Pomale zapinanie PC

[tweety10]

Zdravim. Normalne mi ide PC svizne a rychlo, avsak ked ho restartujem, zapina sa eeeextra pomaly. Myslim ze problem moze byt v tom, ze sa spusta dost vela veci po starte. Kedze sa do nich nevyznam, nechcem len tak povypinat nieco, co moze byt dolezite. Vedel by sa na to niekto z Vas pozriet a ked tak mi odporucit, co mozno vypnut a urychlit tak spustanie systemu?
Prosim ponechat len veci nutne k optimalnemu chodu PC, zaroven nech sa mi kontroluju aktualizacie winu a programov.... Vsetko vyslovene zbytocne by som chcel zrusit.
Hadzem screen z programu Ccleaner, kde je to pekne vidno a zaroven je to tam mozne priamo zablokovat.
Dakujem

Kód: Vybrat vše

http://img23.imageshack.us/img23/7411/ccleanerp.jpg

[Rudy]

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?t=81939 .

[tweety10]

Zdravim, tu :

Logfile of random's system information tool 1.09 (written by random/random)
Run by Sujan at 2013-06-04 20:37:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 336 GB (56%) free of 595 GB
Total RAM: 3948 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:18, on 4. 6. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\wandoujia_helper.exe
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\wandoujia_adb.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Program Files\trend micro\Sujan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.uniba.sk:3128
R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Ask Toolbar BHO - {41525333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ARS3\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Ask Toolbar - {41525333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ARS3\Passport.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: wandoujia_helper.lnk = Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\wandoujia_helper.exe
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť &všetky odkazy pomocou BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Stiahnuť odkaz &pomocou BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CE70F3B-542F-4787-BC12-B6206028504C}: NameServer = 213.151.200.31 85.237.225.250
O17 - HKLM\System\CS1\Services\Tcpip\..\{3CE70F3B-542F-4787-BC12-B6206028504C}: NameServer = 213.151.200.31 85.237.225.250
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CE70F3B-542F-4787-BC12-B6206028504C}: NameServer = 213.151.200.31 85.237.225.250
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16083 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2560
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\igfxtray.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\DOLBY PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\wandoujia_helper.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\wandoujia_adb.exe" fork-server server
\??\C:\Windows\system32\conhost.exe "-959650875975672205-15262904991686158792421485816-1907954857-1819220661061848429
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5272.13a85300.590078553 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5272 "\\.\pipe\gecko-crash-server-pipe.5272" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --proxy-stub-channel=Flash3696.663CBDE0.22525 --host-broker-channel=Flash3696.663CBDE0.9144 --host-pid=3696 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --channel=5536.003EF5D0.152819811 --proxy-stub-channel=Flash3696.663CBDE0.22525 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Sujan\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Sujan\AppData\Roaming\Mozilla\Firefox\Profiles\dy4nr93e.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files\Nightly\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Nightly\components\
binary.manifest
browsercomps.dll

C:\Program Files\Nightly\searchplugins\
google.xml
wikipedia.xml

C:\Users\Sujan\AppData\Roaming\Mozilla\Firefox\Profiles\dy4nr93e.default\extensions\
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

C:\Users\Sujan\AppData\Roaming\Mozilla\Firefox\Profiles\dy4nr93e.default\searchplugins\
ask-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41525333-0076-A76A-76A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ARS3\Passport.dll [2013-05-03 13448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-03 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{41525333-0076-A76A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ARS3\Passport.dll [2013-05-03 13448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-31 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-31 392216]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-31 415768]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-01-13 2538280]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-03 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-03 379552]
"Power Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2011-03-28 499304]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-18 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-18 201584]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-02-15 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"Dolby Home Theater v4"=C:\Dolby PCEE4\pcee4.exe [2011-02-03 506712]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2011-06-15 307200]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-05-15 2255184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Users\Sujan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
wandoujia_helper.lnk - C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\wandoujia_helper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-27 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-06-04 20:33:54 ----A---- C:\AdwCleaner[R3].txt
2013-06-04 20:29:48 ----A---- C:\AdwCleaner[S2].txt
2013-06-04 20:28:47 ----A---- C:\AdwCleaner[R2].txt
2013-05-24 12:26:46 ----A---- C:\AdwCleaner[S1].txt
2013-05-24 12:25:58 ----A---- C:\AdwCleaner[R1].txt
2013-05-24 10:55:24 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2013-05-24 10:55:24 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-05-24 10:55:24 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-05-24 10:55:22 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2013-05-22 22:17:23 ----AH---- C:\Windows\system32\hamachi.sys
2013-05-22 22:17:08 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-05-17 10:58:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-05-17 09:39:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-17 09:39:52 ----A---- C:\Windows\system32\ieui.dll
2013-05-17 09:39:51 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-17 09:39:49 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-05-17 09:39:49 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-05-17 09:39:49 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-05-17 09:39:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-05-17 09:39:49 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-17 09:39:49 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-17 09:39:49 ----A---- C:\Windows\system32\iesetup.dll
2013-05-17 09:39:49 ----A---- C:\Windows\system32\iernonce.dll
2013-05-17 09:39:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-17 09:39:48 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-17 09:39:47 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-17 09:39:47 ----A---- C:\Windows\system32\iertutil.dll
2013-05-17 09:39:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-17 09:39:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-17 09:39:44 ----A---- C:\Windows\system32\urlmon.dll
2013-05-17 09:39:44 ----A---- C:\Windows\system32\jscript.dll
2013-05-17 09:39:43 ----A---- C:\Windows\system32\jscript9.dll
2013-05-17 09:39:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-17 09:39:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-17 09:39:40 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-17 09:39:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-17 09:39:38 ----A---- C:\Windows\system32\wininet.dll
2013-05-17 09:39:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-17 09:39:33 ----A---- C:\Windows\system32\mshtml.dll
2013-05-17 09:39:31 ----A---- C:\Windows\system32\ieframe.dll
2013-05-17 09:39:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-15 12:27:42 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 12:27:42 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 12:27:42 ----A---- C:\Windows\system32\cdd.dll
2013-05-15 12:27:18 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 12:27:15 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 12:27:15 ----A---- C:\Windows\system32\authui.dll
2013-05-15 12:27:14 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-15 12:27:13 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-15 12:27:13 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-15 12:27:13 ----A---- C:\Windows\system32\consent.exe
2013-05-15 12:27:13 ----A---- C:\Windows\system32\appinfo.dll
2013-05-15 12:27:07 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 12:27:07 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 12:27:03 ----A---- C:\Windows\system32\win32k.sys
2013-05-11 16:47:34 ----D---- C:\Users\Sujan\AppData\Roaming\Apple Computer
2013-05-11 16:47:14 ----A---- C:\Windows\system32\WinUSBCoInstaller2.dll
2013-05-11 16:47:14 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2013-05-11 16:47:14 ----A---- C:\Windows\system32\USBCoInstaller.dll
2013-05-11 16:47:12 ----D---- C:\Users\Sujan\AppData\Roaming\WandoujiaUsbDriver
2013-05-11 16:47:11 ----D---- C:\Users\Sujan\AppData\Roaming\Wandoujia2
2013-05-11 16:46:55 ----D---- C:\Program Files (x86)\WandouLabs
2013-05-10 23:54:01 ----D---- C:\Program Files (x86)\GPLGS
2013-05-10 23:53:33 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2013-05-10 23:53:16 ----A---- C:\Windows\system32\cpwmon64.dll
2013-05-10 23:53:15 ----D---- C:\Program Files (x86)\Acro Software

======List of files/folders modified in the last 1 month======

2013-06-04 20:37:16 ----D---- C:\Program Files\trend micro
2013-06-04 20:37:15 ----D---- C:\Windows\Temp
2013-06-04 20:33:58 ----A---- C:\Windows\SYSWOW64\log.txt
2013-06-04 20:32:41 ----D---- C:\Windows
2013-06-04 20:32:11 ----HD---- C:\ProgramData
2013-06-04 20:32:00 ----D---- C:\Windows\system32\config
2013-06-04 20:13:15 ----D---- C:\Program Files\CCleaner
2013-06-04 14:06:28 ----SHD---- C:\System Volume Information
2013-06-04 12:12:32 ----D---- C:\Windows\Prefetch
2013-06-03 16:46:52 ----D---- C:\Windows\System32
2013-06-03 16:46:52 ----D---- C:\Windows\inf
2013-06-03 16:46:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-28 03:18:58 ----D---- C:\Windows\Minidump
2013-05-24 12:32:14 ----RD---- C:\Program Files (x86)
2013-05-24 12:32:13 ----SHD---- C:\Windows\Installer
2013-05-24 12:32:04 ----D---- C:\Program Files (x86)\Google
2013-05-24 11:27:01 ----D---- C:\Windows\system32\Tasks
2013-05-24 10:55:33 ----D---- C:\Windows\system32\drivers
2013-05-24 10:55:32 ----D---- C:\Windows\system32\DriverStore
2013-05-24 10:55:32 ----D---- C:\Windows\system32\catroot2
2013-05-24 10:55:32 ----D---- C:\Windows\system32\catroot
2013-05-19 17:59:15 ----D---- C:\Projection
2013-05-19 17:53:54 ----D---- C:\ProgramData\firebird
2013-05-19 14:13:48 ----D---- C:\Windows\rescache
2013-05-18 18:52:44 ----D---- C:\Windows\winsxs
2013-05-18 18:51:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-18 18:50:29 ----D---- C:\Windows\AppPatch
2013-05-17 22:58:53 ----D---- C:\Windows\Microsoft.NET
2013-05-17 22:58:15 ----RSD---- C:\Windows\assembly
2013-05-17 19:25:12 ----D---- C:\Windows\Panther
2013-05-17 19:23:32 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-05-17 19:23:32 ----D---- C:\Windows\SysWOW64
2013-05-17 19:23:32 ----D---- C:\Windows\system32\sk-SK
2013-05-17 19:23:32 ----D---- C:\Program Files\Internet Explorer
2013-05-17 19:23:32 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-17 09:50:50 ----D---- C:\ProgramData\Microsoft Help
2013-05-17 09:46:20 ----D---- C:\Windows\debug
2013-05-17 09:46:17 ----A---- C:\Windows\system32\MRT.exe
2013-05-16 10:11:05 ----D---- C:\Users\Sujan\AppData\Roaming\Skype
2013-05-16 09:31:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-11 16:59:55 ----SD---- C:\ProgramData\Microsoft
2013-05-11 16:47:21 ----RSD---- C:\Windows\Fonts
2013-05-09 10:58:11 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2013-03-13 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2013-05-09 270824]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-05-09 189936]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-02-18 439320]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-02-21 25960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2013-05-09 131232]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 22600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-05-09 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-05-09 378432]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-04-01 22912]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-04-01 20328]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-04-01 62584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 93240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-30 16120]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-03 28832]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-25 1583744]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-05-02 86016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-27 12222080]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-01-13 1412144]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-03 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-03 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-03 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-03 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-03 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-03 280224]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-05-02 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2013-05-02 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\Windows\system32\DRIVERS\ewusbwwan.sys [2013-05-02 421376]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2013-05-02 222464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-05-03 169096]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-03 76448]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-05-09 137960]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-03-28 799848]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 2467664]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-27 1817088]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-02-15 257344]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-02-18 993896]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 136176]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-05-02 246112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-16 256904]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-19 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-17 117144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-24 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte na Search (hledat)
Proběhne skenováni a pak se objeví log, který sem vložte.

[tweety10]

# AdwCleaner v2.301 - Log vytvorený 04/06/2013 o 23:17:48
# Aktualizované 16/05/2013 Xplode
# Operaený systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživateľ : Sujan - SUJAN-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Sujan\Desktop\adwcleaner.exe
# Voľba [Prehľada?]


***** [Služby] *****


***** [Súbory / Adresáre] *****

Adresár Nájdené : C:\Program Files (x86)\askpartnernetwork

***** [Registre] *****


***** [Internetové prehliadaee] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registre sú eisté.

-\\ Mozilla Firefox v21.0 (sk)

Súbor : C:\Users\Sujan\AppData\Roaming\Mozilla\Firefox\Profiles\dy4nr93e.default\prefs.js

[OK] Súbor je eistý.

-\\ Google Chrome v27.0.1453.94

Súbor : C:\Users\Sujan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [2471 octets] - [24/05/2013 12:25:58]
AdwCleaner[R2].txt - [1135 octets] - [04/06/2013 20:28:47]
AdwCleaner[R3].txt - [1256 octets] - [04/06/2013 20:33:54]
AdwCleaner[R4].txt - [1067 octets] - [04/06/2013 23:17:48]
AdwCleaner[S1].txt - [2554 octets] - [24/05/2013 12:26:46]
AdwCleaner[S2].txt - [1200 octets] - [04/06/2013 20:29:48]

########## EOF - C:\AdwCleaner[R4].txt - [1247 octets] ##########

[Rudy]

Ještě jeden dotaz. Toto je váš soukromý PC, nebo patří nějaké organizaci?

[tweety10]

Zdravim.

Moj sukromny Hore v logu z AdwCleaner mozete vidiet moje priezvisko

[Rudy]

OK. Viděl jsem v logu proxynu Univerzity Komenského. Proto se ptám. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\AskPartnerNetwork
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Sujan\AppData\Roaming\Wandoujia2
C:\Users\Sujan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41525333-0076-A76A-76A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Empytflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[tweety10]

Na Univerzite Komenskeho studujem

Tu je log z toho OTM:
All processes killed
========== FILES ==========
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ARS3 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ARS3\CRX folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ARS3 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Logs folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\LocalStorage folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\HelperLogs folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\extension\icon folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\extension\0 folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\extension folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Download\Apps folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Download folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\device_cache folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\temp folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\icons folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\Default\Jobs folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\Default\Contacts folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\Default\Applications folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\Default\a22ac0a6f0c02260226aeee7bf94736a74ea4557 folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\Default\0d56f7c51e48b1f9043fd2a80c9268113c71e477 folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\Default folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\vedio folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\Sync folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\photo folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\music folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\Jobs folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\Contacts folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\Cache Data\temp folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\Cache Data\icons folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\Cache Data folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557\Applications folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\a22ac0a6f0c02260226aeee7bf94736a74ea4557 folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477\Sync folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477\photo folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477\music folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477\Jobs folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477\Contacts folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477\Cache Data\temp folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477\Cache Data\icons folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477\Cache Data folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477\Applications folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices\0d56f7c51e48b1f9043fd2a80c9268113c71e477 folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Devices folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\WebKit.resources\inspector\UglifyJS folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\WebKit.resources\inspector\Images folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\WebKit.resources\inspector folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\WebKit.resources\en.lproj folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\WebKit.resources folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\style\White folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\style\Black folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\style folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\08pi\templates folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\08pi folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\07changweiwei\templates folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\07changweiwei folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\05bian\templates folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\05bian folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\04liuguotai\templates folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\04liuguotai folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\03dark\templates folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\03dark folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\02green\templates folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\02green folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\01blue\templates folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin\01blue folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes\skin folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\themes folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\stylesheets\skins\white folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\stylesheets\skins\dark folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\stylesheets\skins folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\stylesheets folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\workers folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\utilities folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\ui\behavior folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\ui folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\nls\root folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\nls\en folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\nls folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\welcome\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\welcome folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\video\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\video\models folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\video\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\video folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\taskmanager\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\taskmanager\models folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\taskmanager\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\taskmanager folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\sync\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\sync folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\social\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\social folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\photo\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\photo\models folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\photo\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\photo folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\optimize\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\optimize folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\music\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\music\models folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\music\iTunes\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\music\iTunes folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\music\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\music folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\message\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\message\models folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\message\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\message folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\main\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\main\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\main folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\doraemon\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\doraemon\models folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\doraemon\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\doraemon folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\contact\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\contact\models folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\contact\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\contact folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\browser\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\browser folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\backuprestore\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\backuprestore\models folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\backuprestore folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\app\wash\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\app\wash\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\app\wash folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\app\views folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\app\models folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\app\collections folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules\app folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\modules folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts\libraries folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\javascripts folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\images\tx folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src\images folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded\src folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web-reloaded folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\images\video folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\images folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\build\templates\ui folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\build\templates\module\welcome folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\build\templates\module\video folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\build\templates\module\sms_calllog folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\build\templates\module\photo folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\build\templates\module\contact folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\build\templates\module folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\build\templates folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web\build folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates\web folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\templates folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817\JavaScriptCore.resources folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications\2.54.0.2817 folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2\Applications folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Wandoujia2 folder moved successfully.
C:\Users\Sujan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41525333-0076-A76A-76A7-7A786E7484D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41525333-0076-A76A-76A7-7A786E7484D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Sujan
->Temp folder emptied: 587244539 bytes
->Temporary Internet Files folder emptied: 242532774 bytes
->Java cache emptied: 140747 bytes
->FireFox cache emptied: 433938954 bytes
->Google Chrome cache emptied: 362806518 bytes
->Flash cache emptied: 80546 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40128609 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 59927 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 79358 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,590.00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 06072013_002621

Files moved on Reboot...
File C:\Users\Sujan\AppData\Local\Temp\OICE_7B9C8438-117D-4C26-BC37-53A0CCD5CF82.0\7FC87988. not found!
File C:\Users\Sujan\AppData\Local\Temp\OICE_515668F8-DF40-4C09-9297-4E7A8C9C8E4E.0\5EAAC5F2. not found!
C:\Users\Sujan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sujan\AppData\Local\Temp\MMDUtl.log moved successfully.
C:\Users\Sujan\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps.log scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[tweety10]

A novy log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Sujan at 2013-06-07 00:44:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 336 GB (57%) free of 595 GB
Total RAM: 3948 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:44:18, on 7. 6. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Program Files\trend micro\Sujan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.uniba.sk:3128
R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť &všetky odkazy pomocou BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Stiahnuť odkaz &pomocou BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CE70F3B-542F-4787-BC12-B6206028504C}: NameServer = 213.151.200.31 85.237.225.250
O17 - HKLM\System\CS1\Services\Tcpip\..\{3CE70F3B-542F-4787-BC12-B6206028504C}: NameServer = 213.151.200.31 85.237.225.250
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CE70F3B-542F-4787-BC12-B6206028504C}: NameServer = 213.151.200.31 85.237.225.250
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - Unknown owner - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15111 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
taskeng.exe {6DA2745A-FC13-4310-8724-E02A2AFA81A5}
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2648
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\DOLBY PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5600.855fc00.315160244 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5600 "\\.\pipe\gecko-crash-server-pipe.5600" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --proxy-stub-channel=Flash6124.6837BDE0.9086 --host-broker-channel=Flash6124.6837BDE0.8000 --host-pid=6124 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --channel=3392.003EF820.192242879 --proxy-stub-channel=Flash6124.6837BDE0.9086 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Sujan\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Sujan\AppData\Roaming\Mozilla\Firefox\Profiles\dy4nr93e.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files\Nightly\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Nightly\components\
binary.manifest
browsercomps.dll

C:\Program Files\Nightly\searchplugins\
google.xml
wikipedia.xml

C:\Users\Sujan\AppData\Roaming\Mozilla\Firefox\Profiles\dy4nr93e.default\extensions\
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

C:\Users\Sujan\AppData\Roaming\Mozilla\Firefox\Profiles\dy4nr93e.default\searchplugins\
ask-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-03 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-31 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-31 392216]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-31 415768]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-01-13 2538280]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-03 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-03 379552]
"Power Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2011-03-28 499304]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-18 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-18 201584]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-02-15 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"Dolby Home Theater v4"=C:\Dolby PCEE4\pcee4.exe [2011-02-03 506712]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2011-06-15 307200]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-05-15 2255184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Users\Sujan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-27 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-06-07 00:26:21 ----D---- C:\_OTM
2013-06-04 23:17:48 ----A---- C:\AdwCleaner[R4].txt
2013-06-04 20:33:54 ----A---- C:\AdwCleaner[R3].txt
2013-06-04 20:29:48 ----A---- C:\AdwCleaner[S2].txt
2013-06-04 20:28:47 ----A---- C:\AdwCleaner[R2].txt
2013-05-24 12:26:46 ----A---- C:\AdwCleaner[S1].txt
2013-05-24 12:25:58 ----A---- C:\AdwCleaner[R1].txt
2013-05-24 10:55:24 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-05-22 22:17:23 ----AH---- C:\Windows\system32\hamachi.sys
2013-05-22 22:17:08 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-05-17 10:58:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-05-17 09:39:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-17 09:39:52 ----A---- C:\Windows\system32\ieui.dll
2013-05-17 09:39:51 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-17 09:39:49 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-05-17 09:39:49 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-05-17 09:39:49 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-05-17 09:39:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-05-17 09:39:49 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-17 09:39:49 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-17 09:39:49 ----A---- C:\Windows\system32\iesetup.dll
2013-05-17 09:39:49 ----A---- C:\Windows\system32\iernonce.dll
2013-05-17 09:39:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-17 09:39:48 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-17 09:39:47 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-17 09:39:47 ----A---- C:\Windows\system32\iertutil.dll
2013-05-17 09:39:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-17 09:39:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-17 09:39:44 ----A---- C:\Windows\system32\urlmon.dll
2013-05-17 09:39:44 ----A---- C:\Windows\system32\jscript.dll
2013-05-17 09:39:43 ----A---- C:\Windows\system32\jscript9.dll
2013-05-17 09:39:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-17 09:39:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-17 09:39:40 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-17 09:39:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-17 09:39:38 ----A---- C:\Windows\system32\wininet.dll
2013-05-17 09:39:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-17 09:39:33 ----A---- C:\Windows\system32\mshtml.dll
2013-05-17 09:39:31 ----A---- C:\Windows\system32\ieframe.dll
2013-05-17 09:39:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-15 12:27:42 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 12:27:42 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 12:27:42 ----A---- C:\Windows\system32\cdd.dll
2013-05-15 12:27:18 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 12:27:15 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 12:27:15 ----A---- C:\Windows\system32\authui.dll
2013-05-15 12:27:14 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-15 12:27:13 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-15 12:27:13 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-15 12:27:13 ----A---- C:\Windows\system32\consent.exe
2013-05-15 12:27:13 ----A---- C:\Windows\system32\appinfo.dll
2013-05-15 12:27:07 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 12:27:07 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 12:27:03 ----A---- C:\Windows\system32\win32k.sys
2013-05-11 16:47:34 ----D---- C:\Users\Sujan\AppData\Roaming\Apple Computer
2013-05-11 16:47:14 ----A---- C:\Windows\system32\WinUSBCoInstaller2.dll
2013-05-11 16:47:14 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2013-05-11 16:47:14 ----A---- C:\Windows\system32\USBCoInstaller.dll
2013-05-11 16:47:12 ----D---- C:\Users\Sujan\AppData\Roaming\WandoujiaUsbDriver
2013-05-11 16:46:55 ----D---- C:\Program Files (x86)\WandouLabs
2013-05-10 23:54:01 ----D---- C:\Program Files (x86)\GPLGS
2013-05-10 23:53:16 ----A---- C:\Windows\system32\cpwmon64.dll
2013-05-10 23:53:15 ----D---- C:\Program Files (x86)\Acro Software

======List of files/folders modified in the last 1 month======

2013-06-07 00:44:18 ----D---- C:\Windows\Temp
2013-06-07 00:44:16 ----D---- C:\Program Files\trend micro
2013-06-07 00:42:30 ----A---- C:\Windows\SYSWOW64\log.txt
2013-06-07 00:40:37 ----D---- C:\Windows\system32\config
2013-06-07 00:40:36 ----HD---- C:\ProgramData
2013-06-07 00:26:23 ----RD---- C:\Program Files (x86)
2013-06-07 00:26:23 ----D---- C:\Windows\Tasks
2013-06-07 00:24:26 ----D---- C:\Windows\system32\Tasks
2013-06-07 00:23:53 ----D---- C:\Windows\system32\drivers
2013-06-07 00:23:52 ----D---- C:\Windows\inf
2013-06-06 16:18:26 ----D---- C:\Windows\system32\FxsTmp
2013-06-06 13:08:14 ----SD---- C:\Users\Sujan\AppData\Roaming\Microsoft
2013-06-04 20:32:41 ----D---- C:\Windows
2013-06-04 20:13:15 ----D---- C:\Program Files\CCleaner
2013-06-04 14:06:28 ----SHD---- C:\System Volume Information
2013-06-04 12:12:32 ----D---- C:\Windows\Prefetch
2013-06-03 16:46:52 ----D---- C:\Windows\System32
2013-06-03 16:46:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-28 03:18:58 ----D---- C:\Windows\Minidump
2013-05-24 12:32:13 ----SHD---- C:\Windows\Installer
2013-05-24 12:32:04 ----D---- C:\Program Files (x86)\Google
2013-05-24 10:55:32 ----D---- C:\Windows\system32\DriverStore
2013-05-24 10:55:32 ----D---- C:\Windows\system32\catroot2
2013-05-24 10:55:32 ----D---- C:\Windows\system32\catroot
2013-05-19 17:59:15 ----D---- C:\Projection
2013-05-19 17:53:54 ----D---- C:\ProgramData\firebird
2013-05-19 14:13:48 ----D---- C:\Windows\rescache
2013-05-18 18:52:44 ----D---- C:\Windows\winsxs
2013-05-18 18:51:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-18 18:50:29 ----D---- C:\Windows\AppPatch
2013-05-17 22:58:53 ----D---- C:\Windows\Microsoft.NET
2013-05-17 22:58:15 ----RSD---- C:\Windows\assembly
2013-05-17 19:25:12 ----D---- C:\Windows\Panther
2013-05-17 19:23:32 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-05-17 19:23:32 ----D---- C:\Windows\SysWOW64
2013-05-17 19:23:32 ----D---- C:\Windows\system32\sk-SK
2013-05-17 19:23:32 ----D---- C:\Program Files\Internet Explorer
2013-05-17 19:23:32 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-17 09:50:50 ----D---- C:\ProgramData\Microsoft Help
2013-05-17 09:46:20 ----D---- C:\Windows\debug
2013-05-17 09:46:17 ----A---- C:\Windows\system32\MRT.exe
2013-05-16 10:11:05 ----D---- C:\Users\Sujan\AppData\Roaming\Skype
2013-05-16 09:31:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-11 16:59:55 ----SD---- C:\ProgramData\Microsoft
2013-05-11 16:47:21 ----RSD---- C:\Windows\Fonts
2013-05-09 10:58:11 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-05-09 189936]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-02-18 439320]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-02-21 25960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 22600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-05-09 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-05-09 378432]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-04-01 22912]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-04-01 20328]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-04-01 62584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 93240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-30 16120]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-03 28832]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-25 1583744]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-05-02 86016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-27 12222080]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-01-13 1412144]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-03 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-03 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-03 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-03 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-03 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-03 280224]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-05-02 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2013-05-02 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\Windows\system32\DRIVERS\ewusbwwan.sys [2013-05-02 421376]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2013-05-02 222464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-03 76448]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-03-28 799848]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 2467664]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-27 1817088]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-02-15 257344]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-02-18 993896]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 136176]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-05-02 246112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-16 256904]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-19 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-17 117144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-24 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Sujan.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

[tweety10]

Vykonane

Myslim ze PC sa zapina o dost sviznejsie, je este nieco, co treba urobit?

Inak dakujem za pomoc

[Rudy]

Pokud již není žádný problém, je to vše.