VIRY.CZ

Dobry den,

mam problem s mym pocitacem... Hostuju nanem web a herny server, kterej fungoval do patku.. Puvodne ze to jenom kvoli tomu ze v BBXNETu zrusili verejnu ip, ale nezrusili, tak sme skusili hamachi a ani to neslo(Kdyz sme zacali hostovat, tak to bolo pod hamachi, a vsetko slo).. Port Forwading je 100% dobrej nastavenej, takze tam nebude chyba (skusili sme to na inom pc pripojenej na ten isty router a tam to jelo.).. Skusali sme vypnut ESET a Firewall, no firewall uz bol vypnuty a vypnutie esetu nepomohlo. Ked som sa isiel kuknut do Win Firewall port forwading, pise mi neaky error 0x6b8 (neak tak). Skusal sem navody z internetu , no nepomohli.. Celkovo, firewall sa neda zapnut, lebo vo servicoch tam vobec neni(povedal kamarat).. Takze uz vic nevim, zrejme to bude vir...

Zde su logy:

info.txt:
info.txt logfile of random's system information tool 1.09 2013-01-21 18:42:39

======Uninstall list======

„Windows Live Essentials“-->MsiExec.exe /I{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}
„Windows Live Mail“-->MsiExec.exe /I{2720009D-9566-45A7-A370-0E6DAC313F3F}
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis-->MsiExec.exe /I{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}
„Windows Live Messenger“-->MsiExec.exe /X{122800FE-3AAF-4974-9FBD-54B023FA756A}
„Windows Live“ fotogalerija-->MsiExec.exe /X{C877E454-FA36-409A-A00E-1240CEC61BBD}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
ActiveX контрола на Windows Live Mesh за отдалечени връзки-->MsiExec.exe /I{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe -maintain activex
Adobe Reader X MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
ASUS AI Recovery-->MsiExec.exe /I{D39F0676-163E-4595-A917-E28F99BBD4D2}
ASUS FaceLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Instant Connect-->MsiExec.exe /I{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS USB Charger Plus-->MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS Virtual Touch-->MsiExec.exe /I{938CFBD4-0652-49E5-BB8B-153948865941}
ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe
ASUS_Scr_K_multiColor_noSound-->C:\Windows\ASUS_Scr_K_multiColor_noSound Uninstaller.exe
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
Babylon Chrome Toolbar-->MsiExec.exe /I{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Bing Bar-->MsiExec.exe /X{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Bubbletown-->"C:\Program Files (x86)\Asus\Game Park\Bubbletown\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Bubbletown\install.log"
Client Full - ToPirata 3.0-->D:\ToPirata\Uninstal.exe
Control ActiveX Windows Live Mesh pentru conexiuni la distanță-->MsiExec.exe /I{260E3D78-94E6-47EC-8E29-46301572BB1E}
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink Media Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink Media Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Deadtime Stories-->"C:\Program Files (x86)\Asus\Game Park\Deadtime Stories\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Deadtime Stories\install.log"
DealPly-->C:\Program Files (x86)\DealPly\uninst.exe
Dream Day First Home-->"C:\Program Files (x86)\Asus\Game Park\Dream Day First Home\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Dream Day First Home\install.log"
Dream Vacation Solitaire-->"C:\Program Files (x86)\Asus\Game Park\Dream Vacation Solitaire\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Dream Vacation Solitaire\install.log"
ETDWare PS/2-X64 10.5.9.0-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Farm Frenzy 3 - Madagascar-->"C:\Program Files (x86)\Asus\Game Park\Farm Frenzy 3 - Madagascar\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Farm Frenzy 3 - Madagascar\install.log"
Fast Boot-->MsiExec.exe /I{13F4A7F3-EABC-4261-AF6B-1317777F0755}
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
Galapago-->"C:\Program Files (x86)\Asus\Game Park\Galapago\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Galapago\install.log"
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
Game Park Console-->C:\Program Files (x86)\Asus\Game Park\GameConsole\Uninstall.exe
Garena Plus-->C:\Program Files (x86)\Garena Plus\uninst.exe
Go Go Gourmet Chef of the Year-->"C:\Program Files (x86)\Asus\Game Park\Go Go Gourmet Chef of the Year\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Go Go Gourmet Chef of the Year\install.log"
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E6C807F38EB64284.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HP LaserJet Professional M1130-M1210 MFP Series-->C:\Program Files\HP\HP LaserJet M1210 MFP Series\Uninstall.exe
HP LaserJet Professional M1210 MFP Series Fax Installer-->MsiExec.exe /I{E65099C4-9110-4C31-BD03-5C17EFB5FE92}
InstantOn for NB-->MsiExec.exe /I{749F674B-2674-47E8-879C-5626A06B2A91}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Manageability Engine Firmware Recovery Agent-->MsiExec.exe /X{A6C48A9F-694A-4234-B3AA-62590B668927}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) OpenCL CPU Runtime-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed-->MsiExec.exe /X{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intel(R) WiDi-->MsiExec.exe /X{93F34C5C-ACAA-48F3-9B26-70359A117F12}
Intel® PROSet/Wireless WiFi Software-->MsiExec.exe /I{DF7756DD-656A-45C3-BA71-74673E8259A9}
Intel® Trusted Connect Service Client-->MsiExec.exe /X{09536BA1-E498-4CC3-B834-D884A67D7E34}
Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217009FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Kontrola Windows Live Mesh ActiveX za daljinske veze-->MsiExec.exe /I{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave-->MsiExec.exe /I{CA227A9D-09BE-4BFB-9764-48FED2DA5454}
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {106B4413-ACBB-4CDE-8707-587DB9BD77EC} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{106B4413-ACBB-4CDE-8707-587DB9BD77EC}
Mahjong Memoirs-->"C:\Program Files (x86)\Asus\Game Park\Mahjong Memoirs\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Mahjong Memoirs\install.log"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft .NET Framework 4 Multi-Targeting Pack-->MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}
Microsoft Help Viewer 1.0-->C:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0\install.exe
Microsoft Help Viewer 1.0-->MsiExec.exe /X{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2000-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Uninst.isu" -c"C:\Program Files (x86)\Microsoft SQL Server\MSSQL\sqlsun.dll" -msql.mif i=MSSQLSERVER
Microsoft SQL Server 2008 (64-bit)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\SetupARP.exe"
Microsoft SQL Server 2008 (64-bit)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\SetupARP.exe"
Microsoft SQL Server 2008 Browser-->MsiExec.exe /X{C688457E-03FD-4941-923B-A27F4D42A7DD}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{5340A3B5-3853-4745-BED2-DD9FF5371331}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{FA7394B8-CE65-4F9E-AC99-F372AD365424}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{FBD367D1-642F-47CF-B79B-9BE48FB34007}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{DF167CE3-60E7-44EA-99EC-2507C51F37AE}
Microsoft SQL Server 2008 Native Client-->MsiExec.exe /I{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}
Microsoft SQL Server 2008 R2 Management Objects-->MsiExec.exe /I{4E968D9C-21A7-4915-B698-F7AEB913541D}
Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}
Microsoft SQL Server 2008 Setup Support Files -->MsiExec.exe /X{B40EE88B-400A-4266-A17B-E3DE64E94431}
Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft SQL Server Compact 3.5 SP2 x64 ENU-->MsiExec.exe /I{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}
Microsoft SQL Server System CLR Types-->MsiExec.exe /I{2A2F3AE8-246A-4252-BB26-1BEB45627074}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{0826F9E4-787E-481D-83E0-BC6A57B056D5}
Microsoft Visual Basic 2010 Express - ENU-->C:\Program Files (x86)\Microsoft Visual Studio 10.0\Microsoft Visual Basic 2010 Express - ENU\setup.exe
Microsoft Visual Basic 2010 Express - ENU-->MsiExec.exe /X{ED784556-66AA-3F17-9B58-7246ACB5C7E4}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319-->MsiExec.exe /X{94D70749-4281-39AC-AD90-B56A0E0A402E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools-->MsiExec.exe /X{14DD7530-CCD2-3798-B37D-3839ED6A441C}
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU-->MsiExec.exe /X{BCA26999-EC22-3007-BB79-638913079C9A}
Mozilla Firefox 18.0.1 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
myBitCast 1.0.0.3-->C:\Program Files\Windows Sidebar\Gadgets\myBitCast.Gadget\uninst.exe
NEO Launcher 2.0-->D:\NEWW ERA\NEO Launcher\Uninstall.exe
NEO_Patch 2.0.1-->D:\NEWW ERA\NEO Launcher\NEO_Patch\Uninstall.exe
No-IP DUC-->C:\Program Files (x86)\No-IP\Uninstall.exe
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
NVIDIA Graphics Driver 296.16-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Update 1.7.12-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Update
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia-->MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Plants vs Zombies-->"C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\install.log"
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
PPO Full Patch različica 9.0-->"D:\PPP\Tales of Pirates Online\PPO Full Patch\unins000.exe"
Rage Of Sage Online-->D:\Rage of Sage\Uninstal.exe
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
Scan To-->MsiExec.exe /I{E8A34AC8-0137-4515-A94B-0A0946DDC251}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft Visual Basic 2010 Express - ENU (KB2251489)-->C:\Windows\SysWOW64\msiexec.exe /package {ED784556-66AA-3F17-9B58-7246ACB5C7E4} /uninstall {F606AC5F-4A30-3D7F-BC43-1200864BD9E5} /qb+ REBOOTPROMPT=""
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\setup.exe" /Action=RemovePatch /AllInstances
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}
Tales of Pirates Online-->"D:\Pirati Valey moj server\Tales of Pirates Online\unins000.exe"
TeamViewer 8-->C:\Program Files (x86)\TeamViewer\Version8\uninstall.exe
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Turbo Fiesta-->"C:\Program Files (x86)\Asus\Game Park\Turbo Fiesta\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Turbo Fiesta\install.log"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /X{112C23F2-C036-4D40-BED4-0CB47BF5555C}
WampServer 2.2-->"c:\wamp\unins000.exe"
Warcraft III-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Warcraft III\Uninstall.exe
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}
Windows Live Essentials-->MsiExec.exe /I{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}
Windows Live Essentials-->MsiExec.exe /I{A1668729-C4D2-49AE-877B-FB608362FFF1}
Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}
Windows Live Family Safety-->MsiExec.exe /I{03E5CBD3-73E3-410D-890D-D3F48B2653A6}
Windows Live Family Safety-->MsiExec.exe /I{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}
Windows Live Family Safety-->MsiExec.exe /I{0F872589-F781-4EAF-9CBC-BF6A9809F17D}
Windows Live Family Safety-->MsiExec.exe /I{19E42E62-8C05-42DE-9DC4-C606F9F8927B}
Windows Live Family Safety-->MsiExec.exe /I{1E8F990F-A140-47D4-B266-402E9CF96FC3}
Windows Live Family Safety-->MsiExec.exe /I{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}
Windows Live Family Safety-->MsiExec.exe /I{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}
Windows Live Family Safety-->MsiExec.exe /I{5708148D-3A0E-4587-8311-DFCFA33F4D92}
Windows Live Family Safety-->MsiExec.exe /I{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}
Windows Live Family Safety-->MsiExec.exe /I{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}
Windows Live Family Safety-->MsiExec.exe /I{B96C4CA9-FA40-490C-B3BB-50F84A44694E}
Windows Live Family Safety-->MsiExec.exe /I{BCA3DCDA-170A-44DB-A888-78105ABACF43}
Windows Live Family Safety-->MsiExec.exe /I{D8F30372-43E3-4720-ABDE-11C95E562B71}
Windows Live Family Safety-->MsiExec.exe /X{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}
Windows Live fotoattēlu galerija-->MsiExec.exe /X{CF936193-C584-458C-B793-15FA945621AF}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Foto-galerija-->MsiExec.exe /X{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}
Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{180C8888-50F1-426B-A9DC-AB83A1989C65}
Windows Live Mail-->MsiExec.exe /I{0B80A0FD-755A-4796-BFB0-A7B07366F33A}
Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail-->MsiExec.exe /I{F66430D8-08E6-4C96-B9B7-90E66E27D58C}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh ActiveX kontrola za daljinske veze-->MsiExec.exe /I{8985AE5E-622A-4980-8BF8-0A1830643220}
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem-->MsiExec.exe /I{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}
Windows Live Mesh ActiveX-i juhtelement kaugühendustele-->MsiExec.exe /I{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz-->MsiExec.exe /I{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}
Windows Live Mesh-->MsiExec.exe /I{0A093C39-CBB3-4142-B93F-562F176B6305}
Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh-->MsiExec.exe /I{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{EAB1BDF2-734A-4D44-9169-7615D185C974}
Windows Live Mesh-->MsiExec.exe /I{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}
Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}
Windows Live Messenger-->MsiExec.exe /X{2F54E453-8C93-4B3B-936A-233C909E6CAC}
Windows Live Messenger-->MsiExec.exe /X{A3389C72-1782-4BB4-BBAA-33345DE52E3F}
Windows Live Messenger-->MsiExec.exe /X{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}
Windows Live Messenger-->MsiExec.exe /X{BD0C3887-64E6-41D8-9A38-BC6F34369352}
Windows Live Messenger-->MsiExec.exe /X{BD215FCB-27E8-4C86-9251-8B8C1D548743}
Windows Live Messenger-->MsiExec.exe /X{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Messenger-->MsiExec.exe /X{E9AD2143-26D5-4201-BED1-19DCC03B407D}
Windows Live Messenger-->MsiExec.exe /X{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}
Windows Live Messenger-->MsiExec.exe /X{F35DC85A-E96B-496B-ABE7-F04192824856}
Windows Live Messenger-->MsiExec.exe /X{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}
Windows Live Messenger-->MsiExec.exe /X{FA20D803-14E5-4B00-8F03-B519D46F9D4A}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}
Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker-->MsiExec.exe /X{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{1168ECF1-2932-4E86-BC83-560C256C8022}
Windows Live Photo Common-->MsiExec.exe /X{442032CB-900C-49C7-B4B4-2B76525DD403}
Windows Live Photo Common-->MsiExec.exe /X{5D163056-96B7-440F-A836-89BA5D3CFF2F}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Pošta-->MsiExec.exe /I{517EAAB9-C35E-4949-B8C2-20C241162BBB}
Windows Live Remote Client Resources-->MsiExec.exe /I{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}
Windows Live Remote Client Resources-->MsiExec.exe /I{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}
Windows Live Remote Client Resources-->MsiExec.exe /I{2F304EF4-0C31-47F4-8557-0641AAE4197C}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client Resources-->MsiExec.exe /I{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}
Windows Live Remote Client Resources-->MsiExec.exe /I{5F44A3A1-5D24-4708-8776-66B42B174C64}
Windows Live Remote Client Resources-->MsiExec.exe /I{641B32DB-8226-4250-86C9-34671162F5D5}
Windows Live Remote Client Resources-->MsiExec.exe /I{78654366-5889-4A70-90D9-04B00709EEE0}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client Resources-->MsiExec.exe /I{B680A663-1A15-47A5-A07C-7DF9A97558B7}
Windows Live Remote Client Resources-->MsiExec.exe /I{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}
Windows Live Remote Client Resources-->MsiExec.exe /I{ED421F97-E1C3-4E78-9F54-A53888215D58}
Windows Live Remote Client Resources-->MsiExec.exe /I{F0793412-6407-4870-9A8C-6FE198A4EB12}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}
Windows Live Remote Service Resources-->MsiExec.exe /I{29CFD07F-4971-41B0-B14D-621ACCC264AC}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service Resources-->MsiExec.exe /I{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}
Windows Live Remote Service Resources-->MsiExec.exe /I{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}
Windows Live Remote Service Resources-->MsiExec.exe /I{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}
Windows Live Remote Service Resources-->MsiExec.exe /I{61407251-7F7D-4303-810D-226A04D5CFF3}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service Resources-->MsiExec.exe /I{6A2482BC-733A-404A-939A-2D5BC636E6F9}
Windows Live Remote Service Resources-->MsiExec.exe /I{97A295A7-8840-4B35-BB61-27A8F4512CA3}
Windows Live Remote Service Resources-->MsiExec.exe /I{9E9C960F-7F47-46D5-A95D-950B354DE2B8}
Windows Live Remote Service Resources-->MsiExec.exe /I{D157C6E7-5847-4FD1-BEDC-7389493874F6}
Windows Live Remote Service Resources-->MsiExec.exe /I{D3E4F422-7E0F-49C7-8B00-F42490D7A385}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2CC0789D-D31B-445F-8970-6E058BE39754}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{545192D4-E817-4EAA-834D-623EA50CF268}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{826A9D28-CAB2-4950-8AAA-B639DCA444CE}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources-->MsiExec.exe /X{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}
Windows Live Writer Resources-->MsiExec.exe /X{77DAF553-291A-4471-988C-5677D90DB57E}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources-->MsiExec.exe /X{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}
Windows Live Writer Resources-->MsiExec.exe /X{D987098B-3AD4-4E88-B80E-CF27A32D1955}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{047377C9-C74B-4345-82E8-03BAE5DF2C32}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer-->MsiExec.exe /X{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}
Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer-->MsiExec.exe /X{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live'i fotogalerii-->MsiExec.exe /X{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR 4.20 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Wireless Console 3-->MsiExec.exe /I{19EA33FB-B34E-40EA-8B8A-61743AEB795A}
World of Goo-->"C:\Program Files (x86)\Asus\Game Park\World of Goo\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\World of Goo\install.log"
XAMPP 1.6.6-->"c:\xampp\uninstall.exe"
Фотогалерия на Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}

======System event log======

Computer Name: Matej-PC
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 3642
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121111164000.828283-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Matej-PC
Event Code: 10002
Message: Modul WLAN Extensibility Module sa zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Record Number: 3641
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20121111164000.828283-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Matej-PC
Event Code: 11
Message: Načítavajú sa vlastné knižnice dynamických prepojení pre všetky aplikácie. Správca systému by mal skontrolovať zoznam knižníc a zistiť, či patria dôveryhodným aplikáciám.
Record Number: 3461
Source Name: Microsoft-Windows-Wininit
Time Written: 20121112073452.574107-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Matej-PC
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 3431
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120818053730.348938-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Matej-PC
Event Code: 10002
Message: Modul WLAN Extensibility Module sa zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Record Number: 3427
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120818053730.317738-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Matej-PC
Event Code: 2
Message:
Record Number: 3043015
Source Name: NVIDIA OpenGL Driver
Time Written: 20121117120436.000000-000
Event Type: Warning
User:

Computer Name: Matej-PC
Event Code: 2
Message:
Record Number: 3043014
Source Name: NVIDIA OpenGL Driver
Time Written: 20121117120436.000000-000
Event Type: Warning
User:

Computer Name: Matej-PC
Event Code: 2
Message:
Record Number: 3043013
Source Name: NVIDIA OpenGL Driver
Time Written: 20121117120436.000000-000
Event Type: Warning
User:

Computer Name: Matej-PC
Event Code: 2
Message:
Record Number: 3043012
Source Name: NVIDIA OpenGL Driver
Time Written: 20121117120436.000000-000
Event Type: Warning
User:

Computer Name: Matej-PC
Event Code: 2
Message:
Record Number: 3043011
Source Name: NVIDIA OpenGL Driver
Time Written: 20121117120436.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: WIN-IT8U37KJOO8
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: WIN-IT8U37KJOO8$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x330
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4270
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120818053728.040134-000
Event Type: Audit Success
User:

Computer Name: WIN-IT8U37KJOO8
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 4269
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120818053726.558131-000
Event Type: Audit Success
User:

Computer Name: WIN-IT8U37KJOO8
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: WIN-IT8U37KJOO8$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x330
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4268
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120818053726.558131-000
Event Type: Audit Success
User:

Computer Name: WIN-IT8U37KJOO8
Event Code: 4738
Message: A user account was changed.

Subject:
Security ID: S-1-5-21-372634941-2790614347-4020979458-500
Account Name: Administrator
Account Domain: WIN-IT8U37KJOO8
Logon ID: 0x34dbe

Target Account:
Security ID: S-1-5-21-372634941-2790614347-4020979458-500
Account Name: Administrator
Account Domain: WIN-IT8U37KJOO8

Changed Attributes:
SAM Account Name: -
Display Name: -
User Principal Name: -
Home Directory: -
Home Drive: -
Script Path: -
Profile Path: -
User Workstations: -
Password Last Set: -
Account Expires: -
Primary Group ID: -
AllowedToDelegateTo: -
Old UAC Value: 0x211
New UAC Value: 0x211
User Account Control: -
User Parameters: -
SID History: -
Logon Hours: -

Additional Information:
Privileges: -
Record Number: 4267
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120818053725.029329-000
Event Type: Audit Success
User:

Computer Name: WIN-IT8U37KJOO8
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-372634941-2790614347-4020979458-500
Account Name: Administrator
Domain Name: WIN-IT8U37KJOO8
Logon ID: 0x34dbe
Record Number: 4266
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120818053721.098122-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%PROGRAMFILES%\Internet Explorer;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"configsetroot"=%SystemRoot%\ConfigSetRoot

-----------------EOF-----------------


log.txt:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Matej at 2013-01-21 18:42:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 282 GB (74%) free of 382 GB
Total RAM: 8078 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:42:34, on 21. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Matej.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112060 ... ff0728e0b9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120224040438.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [cao] c:\windows\system32\wbem\osinter.exe
O4 - HKLM\..\Run: [zhouhongyi] c:\windows\java\net1.exe
O4 - HKLM\..\Run: [shabi] c:\windows\addins\net.exe
O4 - HKLM\..\Run: [yige] c:\windows\system32\wbem\explore.exe
O4 - HKLM\..\Run: [bixushi] c:\windows\system32\csx.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-372634941-2790614347-4020979458-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-372634941-2790614347-4020979458-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\apache.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\xampp\filezillaftp\filezillaserver.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - c:\xampp\service.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 15148 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
C:\Windows\system32\WLANExt.exe 22508784
\??\C:\Windows\system32\conhost.exe "1454986222226252365126539321411462920131995501304-332178299-1191126461-400861662
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
/QuitInfo:0000000000000494;0000000000000498; /AddRef;
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {18BE9FD8-F7A9-4513-9606-0D005706613F}
"C:\xampp\apache\bin\apache.exe" -k runservice
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\xampp\filezillaftp\filezillaserver.exe
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\PROGRA~2\MI3EDC~1\MSSQL\binn\sqlservr.exe
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
/QuitInfo:0000000000000668;000000000000066C; /AddRef;
/QuitInfo:000000000000065C;0000000000000674;
C:\xampp\apache\bin\apache.exe -d C:/xampp/apache
c:\xampp\mysql\bin\mysqld-nt.exe --defaults-file=c:\xampp\mysql\bin\my.cnf mysql
taskeng.exe {9A5552E6-55D6-4A58-9172-5708EAF6A952}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
/loadhooks /Parent:0000000000000A54
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
WLIDSvcM.exe 4716
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDGesture.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe" --IPCport 5939
"C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=9104.165c9300.537262459 "C:\Windows\system32\Macromed\Flash\NPSWF32.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 9104 "\\.\pipe\gecko-crash-server-pipe.9104" plugin
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\services.msc"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Matej\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\je9de73x.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
staged
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
babylon.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120224040438.dll [2011-10-07 94424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-11-13 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-11-12 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120224040438.dll [2011-10-07 79480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]
DealPly

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-11-13 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-11-12 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-11-13 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-11-13 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-22 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-22 398616]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-02-19 2661672]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-12-20 11406608]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 4081008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-11-14 968592]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-11-22 3093624]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"GarenaPlus"=C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2013-01-16 9398576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-07 102568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-16 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-08-18 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-02-21 12452456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-02-24 3331312]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-07 291608]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-19 2319536]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]
"cao"=c:\windows\system32\wbem\osinter.exe []
"zhouhongyi"=c:\windows\java\net1.exe []
"shabi"=c:\windows\addins\net.exe []
"yige"=c:\windows\system32\wbem\explore.exe []
"bixushi"=c:\windows\system32\csx.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
Service Manager.lnk - C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-22 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2013-01-21 18:42:23 ----D---- C:\Program Files\trend micro
2013-01-21 18:42:22 ----D---- C:\rsit
2013-01-20 18:13:29 ----A---- C:\Windows\ntbtlog.txt
2013-01-19 20:08:40 ----D---- C:\Users\Matej\AppData\Roaming\Auto-Joiner
2013-01-19 16:43:23 ----D---- C:\ProgramData\NexonEU
2013-01-19 11:32:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-18 22:48:23 ----A---- C:\Users\Matej\AppData\Roaming\room_v3.dat
2013-01-18 20:36:33 ----D---- C:\Users\Matej\AppData\Roaming\GarenaPlus
2013-01-18 20:35:42 ----D---- C:\Program Files (x86)\Garena Plus
2013-01-18 20:35:39 ----D---- C:\ProgramData\GarenaMessenger
2013-01-18 20:32:37 ----D---- C:\Program Files (x86)\Warcraft III
2013-01-18 20:19:04 ----D---- C:\Nexon
2013-01-18 18:56:42 ----A---- C:\zysemm.exe
2013-01-18 18:56:39 ----A---- C:\Windows\SYSWOW64\zysemm.exe
2013-01-18 18:56:19 ----A---- C:\xpsemm.exe
2013-01-18 18:56:17 ----A---- C:\Windows\SYSWOW64\xpsemm.exe
2013-01-18 17:41:55 ----A---- C:\1.bat
2013-01-18 17:41:39 ----A---- C:\Windows\SYSWOW64\1.bat
2013-01-18 17:20:10 ----A---- C:\xpServer.exe
2013-01-18 17:20:08 ----A---- C:\Windows\SYSWOW64\xpServer.exe
2013-01-18 08:12:08 ----A---- C:\zyemma.exe
2013-01-18 08:12:06 ----A---- C:\Windows\SYSWOW64\zyemma.exe
2013-01-18 08:11:55 ----A---- C:\xpemma.exe
2013-01-18 08:11:53 ----A---- C:\Windows\SYSWOW64\xpemma.exe
2013-01-17 21:26:42 ----A---- C:\Windows\SYSWOW64\onfsyn.dat
2013-01-17 13:57:45 ----AH---- C:\Windows\SYSWOW64\ezsidmv.dat
2013-01-16 17:42:43 ----D---- C:\Users\Matej\AppData\Roaming\Notepad++
2013-01-16 17:42:43 ----D---- C:\Program Files (x86)\Notepad++
2013-01-15 22:12:18 ----D---- C:\Windows\SYSWOW64\i6061
2013-01-15 20:04:28 ----A---- C:\zy1.exe
2013-01-15 20:04:14 ----A---- C:\xp1.exe
2013-01-15 20:04:13 ----A---- C:\Windows\SYSWOW64\xp1.exe
2013-01-15 20:03:08 ----A---- C:\Windows\SYSWOW64\p.exe
2013-01-15 17:47:13 ----A---- C:\Windows\SYSWOW64\zy1.exe
2013-01-15 17:46:59 ----A---- C:\Windows\SYSWOW64\onf1.dat
2013-01-15 16:32:12 ----A---- C:\Windows\SYSWOW64\insrepim.exe
2013-01-15 16:32:06 ----A---- C:\Windows\SYSWOW64\mdt2fw95.dll
2013-01-15 16:31:54 ----A---- C:\Windows\SYSWOW64\dbmslpcn.dll
2013-01-14 20:33:45 ----D---- C:\Program Files (x86)\TeamViewer
2013-01-13 21:30:08 ----D---- C:\xampp
2013-01-12 19:04:21 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-12 19:04:21 ----A---- C:\Windows\system32\win32spl.dll
2013-01-12 19:03:56 ----A---- C:\Windows\system32\win32k.sys
2013-01-12 19:03:54 ----A---- C:\Windows\system32\msxml6.dll
2013-01-12 19:03:53 ----A---- C:\Windows\system32\msxml3.dll
2013-01-12 19:03:52 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-12 19:03:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-12 19:03:49 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-12 19:03:49 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-12 19:03:47 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-12 19:03:47 ----A---- C:\Windows\system32\usp10.dll
2013-01-12 19:03:33 ----A---- C:\Windows\system32\Wpc.dll
2013-01-12 19:03:33 ----A---- C:\Windows\system32\gameux.dll
2013-01-12 19:03:32 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-12 19:03:32 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-12 19:02:35 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-12 19:02:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-12 19:02:33 ----A---- C:\Windows\system32\kernel32.dll
2013-01-12 19:02:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-12 19:02:31 ----A---- C:\Windows\system32\wow64win.dll
2013-01-12 19:02:31 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-12 19:02:31 ----A---- C:\Windows\system32\wow64.dll
2013-01-12 19:02:31 ----A---- C:\Windows\system32\winsrv.dll
2013-01-12 19:02:31 ----A---- C:\Windows\system32\conhost.exe
2013-01-12 19:02:30 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-12 19:02:30 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-12 19:02:30 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-12 19:02:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-12 19:02:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-12 19:02:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-12 19:02:26 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-12 19:02:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-12 19:02:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-12 19:02:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-12 19:02:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-12 19:02:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-12 19:02:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-12 19:02:24 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-12 19:02:23 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-12 19:02:22 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-12 19:02:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-12 19:02:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-12 19:02:21 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-12 19:02:21 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-12 19:02:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-12 19:02:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-12 19:02:20 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-12 19:01:56 ----A---- C:\Windows\system32\taskhost.exe
2012-12-30 23:03:10 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-12-23 00:03:58 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-23 00:03:58 ----A---- C:\Windows\system32\atmlib.dll
2012-12-23 00:03:58 ----A---- C:\Windows\system32\atmfd.dll
2012-12-23 00:03:57 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-13 21:52:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-12-13 21:52:59 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-13 21:52:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-12-13 21:52:58 ----A---- C:\Windows\SYSWOW64\url.dll
2012-12-13 21:52:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-12-13 21:52:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-12-13 21:52:58 ----A---- C:\Windows\system32\url.dll
2012-12-13 21:52:58 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-13 21:52:58 ----A---- C:\Windows\system32\ieui.dll
2012-12-13 21:52:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-12-13 21:52:56 ----A---- C:\Windows\system32\urlmon.dll
2012-12-13 21:52:56 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-13 21:52:56 ----A---- C:\Windows\system32\jscript9.dll
2012-12-13 21:52:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-12-13 21:52:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-12-13 21:52:55 ----A---- C:\Windows\system32\wininet.dll
2012-12-13 21:52:55 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-13 21:52:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-12-13 21:52:54 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-12-13 21:52:54 ----A---- C:\Windows\system32\vbscript.dll
2012-12-13 21:52:54 ----A---- C:\Windows\system32\jscript.dll
2012-12-13 21:52:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-12-13 21:52:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-12-13 21:52:53 ----A---- C:\Windows\system32\iertutil.dll
2012-12-13 21:52:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-12-13 21:52:48 ----A---- C:\Windows\system32\mshtml.dll
2012-12-13 21:52:48 ----A---- C:\Windows\system32\ieframe.dll
2012-12-13 21:52:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-12-13 20:20:11 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-13 20:20:11 ----A---- C:\Windows\system32\tzres.dll
2012-12-13 20:19:01 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2012-12-13 20:19:01 ----A---- C:\Windows\system32\dpnet.dll
2012-12-04 15:27:50 ----SHD---- C:\Windows\ftpcache
2012-12-04 15:27:25 ----A---- C:\Windows\system32\HPSIsvc.exe
2012-12-04 15:26:01 ----A---- C:\Windows\system32\HPM1210SM.exe
2012-12-04 15:26:01 ----A---- C:\Windows\system32\HPM1210LM.DLL
2012-12-04 15:25:42 ----D---- C:\ProgramData\HP
2012-12-04 15:25:06 ----D---- C:\Program Files\HP
2012-12-04 15:25:06 ----A---- C:\Windows\system32\mvhlewsi.dll
2012-12-04 15:25:05 ----A---- C:\Windows\system32\wdfcoinstaller01007.dll
2012-12-04 15:25:05 ----A---- C:\Windows\system32\drivers\HPM1210FAX.sys
2012-12-04 15:25:03 ----A---- C:\Windows\system32\m1210wia.dll
2012-12-04 15:25:03 ----A---- C:\Windows\system32\HPM1210SMs.dll
2012-11-30 13:35:17 ----A---- C:\Windows\SYSWOW64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-11-30 13:35:17 ----A---- C:\Windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-11-30 13:35:07 ----A---- C:\Windows\SYSWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2012-11-30 13:35:07 ----A---- C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2012-11-30 13:34:30 ----D---- C:\Windows\system32\RsFx
2012-11-30 13:34:05 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-11-30 13:34:02 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2012-11-30 13:33:53 ----D---- C:\Windows\SYSWOW64\1033
2012-11-30 13:33:53 ----D---- C:\Windows\system32\1033
2012-11-30 13:33:48 ----D---- C:\Program Files\Microsoft.NET
2012-11-30 13:30:52 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-11-30 13:30:52 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-11-30 13:30:47 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2012-11-30 13:30:46 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-11-30 13:29:27 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-11-30 13:29:00 ----D---- C:\Windows\symbols
2012-11-30 13:29:00 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2012-11-30 13:28:59 ----D---- C:\Program Files\Microsoft Help Viewer
2012-11-30 13:28:59 ----D---- C:\Program Files (x86)\Microsoft SDKs
2012-11-27 15:40:09 ----D---- C:\Program Files (x86)\Zend
2012-11-27 15:39:34 ----D---- C:\ProgramData\Zend
2012-11-26 16:57:30 ----D---- C:\Program Files (x86)\No-IP
2012-11-25 15:02:34 ----A---- C:\Windows\my.ini
2012-11-24 15:42:34 ----A---- C:\Windows\SYSWOW64\msvbvm50.dll
2012-11-24 15:42:28 ----A---- C:\Windows\SYSWOW64\msrpjt40.dll
2012-11-24 15:41:58 ----A---- C:\Windows\SYSWOW64\ntwdblib.dll
2012-11-24 15:41:56 ----A---- C:\Windows\SYSWOW64\rdocurs.dll
2012-11-24 15:41:56 ----A---- C:\Windows\SYSWOW64\msrdo20.dll
2012-11-24 15:41:54 ----A---- C:\Windows\SYSWOW64\dbmsshrn.dll
2012-11-24 15:36:32 ----A---- C:\Windows\IsUninst.exe
2012-11-24 12:27:41 ----D---- C:\Program Files\Microsoft SQL Server
2012-11-24 12:23:31 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2012-11-24 11:59:50 ----AH---- C:\Windows\system32\hamachi.sys
2012-11-24 11:53:40 ----D---- C:\Users\Matej\AppData\Roaming\BabylonToolbar
2012-11-24 11:53:30 ----D---- C:\Program Files (x86)\DealPly
2012-11-24 11:53:18 ----D---- C:\Users\Matej\AppData\Roaming\Babylon
2012-11-24 11:53:18 ----D---- C:\ProgramData\Babylon
2012-11-22 14:57:35 ----D---- C:\Users\Matej\AppData\Roaming\LolClient
2012-11-22 14:45:59 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2012-11-22 14:45:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2012-11-22 14:45:58 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2012-11-22 14:45:58 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2012-11-22 14:45:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2012-11-22 14:07:36 ----D---- C:\ProgramData\PMB Files
2012-11-22 14:07:27 ----D---- C:\Program Files (x86)\Pando Networks
2012-11-19 17:56:46 ----D---- C:\Windows\SYSWOW64\Hotspot Shield
2012-11-16 22:22:25 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-16 22:22:25 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-16 22:22:25 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-16 22:15:51 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-16 22:15:50 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-16 22:15:38 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-16 22:15:38 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-16 22:15:35 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-16 22:15:35 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-16 22:15:35 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-16 14:00:15 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-16 14:00:15 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-16 14:00:15 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-16 14:00:15 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-16 14:00:07 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-16 14:00:07 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-16 14:00:07 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-16 14:00:07 ----A---- C:\Windows\system32\ncsi.dll
2012-11-16 14:00:07 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-16 14:00:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-16 14:00:05 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-16 14:00:05 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-16 14:00:05 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-16 14:00:05 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-16 14:00:05 ----A---- C:\Windows\system32\netevent.dll
2012-11-16 14:00:05 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-16 13:59:45 ----A---- C:\Windows\system32\synceng.dll
2012-11-16 13:59:44 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-15 17:51:02 ----D---- C:\Program Files (x86)\Minecraft
2012-11-14 21:33:25 ----D---- C:\Users\Matej\AppData\Roaming\GHISLER
2012-11-14 21:33:25 ----D---- C:\totalcmd
2012-11-14 15:11:00 ----D---- C:\Program Files (x86)\uTorrent
2012-11-14 15:10:22 ----D---- C:\Users\Matej\AppData\Roaming\uTorrent
2012-11-13 15:43:41 ----D---- C:\ProgramData\ESET
2012-11-13 14:39:43 ----D---- C:\Users\Matej\AppData\Roaming\WinRAR
2012-11-13 14:39:39 ----D---- C:\Program Files\WinRAR
2012-11-13 13:58:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-13 13:03:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-11-13 13:03:24 ----D---- C:\Windows\system32\Macromed
2012-11-13 06:57:28 ----D---- C:\Users\Matej\AppData\Roaming\skypePM
2012-11-13 06:57:20 ----D---- C:\Program Files\Google
2012-11-13 06:57:02 ----D---- C:\ProgramData\Google
2012-11-12 22:32:45 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-11-12 22:32:44 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-11-12 22:32:44 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-11-12 22:32:30 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-11-12 22:32:30 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-11-12 22:32:30 ----A---- C:\Windows\SYSWOW64\java.exe
2012-11-12 22:05:27 ----A---- C:\Windows\system32\MRT.exe
2012-11-12 21:51:18 ----A---- C:\Windows\system32\browserchoice.exe
2012-11-12 21:35:47 ----A---- C:\Windows\system32\imagehlp.dll
2012-11-12 21:35:47 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-11-12 21:35:46 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-11-12 21:35:46 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-11-12 21:35:46 ----A---- C:\Windows\system32\wmi.dll
2012-11-12 21:28:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-11-12 21:28:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-11-12 21:28:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-11-12 21:28:35 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-11-12 21:28:35 ----A---- C:\Windows\system32\DWrite.dll
2012-11-12 21:28:22 ----A---- C:\Windows\system32\ntshrui.dll
2012-11-12 21:28:21 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-11-12 21:28:12 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-11-12 21:28:09 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-11-12 21:28:09 ----A---- C:\Windows\system32\msxml3r.dll
2012-11-12 21:27:32 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-11-12 21:27:32 ----A---- C:\Windows\system32\XpsPrint.dll
2012-11-12 21:27:29 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-11-12 21:27:28 ----A---- C:\Windows\system32\cdosys.dll
2012-11-12 21:27:25 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-11-12 21:27:25 ----A---- C:\Windows\system32\rdpwsx.dll
2012-11-12 21:27:25 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-11-12 21:27:17 ----A---- C:\Windows\system32\shell32.dll
2012-11-12 21:27:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-11-12 21:27:09 ----A---- C:\Windows\system32\schannel.dll
2012-11-12 21:27:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-11-12 21:27:09 ----A---- C:\Windows\system32\drivers\cng.sys
2012-11-12 21:27:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-11-12 21:27:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-11-12 21:27:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-11-12 21:27:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-11-12 21:27:06 ----A---- C:\Windows\system32\drivers\netio.sys
2012-11-12 21:27:06 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-11-12 21:26:47 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-11-12 21:26:47 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-11-12 21:26:46 ----A---- C:\Windows\system32\d3d10level9.dll
2012-11-12 21:26:45 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-11-12 21:26:44 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-11-12 21:26:44 ----A---- C:\Windows\system32\wintrust.dll
2012-11-12 21:26:44 ----A---- C:\Windows\system32\profsvc.dll
2012-11-12 21:26:42 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-11-12 21:26:20 ----N---- C:\Windows\system32\MpSigStub.exe
2012-11-12 21:26:02 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-11-12 21:26:01 ----A---- C:\Windows\system32\drivers\afd.sys
2012-11-12 21:26:00 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-11-12 21:26:00 ----A---- C:\Windows\system32\kerberos.dll
2012-11-12 21:26:00 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-11-12 21:25:59 ----A---- C:\Windows\system32\msi.dll
2012-11-12 21:25:58 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-11-12 21:25:56 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-11-12 21:25:53 ----A---- C:\Windows\system32\browser.dll
2012-11-12 21:25:52 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-11-12 21:25:52 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-11-12 21:25:52 ----A---- C:\Windows\system32\netapi32.dll
2012-11-12 21:25:52 ----A---- C:\Windows\system32\browcli.dll
2012-11-12 21:25:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-11-12 21:25:41 ----A---- C:\Windows\system32\srcore.dll
2012-11-12 21:25:23 ----A---- C:\Windows\system32\msvcrt.dll
2012-11-12 21:25:22 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-11-12 21:24:47 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-11-12 21:24:47 ----A---- C:\Windows\system32\rdpcore.dll
2012-11-12 21:24:47 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-11-12 21:18:52 ----A---- C:\Windows\system32\localspl.dll
2012-11-12 21:16:31 ----A---- C:\Windows\system32\spoolsv.exe
2012-11-12 21:16:31 ----A---- C:\Windows\splwow64.exe
2012-11-12 21:16:27 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-11-12 21:16:27 ----A---- C:\Windows\system32\crypt32.dll
2012-11-12 21:16:26 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-11-12 21:16:26 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-11-12 21:16:26 ----A---- C:\Windows\system32\cryptsvc.dll
2012-11-12 21:16:26 ----A---- C:\Windows\system32\cryptnet.dll
2012-11-12 21:10:37 ----A---- C:\Windows\system32\wups2.dll
2012-11-12 21:10:37 ----A---- C:\Windows\system32\wucltux.dll
2012-11-12 21:10:37 ----A---- C:\Windows\system32\wuaueng.dll
2012-11-12 21:10:37 ----A---- C:\Windows\system32\wuauclt.exe
2012-11-12 21:10:06 ----A---- C:\Windows\system32\wups.dll
2012-11-12 21:10:06 ----A---- C:\Windows\system32\wudriver.dll
2012-11-12 21:10:06 ----A---- C:\Windows\system32\wuapi.dll
2012-11-12 21:09:55 ----A---- C:\Windows\system32\wuwebv.dll
2012-11-12 21:09:55 ----A---- C:\Windows\system32\wuapp.exe
2012-11-12 21:08:44 ----D---- C:\Windows\SYSWOW64\Wat
2012-11-12 21:08:44 ----D---- C:\Windows\system32\Wat
2012-11-12 20:00:13 ----D---- C:\Users\Matej\AppData\Roaming\TeamViewer
2012-11-12 16:42:16 ----D---- C:\Program Files\ESET
2012-11-11 18:59:20 ----D---- C:\Users\Matej\AppData\Roaming\Skype
2012-11-11 18:59:12 ----RD---- C:\Program Files (x86)\Skype
2012-11-11 18:58:52 ----D---- C:\ProgramData\Skype
2012-11-11 18:48:55 ----D---- C:\Users\Matej\AppData\Roaming\Mozilla
2012-11-11 18:46:52 ----D---- C:\ProgramData\Mozilla
2012-11-11 18:40:26 ----D---- C:\Users\Matej\AppData\Roaming\NVIDIA
2012-11-11 18:39:35 ----D---- C:\Users\Matej\AppData\Roaming\.minecraft
2012-11-11 18:38:27 ----D---- C:\ProgramData\Sun
2012-11-11 18:38:11 ----D---- C:\Program Files (x86)\Java
2012-11-11 18:06:19 ----D---- C:\Users\Matej\AppData\Roaming\Macromedia
2012-11-11 18:04:47 ----D---- C:\Users\Matej\AppData\Roaming\Adobe
2012-11-11 17:59:07 ----D---- C:\Users\Matej\AppData\Roaming\ESET
2012-11-11 17:54:40 ----D---- C:\Users\Matej\AppData\Roaming\ASUS WebStorage
2012-11-11 17:44:04 ----D---- C:\Users\Matej\AppData\Roaming\Identities
2012-11-11 17:43:20 ----D---- C:\ProgramData\FolderView
2012-11-11 17:43:04 ----A---- C:\Users\Matej\AppData\Roaming\sp_data.sys
2012-11-11 17:42:38 ----D---- C:\Users\Matej\AppData\Roaming\Intel
2012-11-11 17:42:35 ----SD---- C:\Users\Matej\AppData\Roaming\Microsoft
2012-11-11 17:42:35 ----D---- C:\Users\Matej\AppData\Roaming\Media Center Programs
2012-11-01 19:31:08 ----A---- C:\Windows\system32\drivers\taphss6.sys
2012-11-01 19:25:26 ----A---- C:\Windows\system32\drivers\hssdrv6.sys

======List of files/folders modified in the last 3 months======

2013-01-21 18:42:33 ----D---- C:\Windows\Temp
2013-01-21 18:42:23 ----RD---- C:\Program Files
2013-01-21 18:29:50 ----D---- C:\Windows\system32\config
2013-01-21 18:21:28 ----A---- C:\Windows\SYSWOW64\log.txt
2013-01-20 18:13:29 ----D---- C:\Windows
2013-01-20 18:02:07 ----D---- C:\Windows\system32\NDF
2013-01-20 18:00:34 ----D---- C:\Windows\SysWOW64
2013-01-20 16:32:42 ----D---- C:\Windows\Prefetch
2013-01-19 16:43:23 ----HD---- C:\ProgramData
2013-01-19 12:53:28 ----RD---- C:\Program Files (x86)
2013-01-18 22:49:53 ----SHD---- C:\Windows\Installer
2013-01-18 22:49:50 ----D---- C:\Program Files (x86)\Common Files
2013-01-18 22:48:54 ----SHD---- C:\System Volume Information
2013-01-18 17:18:20 ----D---- C:\Windows\system
2013-01-18 07:53:47 ----D---- C:\Windows\rescache
2013-01-17 21:27:33 ----D---- C:\Windows\debug
2013-01-15 17:47:14 ----RD---- C:\Users
2013-01-15 16:33:17 ----D---- C:\Windows\inf
2013-01-15 16:33:17 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-01-15 16:24:11 ----D---- C:\Windows\System32
2013-01-15 16:24:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-15 13:45:01 ----D---- C:\Windows\system32\wdi
2013-01-14 23:37:02 ----RSD---- C:\Windows\assembly
2013-01-14 23:37:02 ----D---- C:\Windows\Microsoft.NET
2013-01-14 20:34:19 ----D---- C:\Windows\system32\Tasks
2013-01-14 20:33:50 ----RSD---- C:\Windows\Fonts
2013-01-13 21:37:40 ----D---- C:\Windows\system32\catroot2
2013-01-13 10:45:39 ----D---- C:\Windows\winsxs
2013-01-13 10:42:48 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-01-13 10:42:48 ----D---- C:\Windows\system32\sk-SK
2013-01-13 10:42:42 ----D---- C:\Windows\AppPatch
2013-01-12 19:01:52 ----D---- C:\Windows\system32\catroot
2012-12-23 19:01:40 ----D---- C:\ProgramData\Adobe
2012-12-15 17:48:55 ----D---- C:\Windows\SYSWOW64\migration
2012-12-15 17:48:55 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-15 17:48:54 ----D---- C:\Windows\system32\migration
2012-12-15 17:48:54 ----D---- C:\Program Files\Internet Explorer
2012-12-04 15:27:13 ----D---- C:\Windows\twain_32
2012-12-04 15:27:13 ----D---- C:\Windows\system32\drivers
2012-12-04 15:27:11 ----D---- C:\Windows\system32\DriverStore
2012-11-30 13:33:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-30 13:33:47 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-11-30 13:30:26 ----SD---- C:\ProgramData\Microsoft
2012-11-27 15:43:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-25 23:34:25 ----D---- C:\Program Files\Windows Media Player
2012-11-25 23:34:25 ----D---- C:\Program Files\Windows Defender
2012-11-25 23:34:25 ----D---- C:\Program Files\Common Files\System
2012-11-25 23:34:24 ----D---- C:\Windows\ehome
2012-11-25 23:34:24 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-11-25 23:34:24 ----D---- C:\Program Files (x86)\Windows Media Player
2012-11-25 23:34:24 ----D---- C:\Program Files (x86)\Windows Defender
2012-11-25 23:34:23 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2012-11-25 23:34:20 ----D---- C:\Windows\SYSWOW64\en-US
2012-11-25 23:34:20 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-25 23:34:19 ----D---- C:\Windows\system32\sysprep
2012-11-25 23:34:19 ----D---- C:\Windows\system32\sr-Latn-CS
2012-11-25 23:34:19 ----D---- C:\Windows\system32\oobe
2012-11-25 23:34:19 ----D---- C:\Windows\sr-Latn-CS
2012-11-25 23:34:11 ----D---- C:\Windows\system32\en-US
2012-11-25 23:34:06 ----D---- C:\Program Files\Windows Sidebar
2012-11-25 23:34:05 ----D---- C:\Program Files\Windows Photo Viewer
2012-11-25 23:34:05 ----D---- C:\Program Files\Windows Mail
2012-11-25 23:34:03 ----D---- C:\Program Files\Windows Journal
2012-11-25 23:34:03 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-11-25 23:34:03 ----D---- C:\Program Files (x86)\Windows Mail
2012-11-25 23:34:02 ----D---- C:\Windows\SYSWOW64\sl-SI
2012-11-25 23:34:02 ----D---- C:\Windows\SYSWOW64\migwiz
2012-11-25 23:34:02 ----D---- C:\Windows\servicing
2012-11-25 23:33:57 ----D---- C:\Windows\SYSWOW64\WCN
2012-11-25 23:33:56 ----D---- C:\Windows\system32\migwiz
2012-11-25 23:33:55 ----D---- C:\Windows\system32\sl-SI
2012-11-25 23:33:49 ----D---- C:\Windows\system32\WCN
2012-11-25 23:33:39 ----D---- C:\Windows\SYSWOW64\ro-RO
2012-11-25 23:33:33 ----D---- C:\Windows\system32\ro-RO
2012-11-25 23:33:11 ----D---- C:\Windows\SYSWOW64\winrm
2012-11-25 23:33:11 ----D---- C:\Windows\SYSWOW64\slmgr
2012-11-25 23:33:11 ----D---- C:\Windows\SYSWOW64\pl-PL
2012-11-25 23:33:11 ----D---- C:\Windows\SYSWOW64\MUI
2012-11-25 23:33:11 ----D---- C:\Windows\SYSWOW64\DriverStore
2012-11-25 23:33:11 ----D---- C:\Windows\SYSWOW64\Dism
2012-11-25 23:33:02 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2012-11-25 23:33:02 ----D---- C:\Windows\SYSWOW64\com
2012-11-25 23:33:02 ----D---- C:\Windows\IME
2012-11-25 23:33:00 ----D---- C:\Windows\system32\winrm
2012-11-25 23:33:00 ----D---- C:\Windows\system32\slmgr
2012-11-25 23:33:00 ----D---- C:\Windows\system32\MUI
2012-11-25 23:33:00 ----D---- C:\Windows\system32\drivers\UMDF
2012-11-25 23:33:00 ----D---- C:\Windows\system32\Boot
2012-11-25 23:32:59 ----D---- C:\Windows\system32\Dism
2012-11-25 23:32:57 ----D---- C:\Windows\system32\pl-PL
2012-11-25 23:32:41 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2012-11-25 23:32:39 ----D---- C:\Windows\system32\com
2012-11-25 23:32:25 ----D---- C:\Windows\SYSWOW64\hu-HU
2012-11-25 23:32:10 ----D---- C:\Windows\system32\hu-HU
2012-11-25 23:31:49 ----D---- C:\Windows\SYSWOW64\lv-LV
2012-11-25 23:31:44 ----D---- C:\Windows\system32\lv-LV
2012-11-25 23:31:28 ----D---- C:\Windows\SYSWOW64\lt-LT
2012-11-25 23:31:22 ----D---- C:\Windows\system32\lt-LT
2012-11-25 23:31:04 ----D---- C:\Windows\SYSWOW64\hr-HR
2012-11-25 23:30:59 ----D---- C:\Windows\system32\hr-HR
2012-11-25 23:30:45 ----D---- C:\Windows\SYSWOW64\et-EE
2012-11-25 23:30:34 ----D---- C:\Windows\system32\et-EE
2012-11-25 23:30:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-11-25 23:29:51 ----D---- C:\Windows\system32\cs-CZ
2012-11-25 23:29:04 ----D---- C:\Windows\SYSWOW64\bg-BG
2012-11-25 23:28:55 ----D---- C:\Windows\system32\bg-BG
2012-11-25 21:02:11 ----D---- C:\Program Files\DVD Maker
2012-11-25 21:02:09 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2012-11-25 21:01:56 ----D---- C:\Windows\system32\drivers\en-US
2012-11-25 21:01:56 ----D---- C:\Windows\en-US
2012-11-24 15:41:29 ----HD---- C:\Program Files (x86)\Uninstall Information
2012-11-22 14:59:49 ----D---- C:\Program Files (x86)\Google
2012-11-22 14:45:55 ----D---- C:\Windows\Logs
2012-11-17 08:58:13 ----D---- C:\Windows\system32\wbem
2012-11-12 22:17:13 ----D---- C:\Program Files (x86)\ASUS
2012-11-12 22:14:05 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-11-12 22:13:48 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-11-12 22:13:11 ----D---- C:\ProgramData\McAfee
2012-11-12 22:12:10 ----D---- C:\Program Files\Common Files\mcafee
2012-11-12 22:11:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-11-12 21:03:40 ----D---- C:\Windows\Tasks
2012-11-12 21:03:39 ----D---- C:\Windows\system32\wfp
2012-11-12 21:02:18 ----RSD---- C:\Windows\Media
2012-11-12 21:02:18 ----D---- C:\Windows\SYSWOW64\wbem
2012-11-12 21:02:18 ----D---- C:\Windows\ShellNew
2012-11-12 21:02:07 ----HD---- C:\Windows\system32\WLANProfiles
2012-11-12 21:02:07 ----D---- C:\Windows\system32\CodeIntegrity
2012-11-12 21:02:03 ----D---- C:\ProgramData\P4G
2012-11-12 21:01:59 ----D---- C:\Program Files\Common Files
2012-11-12 21:00:02 ----D---- C:\Windows\registration
2012-11-12 20:56:28 ----D---- C:\eSupport
2012-11-12 20:55:26 ----D---- C:\AsusVibeData
2012-11-11 20:09:28 ----D---- C:\Windows\Panther
2012-11-11 17:58:59 ----D---- C:\Windows\system32\LogFiles
2012-11-11 17:45:55 ----D---- C:\Windows\system32\restore
2012-11-11 17:43:55 ----SHD---- C:\$RECYCLE.BIN
2012-11-11 17:43:43 ----D---- C:\Windows\Log
2012-11-11 17:43:20 ----D---- C:\ProgramData\ChangeFolderView
2012-11-11 17:41:48 ----A---- C:\Windows\system32\Defrag.ini
2012-11-11 17:39:50 ----D---- C:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-12-23 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-07 16152]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2011-08-15 642824]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2011-08-15 283744]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-03-04 28992]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2011-08-15 75672]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 187632]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys [2012-04-11 35968]
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys [2012-04-11 16512]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-22 14692224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-03-06 4763112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-07 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-07 787736]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2011-12-21 25496]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2011-08-15 228752]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2011-08-15 481504]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-01-09 11416576]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2011-12-28 292456]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2011-08-15 65128]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-14 48488]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2010-04-28 16384]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-12-21 34200]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2011-08-15 158584]
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2011-08-15 100904]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-09-25 20480]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-08-01 38632]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2012-11-01 40712]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\apache.exe [2008-01-18 24635]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-12 135952]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-12-08 618256]
R2 FileZilla Server;FileZilla Server FTP server; C:\xampp\filezillaftp\filezillaserver.exe [2007-12-25 586240]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-29 127800]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-29 277784]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-07 208272]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2011-10-07 158832]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 MSSQLSERVER;MSSQLSERVER; C:\PROGRA~2\MI3EDC~1\MSSQL\binn\sqlservr.exe [2000-08-06 7442493]
R2 mysql;mysql; c:\xampp\mysql\bin\mysqld-nt.exe [2007-12-21 4653056]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-03-04 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-04 2458944]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-12-08 148752]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe []
S2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2011-10-07 199008]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-22 276248]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-14 1492840]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-13 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-19 115608]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2000-08-06 65602]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\PROGRA~2\MI3EDC~1\MSSQL\binn\sqlagent.exe [2000-08-06 303170]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe -k runservice []
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe wampmysqld []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-12 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]

-----------------EOF-----------------

Obnova. Neda sa to opravit alebo co? som beznadejny..

ComboFix 13-01-22.01 - Matej . 01. 2013 20:07:48.1.8 - x64
Running from: c:\users\Matej\Downloads\ComboFixc.exe
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\programdata\Roaming
c:\windows\dasetup.log
c:\windows\msvcr71.dll
c:\windows\My.ini
c:\windows\SysWow64\p.exe
c:\windows\SysWow64\xp1.exe
c:\windows\SysWow64\zy1.exe
C:\xp1.exe
C:\zy1.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-12-22 to 2013-01-22 )))))))))))))))))))))))))))))))
.
.
2013-01-22 17:14 . 2013-01-22 17:14 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-01-22 16:16 . 2013-01-15 01:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CF1AB82-BEB2-4F5C-A61F-9DBA6D4CE48D}\mpengine.dll
2013-01-21 17:42 . 2013-01-21 18:31 -------- d-----w- c:\program files\trend micro
2013-01-21 17:42 . 2013-01-21 17:42 -------- d-----w- C:\rsit
2013-01-19 22:18 . 2013-01-21 14:46 -------- d-----w- c:\users\Matej\AppData\Local\ElevatedDiagnostics
2013-01-19 19:08 . 2013-01-19 19:08 -------- d-----w- c:\users\Matej\AppData\Roaming\Auto-Joiner
2013-01-18 19:35 . 2013-01-21 18:31 -------- d-----w- c:\program files (x86)\Garena Plus
2013-01-18 19:35 . 2013-01-21 18:31 -------- d-----w- c:\programdata\GarenaMessenger
2013-01-18 19:32 . 2013-01-21 18:31 -------- d-----w- c:\program files (x86)\Warcraft III
2013-01-18 19:32 . 2013-01-18 19:36 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2013-01-18 19:19 . 2013-01-20 16:58 -------- d-----w- C:\Nexon
2013-01-16 16:42 . 2013-01-16 17:14 -------- d-----w- c:\users\Matej\AppData\Roaming\Notepad++
2013-01-16 16:42 . 2013-01-16 16:42 -------- d-----w- c:\program files (x86)\Notepad++
2013-01-15 21:12 . 2013-01-15 21:12 -------- d-----w- c:\windows\SysWow64\i6061
2013-01-15 16:47 . 2013-01-15 16:47 67 ----a-w- c:\users\zy1.exe
2013-01-15 15:31 . 2000-08-06 00:51 28734 ----a-w- c:\windows\SysWow64\dbmslpcn.dll
2013-01-14 19:33 . 2013-01-14 19:33 -------- d-----w- c:\program files (x86)\TeamViewer
2013-01-13 20:30 . 2013-01-16 16:52 -------- d-----w- C:\xampp
2013-01-12 18:04 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-12 18:04 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-12 18:02 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-12 18:01 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2012-12-30 22:03 . 2012-12-30 22:03 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 21:50 . 2012-11-12 21:05 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-22 23:03 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 23:03 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 23:03 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 23:03 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-01 20:52 . 2012-11-30 12:30 205984 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1033\ResourceCache.dll
2012-11-30 06:58 . 2012-11-30 06:58 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-30 06:58 . 2012-11-30 06:58 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-11-30 06:57 . 2012-11-30 06:57 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-11-30 06:57 . 2012-11-30 06:57 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-11-30 04:45 . 2013-01-12 18:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-13 20:52 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-13 20:52 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-13 20:52 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-13 20:52 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-13 20:52 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-13 20:52 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-13 20:52 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-13 20:52 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-13 20:52 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-13 20:52 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-13 20:52 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-13 20:52 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-13 20:52 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-13 20:52 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-13 20:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-13 20:52 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-13 20:52 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-13 20:52 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 20:52 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-13 20:52 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 20:52 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-13 20:52 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-13 12:03 . 2012-11-13 12:03 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-13 12:03 . 2012-11-13 12:03 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-12 21:32 . 2012-11-12 21:32 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-12 21:32 . 2012-11-12 21:32 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-12 21:32 . 2012-11-12 21:32 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-12 21:13 . 2012-11-11 16:43 359 ----a-w- c:\users\Matej\AppData\Roaming\sp_data.sys
2012-11-12 20:14 . 2012-11-12 20:14 8282192 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2012-11-11 16:43 . 2011-03-29 02:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-09 05:45 . 2012-12-13 19:20 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 19:20 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-13 19:19 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 19:19 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:\windows\system32\drivers\taphss6.sys
2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-11-14 968592]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-11-22 3093624]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-12-03 14944136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-07 291608]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R2 XAMPP;XAMPP Service;c:\xampp\service.exe [2007-12-21 60928]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-08-15 65128]
R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\Drivers\HPM1210FAX.sys [2010-04-28 16384]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-12-21 34200]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-08-15 100904]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2012-09-25 20480]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-01 40712]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-12 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-07 16152]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-08-15 283744]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-03-04 28992]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-08-15 75672]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2008-01-17 24635]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-12 135952]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2010-04-29 127800]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-07 208272]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-07 158832]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys [2012-04-11 35968]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys [2012-04-11 16512]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-07 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-07 787736]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-12-21 25496]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-08-15 481504]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys [2011-12-28 292456]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 11:40]
.
2013-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 11:40]
.
2013-01-22 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2013-01-15 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-22 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-22 398616]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.202.213 192.168.202.222
FF - ProfilePath - c:\users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\je9de73x.default\
FF - ExtSQL: 2013-01-17 15:51; firebug@software.joehewitt.com; c:\users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\je9de73x.default\extensions\firebug@software.joehewitt.com.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-cao - c:\windows\system32\wbem\osinter.exe
Wow6432Node-HKLM-Run-zhouhongyi - c:\windows\java\net1.exe
Wow6432Node-HKLM-Run-shabi - c:\windows\addins\net.exe
Wow6432Node-HKLM-Run-yige - c:\windows\system32\wbem\explore.exe
Wow6432Node-HKLM-Run-bixushi - c:\windows\system32\csx.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-WampServer 2_is1 - c:\wamp\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\xampp\filezillaftp\filezillaserver.exe
c:\progra~2\MI3EDC~1\MSSQL\binn\sqlservr.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
c:\program files (x86)\ASUS\FaceLogon\sensorsrv.exe
c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
c:\program files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
c:\program files (x86)\Skype\Plugin Manager\skypePM.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2013-01-22 20:52:50 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-22 19:52
.
Pre-Run: 306 786 156 544 bytes free
Post-Run: 307 799 986 176 bytes free
.
- - End Of File - - DAFD551371F8E6FABFB1523A3390265E

//EDIT: Firewall uz ide, ale pripojit sa z ineho PC na tento este furt nejde