [2011-07-12 42768]
R2 tmxpflt;tmxpflt; C:\Windows\system32\DRIVERS\tmxpflt.sys [2011-07-12 342288]
R2 vsapint;vsapint; C:\Windows\system32\DRIVERS\vsapint.sys [2011-07-12 2077456]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-01-22 6233088]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-01-22 161280]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-30 704512]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-01-18 128512]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2009-12-04 107120]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NLNdisMP;NLNdisMP; C:\Windows\system32\DRIVERS\nlndis.sys [2011-03-21 33416]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 34032]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2013-02-20 146704]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-01-22 6233088]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 cpuz136;cpuz136; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 gfiark;gfiark; C:\Windows\system32\drivers\gfiark.sys [2013-04-11 39504]
S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\Windows\system32\DRIVERS\nlndis.sys [2011-03-21 33416]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-02-20 131856]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 VSPerfDrv110;Performance Tools Driver 11.0; \??\C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [2012-07-13 70264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ad-Aware Service;Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-06-13 1236336]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-07 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-01-22 202752]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 SBAMSvc;Ad-Aware; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-09-20 3677000]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2012-12-16 123664]
R2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2010-10-09 859712]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-07-12 3289472]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-06-13 4150112]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-09-29 570632]
R3 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-09-29 917768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-12-29 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-12-29 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139680]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139680]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139680]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 18 srp 2013 10:54

Váš oper. systém bude nepochybně legální, že?

VIRY.CZ

malware v NTB

malware v NTB

Re: malware v NTB

Re: malware v NTB

Re: malware v NTB