Zdravím pánové,chtěl bych udělat očistu ntb. Mám win7 64bit ale 4GB ram paměti, uvažuji o rozšíření na 8GB. Někde jsem se dočetl že to dostačuje, při bežné práci mám využití kolem 50%, při hraní her a záteži se dostávám k 90% tak zda by mělo toto rozšíření smysl. Dále jsem zjistil,že mám například běžně spuštěných 80-90procesů a cca 1000podprocesu což je udajně dost a chtěl bych zrychlit ntb jelikož se mě zdá zamořen svinstvem. Na netu jsem našel na co přibližně jsou,ale nikde jsem se nedočetl zda jsou potřebné pro chod windows..Přikládám log z hijacktis a RSIT-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:42:40, on 28.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\inf\mspaeqpn\mspaeqpn.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\P.e.t.r.y\Desktop\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [msgmloSrv] C:\Windows\inf\msgmlo.vbe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2BC176B-2A69-4D7C-9654-8784090444FC}: NameServer = 212.96.160.7,212.96.161.6
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll ,C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (file missing)
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 11672 bytes
RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by P.e.t.r.y at 2013-12-28 19:55:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 25 GB (16%) free of 153 GB
Total RAM: 4008 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:55, on 28.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\inf\mspaeqpn\mspaeqpn.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\P.e.t.r.y.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [msgmloSrv] C:\Windows\inf\msgmlo.vbe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2BC176B-2A69-4D7C-9654-8784090444FC}: NameServer = 212.96.160.7,212.96.161.6
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll ,C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (file missing)
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 11698 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll" /prefetch:1
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession
taskeng.exe {4755BA00-9ED5-412D-921C-40597F47223D}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {77634C64-1E56-446C-B595-4428D2ED7C07}
ATKOSD.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
{D65F79FB-B5EB-4ED9-BB1A-02EC7809E4BD}
{6D1D9247-411F-4CCA-A939-3541603BE6D8}
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\inf\mspaeqpn\mspaeqpn.exe -o stratum+tcp://mint.bitminter.com:3333 -u stuczle_passike -p matlar
\??\C:\Windows\system32\conhost.exe "1623041902-1326957403-1810948815-1041417823131392415115497507511558736242-1475122543
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3856.0.657947950\48524023" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3856.1.413812097\1289087189" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="3856.2.38052419\397551203" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll/NPIdentityGen.dll" --lang=cs --channel="3856.3.1375195120\1952638286" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3856.7.245200654\1206855760" /prefetch:673131151
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3856.10.2079000458\837752305" /prefetch:673131151
"C:\Users\P.e.t.r.y\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Driver Booster Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-30 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-30 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL [2012-08-10 387040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
c:\program files (x86)\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe -launchedbylogin []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-04-12 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
c:\program files (x86)\asus\asus webstorage\service\asuswsservice.exe [2010-03-16 1754448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
c:\program files (x86)\atheros\bluetooth suite\athbttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
c:\program files (x86)\atheros\bluetooth suite\btvstack.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe [2010-08-17 5732992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\elantech\etdctrl.exe [2010-06-10 649608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\program files (x86)\hp\hp software update\hpwuschd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
c:\windows\system32\igfxtray.exe [2012-12-14 172144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
c:\programdata\flexnet\connect\11\isuspm.exe [2009-05-06 222496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
c:\program files (x86)\nokia\nokia suite\nokiasuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2012-12-14 441968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POPUPTV]
C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe [2010-03-19 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe [2010-02-03 87336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
c:\program files\realtek\audio\hda\ravbg64.exe [2010-11-30 2186856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-30 11660904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
c:\program files (x86)\asus\sonicmaster\sonicmastertray.exe [2010-07-10 984400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
c:\program files (x86)\sony\sony pc companion\pccompanion.exe [2013-05-29 449248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-17 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 3]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\INSTAL~1\{2B818~1\_94E3C~1.EXE [2011-04-12 12862]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"msgmloSrv"=C:\Windows\inf\msgmlo.vbe [2013-08-27 1558]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-12-10 243200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2013-12-28 19:50:32 ----D---- C:\rsit
2013-12-28 18:30:09 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HPAppData
2013-12-26 03:03:28 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Zoner
2013-12-26 03:03:23 ----D---- C:\ProgramData\Zoner
2013-12-12 19:07:12 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 13:33:00 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 13:32:56 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 08:27:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 08:27:21 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 08:23:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 08:23:29 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 08:23:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 08:23:27 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 08:23:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 08:23:24 ----A---- C:\Windows\system32\jscript9.dll
2013-12-10 20:52:27 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\TP-LINK
2013-12-10 20:52:09 ----D---- C:\Program Files (x86)\TP-LINK
2013-12-10 20:51:26 ----A---- C:\Windows\system32\rtwlanu.sys
2013-12-10 20:51:26 ----A---- C:\Windows\system32\drivers\RTWlanU.sys
2013-12-10 20:50:14 ----D---- C:\ProgramData\TP-LINK
2013-12-10 20:35:51 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-10 20:31:16 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-10 20:31:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 20:31:08 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-10 20:31:08 ----A---- C:\Windows\system32\elshyph.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\wextract.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\webcheck.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\vbscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\url.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\occache.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msrating.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msls31.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshta.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\inseng.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\imgutil.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iexpress.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iepeers.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-10 20:31:06 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\icardie.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-07 18:45:16 ----D---- C:\ProgramData\WEBREG
2013-12-04 00:25:50 ----D---- C:\ProgramData\Skype
2013-11-30 18:15:59 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Origin
2013-11-30 18:00:56 ----D---- C:\ProgramData\Origin
======List of files/folders modified in the last 1 month======
2013-12-28 19:55:51 ----D---- C:\Program Files\trend micro
2013-12-28 19:50:26 ----D---- C:\Windows\temp
2013-12-28 19:46:46 ----D---- C:\AdwCleaner
2013-12-28 19:29:40 ----D---- C:\Program Files (x86)\Steam
2013-12-28 19:29:30 ----D---- C:\Windows\Panther
2013-12-28 19:29:30 ----D---- C:\Windows\inf
2013-12-28 19:29:29 ----D---- C:\Windows\Logs
2013-12-28 19:29:29 ----D---- C:\Windows\debug
2013-12-28 19:29:29 ----D---- C:\Windows
2013-12-28 19:27:10 ----D---- C:\Windows\system32\config
2013-12-28 19:10:38 ----SHD---- C:\System Volume Information
2013-12-28 19:00:13 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-28 18:52:09 ----D---- C:\Windows\system32\Tasks
2013-12-28 16:23:32 ----D---- C:\Windows\system32\NDF
2013-12-28 09:22:32 ----RD---- C:\Program Files
2013-12-27 20:34:41 ----D---- C:\Windows\System32
2013-12-27 20:34:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-27 19:26:13 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-12-26 03:11:43 ----SHD---- C:\Windows\Installer
2013-12-26 03:11:42 ----D---- C:\Program Files (x86)\Adobe
2013-12-26 03:11:42 ----D---- C:\Config.Msi
2013-12-26 03:03:23 ----D---- C:\ProgramData
2013-12-23 10:05:33 ----D---- C:\Windows\winsxs
2013-12-23 10:05:21 ----RD---- C:\Program Files (x86)
2013-12-23 09:55:36 ----D---- C:\Program Files (x86)\Common Files
2013-12-23 09:41:42 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Adobe
2013-12-23 09:41:33 ----D---- C:\Windows\SysWOW64
2013-12-23 09:33:18 ----D---- C:\ProgramData\Installations
2013-12-23 09:33:15 ----D---- C:\Program Files (x86)\Nokia
2013-12-23 09:26:50 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Skype
2013-12-19 00:08:48 ----D---- C:\Windows\system32\catroot
2013-12-15 23:41:02 ----D---- C:\Windows\system32\MRT
2013-12-15 23:31:22 ----A---- C:\Windows\system32\MRT.exe
2013-12-12 13:35:56 ----D---- C:\Program Files\Windows Media Player
2013-12-12 13:35:56 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 13:35:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Windows\system32\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Program Files\Internet Explorer
2013-12-12 13:35:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-12 13:35:44 ----D---- C:\Windows\system32\DriverStore
2013-12-12 13:35:41 ----D---- C:\Windows\system32\drivers
2013-12-12 13:34:02 ----D---- C:\Windows\system32\catroot2
2013-12-10 20:52:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-10 20:51:26 ----D---- C:\Temp
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\migration
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-10 20:38:35 ----D---- C:\Windows\system32\migration
2013-12-10 20:38:35 ----D---- C:\Windows\PolicyDefinitions
2013-12-10 20:38:34 ----D---- C:\Windows\system32\en-US
2013-12-07 18:45:16 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HP
2013-12-06 01:09:56 ----A---- C:\Windows\system32\acovcnt.exe
2013-12-05 21:47:19 ----D---- C:\ProgramData\Adobe
2013-12-04 07:00:01 ----D---- C:\Windows\Tasks
2013-12-04 07:00:01 ----D---- C:\Windows\system32\wfp
2013-12-04 07:00:01 ----D---- C:\ProgramData\P4G
2013-12-04 07:00:00 ----D---- C:\Windows\system32\wbem
2013-12-04 07:00:00 ----D---- C:\Windows\system32\drivers\etc
2013-12-04 07:00:00 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-04 06:59:59 ----D---- C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2013-12-04 06:59:59 ----D---- C:\Windows\AppCompat
2013-12-04 06:59:59 ----D---- C:\Windows\6833245EDD86479A882A8360D62C8194.TMP
2013-12-04 06:59:59 ----D---- C:\Windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
2013-12-04 06:59:59 ----D---- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2013-12-04 06:59:51 ----D---- C:\Qoobox
2013-12-04 06:59:49 ----D---- C:\ProgramData\Norton
2013-12-04 06:59:49 ----D---- C:\ProgramData\Electronic Arts
2013-12-04 06:59:32 ----D---- C:\Windows\registration
2013-12-04 06:58:58 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Macromedia
2013-12-04 00:23:31 ----D---- C:\Program Files (x86)\IObit
2013-12-03 23:19:46 ----D---- C:\Program Files (x86)\HP
2013-12-01 19:33:50 ----D---- C:\Windows\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-09-15 652344]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-09-15 28216]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-08 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-10 503352]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS [2013-05-20 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS [2013-05-22 1139800]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-03 1526488]
R1 ccSet_N360;Norton 360 Settings Manager; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [2013-04-15 169048]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131227.001\IDSvia64.sys [2013-12-13 521944]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 253528]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 94296]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [2013-03-04 36952]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2012-08-08 43680]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [2012-07-27 224416]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\N360x64\1404000.028\SYMNETS.SYS [2013-04-24 433752]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-03-02 11576]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-05-23 3948544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-20 270912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131227.009\ENG64.SYS [2013-12-03 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131227.009\EX64.SYS [2013-12-03 2099288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-09-15 872152]
R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-03-05 1528976]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSP64.SYS [2013-05-15 796760]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-07-06 177312]
S1 fpefunqc;fpefunqc; \??\C:\Windows\system32\drivers\fpefunqc.sys []
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-03-02 53816]
S3 AF9035BDA;AF9035 BDA Devices; C:\Windows\System32\Drivers\AF9035BDA.sys [2008-01-30 191488]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 ASUSVRC64;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC64.sys [2008-10-13 23424]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-10-25 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-10-25 27760]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-30 2647528]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter_hs.sys [2011-03-07 18456]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 60504]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 884512]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe []
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-08 1260320]
S2 SecureUpdateSvc;SecureUpdate; C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2013-10-30 2473296]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-12 182768]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu + oživení ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119504
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu + oživení ntb
Zdravím!
Zkusíme vyčistit a pak uvidíte, zda zatížení poklasne. Myslím si, že 4GB RAM ve Win7 by mělo stačit i na hry.
Spusťte nejprve tuto utilitu:
Zkusíme vyčistit a pak uvidíte, zda zatížení poklasne. Myslím si, že 4GB RAM ve Win7 by mělo stačit i na hry.
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu + oživení ntb
Tady adwcleaner:
# AdwCleaner v3.013 - Report created 25/11/2013 at 22:35:50
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : P.e.t.r.y - MARTY
# Running from : C:\Users\P.e.t.r.y\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\safe saaVE
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\Conduit
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\P.e.t.r.y\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Babylon
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Funmoods
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\iWin
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\ConduitCommon
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\CT2790392
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\jxhq2tq@dv-oa.co.uk
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\ftdownloader4@ftdownloader.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\invalidprefs.js
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\searchplugins\Babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\searchplugins\delta.xml
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\searchplugins\funmoods.xml
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\user.js
File Deleted : C:\Windows\System32\Tasks\Funmoods
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASUS_Screensaver
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16736
-\\ Mozilla Firefox v
[ File : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\prefs.js ]
Line Deleted : user_pref("CT2790392..clientLogIsEnabled", false);
Line Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
Line Deleted : user_pref("CT2790392.CTID", "CT2790392");
Line Deleted : user_pref("CT2790392.CurrentServerDate", "18-7-2013");
Line Deleted : user_pref("CT2790392.DSInstall", false);
Line Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Thu Jul 18 2013 09:54:46 GMT+0200");
Line Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2790392.EMailNotifierPollDate", "Thu Jul 18 2013 10:06:23 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedLastCount129313977501788460", 501);
Line Deleted : user_pref("CT2790392.FeedPollDate129313974171006416", "Thu Jul 18 2013 09:54:44 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313975698350231", "Thu Jul 18 2013 09:54:44 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976370850190", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976648818968", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313977444757117", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980389131455", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980655381977", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980886163259", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313981234756535", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983226631720", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983607725691", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Line Deleted : user_pref("CT2790392.FeedTTL129313975698350231", 5);
Line Deleted : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Line Deleted : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Line Deleted : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Line Deleted : user_pref("CT2790392.FirstServerDate", "12-3-2012");
Line Deleted : user_pref("CT2790392.FirstTime", true);
Line Deleted : user_pref("CT2790392.FirstTimeFF3", true);
Line Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2790392.HPInstall", false);
Line Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2790392.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://start.funmoods.com");
Line Deleted : user_pref("CT2790392.Initialize", true);
Line Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2790392.InstallationId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2790392.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2790392.InstalledDate", "Mon Mar 12 2012 13:45:40 GMT+0100");
Line Deleted : user_pref("CT2790392.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2790392.IsGrouping", false);
Line Deleted : user_pref("CT2790392.IsInitSetupIni", true);
Line Deleted : user_pref("CT2790392.IsMulticommunity", false);
Line Deleted : user_pref("CT2790392.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2790392.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2790392.LastLogin_3.10.0.1", "Wed Apr 18 2012 13:22:08 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.12.0.7", "Thu Apr 26 2012 11:27:24 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.12.2.3", "Tue Jun 05 2012 20:32:06 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.13.0.6", "Fri Jul 20 2012 08:03:55 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.14.1.0", "Fri Aug 31 2012 18:56:12 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.15.1.0", "Mon Nov 12 2012 12:26:40 GMT+0100");
Line Deleted : user_pref("CT2790392.LastLogin_3.16.0.3", "Wed Feb 20 2013 10:36:54 GMT+0100");
Line Deleted : user_pref("CT2790392.LastLogin_3.18.0.7", "Thu Jul 18 2013 09:54:46 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.9.0.3", "Mon Mar 12 2012 17:45:41 GMT+0100");
Line Deleted : user_pref("CT2790392.LatestVersion", "3.19.0.3");
Line Deleted : user_pref("CT2790392.Locale", "en");
Line Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2790392.MCDetectTooltipShow", false);
Line Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.9.0.3");
Line Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Line Deleted : user_pref("CT2790392.SearchEngineBeforeUnload", "Search");
Line Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=");
Line Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Thu Jul 18 2013 09:54:44 GMT+0200");
Line Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT2790392.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Thu Jul 18 2013 09:54:47 GMT+0200");
Line Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Thu Jul 18 2013 09:54:44 GMT+0200");
Line Deleted : user_pref("CT2790392.SettingsLastUpdate", "1374132317");
Line Deleted : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Mon Jul 08 2013 08:19:01 GMT+0200");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Line Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2790392.UserID", "UN43375748208129494");
Line Deleted : user_pref("CT2790392.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2790392.WeatherNetwork", "");
Line Deleted : user_pref("CT2790392.WeatherPollDate", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.WeatherUnit", "C");
Line Deleted : user_pref("CT2790392.alertChannelId", "1182482");
Line Deleted : user_pref("CT2790392.appApproved.129309565073350181", true);
Line Deleted : user_pref("CT2790392.approveUntrustedApps", false);
Line Deleted : user_pref("CT2790392.autoDisableScopes", -1);
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6B70707472737373");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737176767A78797979242F4B49474F42357D5D5C3D");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b-0?3g>d", "6769404041426F707A4271457B20487B4A4B254F4E4E522A5154255855562E2F2C2D5B2C");
Line Deleted : user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
Line Deleted : user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Line Deleted : user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
Line Deleted : user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Line Deleted : user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
Line Deleted : user_pref("CT2790392.backendstorage./9b5ba==9cjag", "396D693F426F42747A4345747A4A4C7A4B7C7A7B24");
Line Deleted : user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6A6E7271716F6E75707977");
Line Deleted : user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
Line Deleted : user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Line Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
Line Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F7674727977752A7A72727A79757C7C");
Line Deleted : user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
Line Deleted : user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Deleted : user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
Line Deleted : user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
Line Deleted : user_pref("CT2790392.backendstorage.cb", "31");
Line Deleted : user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
Line Deleted : user_pref("CT2790392.backendstorage.cbcountry_000", "435A");
Line Deleted : user_pref("CT2790392.backendstorage.cbcountry_001", "435A");
Line Deleted : user_pref("CT2790392.backendstorage.cbfirsttime", "4D6F6E204D617220313220323031322031333A34353A343420474D542B30313030");
Line Deleted : user_pref("CT2790392.backendstorage.cbopenmamsettings", "30");
Line Deleted : user_pref("CT2790392.backendstorage.facebook_mode", "32");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476F6E67222C2275726C223A22687474703A2F2F7072696365676F6E672E636F6E64756974617070732E636F6D2F4D414D2F763[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333734313334303934343935");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_calledsetupservice", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A2245617379746F626F6F6B5F7461726765746564222C22637269746572696173223A5B7B22637269746572696149[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E392E302E34");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_existingusersrecoverydone", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333734313334303930383338");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_mamenabled", "66616C7365");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.3.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.3.2", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A223231355F2D31222C22697354657374[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.6.0.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A223231355F2D31222C22697354657374[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.8.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2235345F30222C22697354657374223A[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.9.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2238345F30222C22697354657374223A[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_userid", "34373263333131342D616563322D343862372D623632322D376664343631336437396237");
Line Deleted : user_pref("CT2790392.backendstorage.pg_enable", "74727565");
Line Deleted : user_pref("CT2790392.backendstorage.searchappstate", "33");
Line Deleted : user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
Line Deleted : user_pref("CT2790392.backendstorage.sf_just_installed", "46414C5345");
Line Deleted : user_pref("CT2790392.backendstorage.sf_status", "454E41424C4544");
Line Deleted : user_pref("CT2790392.backendstorage.sf_user_id", "6369645F31383732303133313036333133363435303539");
Line Deleted : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F61756B726F2E637A2F7A7669726174612D686C6F64617663692D373238303F703D333A3A3A636C69636B68616E646C65723A3A3A313336323931323733333231352[...]
Line Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Thu Jul 18 2013 09:54:46 GMT+0200");
Line Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2790392.initDone", true);
Line Deleted : user_pref("CT2790392.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT2790392.myStuffEnabled", true);
Line Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2790392.oldAppsList", "129298377186075601,129298377186388102,1000234,129791371079091292,1000034,129526968991422666,129309578575850709,129313977501788460,129309577647413174,129309565073350[...]
Line Deleted : user_pref("CT2790392.revertSettingsEnabled", true);
Line Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2790392.testingCtid", "");
Line Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Thu Jul 18 2013 09:54:47 GMT+0200");
Line Deleted : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Mon Jul 08 2013 08:19:02 GMT+0200");
Line Deleted : user_pref("CT2790392.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392", "\"d63157ae7d96a4c46e76284f4ed7e2063\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1182482/1178159/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", "\"1361459328\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=CT2790392", "b5I8zzzMgsg0XG/fawLlFw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=CT2790392", "9uXRY86McHhmOreOHsv6MA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=CT2790392", "I1tfz7EBg4DmNytL9x55lQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=CT2790392", "ZI41WLbm1fFgx4gn0bs99Q==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"0ea11bd291bce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"04afd94b864cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392", "\"dbe4460d95840339477519b3f77dc11a\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"70abdacd0657f812b0a44aac41051fe8\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\P.e.t.r.y\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\1qtqy1vl.default\\conduitCommon\\modules\\3.18.0.7");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://cdn.triplegames.com/shared/apps/gamearcade/arcade.htm?ctId=CT2790392", "620x66");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.triplegames.com/shared/apps/gamearcade/arcade.htm?ctId=CT2790392", "744x662");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://facebook.conduitapps.com/v3.13/gadget.html", "409x465");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?babsrc=toolbar2&q=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Apr 18 2012 13:22:06 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "8204d5f1-af12-45a3-85a2-a8c4e13a1962");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jul 08 2013 08:19:05 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Jul 18 2013 09:54:54 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jul 18 2013 09:54:46 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "4a9048cc-883a-445b-ab7f-fa5b3cc21207");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://start.funmoods.com");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Search");
Line Deleted : user_pref("extensions.51bdf19602b81.scode", "if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//cdncache-a.akamaihd.net/loaders/15[...]
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "orgnl");
Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 9);
Line Deleted : user_pref("extensions.BabylonToolbar.cntry", "CZ");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.firstRun", false);
Line Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "0DEC6CC03F8061264E0897573FECA2DF");
Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "79667b3b77864ade9afef9d2860c847f");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15205");
Line Deleted : user_pref("extensions.BabylonToolbar.lastActv", "9");
Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 9);
Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "");
Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "9.0");
Line Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Line Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 106639085);
Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Line Deleted : user_pref("extensions.BabylonToolbar.sid", "79667b3b77864ade9afef9d2860c847f");
Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "tzb");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "cs");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "d202b4a700000000000022b9a566cf2b");
Line Deleted : user_pref("extensions.delta.instlDay", "15872");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.518:40:26");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119781&tt=120613_ndt");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.0,{88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.18.0.7,{ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.15,{972ce4c6-7e08-4474-a285-3208198ce6fd}:9[...]
Line Deleted : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "4b2f76e8939cca24");
Line Deleted : user_pref("extensions.funmoods.admin", false);
Line Deleted : user_pref("extensions.funmoods.aflt", "make");
Line Deleted : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Line Deleted : user_pref("extensions.funmoods.cntry", "CZ");
Line Deleted : user_pref("extensions.funmoods.cv", "cv5");
Line Deleted : user_pref("extensions.funmoods.dfltLng", "EN");
Line Deleted : user_pref("extensions.funmoods.dfltSrch", true);
Line Deleted : user_pref("extensions.funmoods.dfltlng", "en");
Line Deleted : user_pref("extensions.funmoods.dfltsrch", true);
Line Deleted : user_pref("extensions.funmoods.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods.fmupdtFirst", false);
Line Deleted : user_pref("extensions.funmoods.hdrMd5", "75D3CC5E686D5363E40550B29442E1A6");
Line Deleted : user_pref("extensions.funmoods.hmpg", true);
Line Deleted : user_pref("extensions.funmoods.hrdid", "0");
Line Deleted : user_pref("extensions.funmoods.id", "d202b4a7000000000000eab9a566cf2b");
Line Deleted : user_pref("extensions.funmoods.instlDay", "15381");
Line Deleted : user_pref("extensions.funmoods.instlRef", "");
Line Deleted : user_pref("extensions.funmoods.instlday", "15381");
Line Deleted : user_pref("extensions.funmoods.instlref", "");
Line Deleted : user_pref("extensions.funmoods.isDcmntCmplt", true);
Line Deleted : user_pref("extensions.funmoods.keywordurl", "");
Line Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.1612:31:38");
Line Deleted : user_pref("extensions.funmoods.newTab", true);
Line Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=make");
Line Deleted : user_pref("extensions.funmoods.newtab", true);
Line Deleted : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=make");
Line Deleted : user_pref("extensions.funmoods.noFFXTlbr", false);
Line Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods.propectorlck", 97114339);
Line Deleted : user_pref("extensions.funmoods.prtkHmpg", 1);
Line Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods.prtnrid", "funmoods");
Line Deleted : user_pref("extensions.funmoods.sg", "none");
Line Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods.smplgrp", "none");
Line Deleted : user_pref("extensions.funmoods.srch", "");
Line Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods.srchprvdr", "Search");
Line Deleted : user_pref("extensions.funmoods.stAdmnPrms", true);
Line Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=make&q=");
Line Deleted : user_pref("extensions.funmoods.tlbrid", "base");
Line Deleted : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=make&q=");
Line Deleted : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.11.1612:31:38");
Line Deleted : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods.vrsnts", "1.5.11.1612:31:38");
Line Deleted : user_pref("extensions.funmoods_i.aflt", "make");
Line Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Line Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
Line Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
Line Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods_i.hmpg", true);
Line Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=make");
Line Deleted : user_pref("extensions.funmoods_i.id", "d202b4a7000000000000eab9a566cf2b");
Line Deleted : user_pref("extensions.funmoods_i.instlDay", "15381");
Line Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Line Deleted : user_pref("extensions.funmoods_i.newTab", true);
Line Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=make");
Line Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=make&q=");
Line Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1612:31:38");
Line Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=");
-\\ Google Chrome v31.0.1650.57
[ File : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [41907 octets] - [25/11/2013 22:35:06]
AdwCleaner[S0].txt - [42107 octets] - [25/11/2013 22:35:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [42168 octets] ##########
# AdwCleaner v3.016 - Report created 29/12/2013 at 20:43:09
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : P.e.t.r.y - MARTY
# Running from : C:\Users\P.e.t.r.y\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Secure Speed Dial
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\speeddial@instair.net
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKCU\Software\Conduit
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v
[ File : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [43273 octets] - [25/11/2013 22:35:06]
AdwCleaner[R1].txt - [1425 octets] - [29/12/2013 20:41:40]
AdwCleaner[S0].txt - [43521 octets] - [25/11/2013 22:35:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [43582 octets] ##########
# AdwCleaner v3.013 - Report created 25/11/2013 at 22:35:50
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : P.e.t.r.y - MARTY
# Running from : C:\Users\P.e.t.r.y\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\safe saaVE
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\Conduit
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\P.e.t.r.y\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Babylon
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Funmoods
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\iWin
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\ConduitCommon
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\CT2790392
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\jxhq2tq@dv-oa.co.uk
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\ftdownloader4@ftdownloader.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\invalidprefs.js
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\searchplugins\Babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\searchplugins\delta.xml
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\searchplugins\funmoods.xml
File Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\user.js
File Deleted : C:\Windows\System32\Tasks\Funmoods
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASUS_Screensaver
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16736
-\\ Mozilla Firefox v
[ File : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\prefs.js ]
Line Deleted : user_pref("CT2790392..clientLogIsEnabled", false);
Line Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
Line Deleted : user_pref("CT2790392.CTID", "CT2790392");
Line Deleted : user_pref("CT2790392.CurrentServerDate", "18-7-2013");
Line Deleted : user_pref("CT2790392.DSInstall", false);
Line Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Thu Jul 18 2013 09:54:46 GMT+0200");
Line Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2790392.EMailNotifierPollDate", "Thu Jul 18 2013 10:06:23 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedLastCount129313977501788460", 501);
Line Deleted : user_pref("CT2790392.FeedPollDate129313974171006416", "Thu Jul 18 2013 09:54:44 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313975698350231", "Thu Jul 18 2013 09:54:44 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976370850190", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976648818968", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313977444757117", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980389131455", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980655381977", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980886163259", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313981234756535", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983226631720", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983607725691", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Line Deleted : user_pref("CT2790392.FeedTTL129313975698350231", 5);
Line Deleted : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Line Deleted : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Line Deleted : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Line Deleted : user_pref("CT2790392.FirstServerDate", "12-3-2012");
Line Deleted : user_pref("CT2790392.FirstTime", true);
Line Deleted : user_pref("CT2790392.FirstTimeFF3", true);
Line Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2790392.HPInstall", false);
Line Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2790392.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://start.funmoods.com");
Line Deleted : user_pref("CT2790392.Initialize", true);
Line Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2790392.InstallationId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2790392.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2790392.InstalledDate", "Mon Mar 12 2012 13:45:40 GMT+0100");
Line Deleted : user_pref("CT2790392.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2790392.IsGrouping", false);
Line Deleted : user_pref("CT2790392.IsInitSetupIni", true);
Line Deleted : user_pref("CT2790392.IsMulticommunity", false);
Line Deleted : user_pref("CT2790392.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2790392.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2790392.LastLogin_3.10.0.1", "Wed Apr 18 2012 13:22:08 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.12.0.7", "Thu Apr 26 2012 11:27:24 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.12.2.3", "Tue Jun 05 2012 20:32:06 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.13.0.6", "Fri Jul 20 2012 08:03:55 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.14.1.0", "Fri Aug 31 2012 18:56:12 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.15.1.0", "Mon Nov 12 2012 12:26:40 GMT+0100");
Line Deleted : user_pref("CT2790392.LastLogin_3.16.0.3", "Wed Feb 20 2013 10:36:54 GMT+0100");
Line Deleted : user_pref("CT2790392.LastLogin_3.18.0.7", "Thu Jul 18 2013 09:54:46 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.9.0.3", "Mon Mar 12 2012 17:45:41 GMT+0100");
Line Deleted : user_pref("CT2790392.LatestVersion", "3.19.0.3");
Line Deleted : user_pref("CT2790392.Locale", "en");
Line Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2790392.MCDetectTooltipShow", false);
Line Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.9.0.3");
Line Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Line Deleted : user_pref("CT2790392.SearchEngineBeforeUnload", "Search");
Line Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=");
Line Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Thu Jul 18 2013 09:54:44 GMT+0200");
Line Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT2790392.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Thu Jul 18 2013 09:54:47 GMT+0200");
Line Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Thu Jul 18 2013 09:54:44 GMT+0200");
Line Deleted : user_pref("CT2790392.SettingsLastUpdate", "1374132317");
Line Deleted : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Mon Jul 08 2013 08:19:01 GMT+0200");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Line Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2790392.UserID", "UN43375748208129494");
Line Deleted : user_pref("CT2790392.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2790392.WeatherNetwork", "");
Line Deleted : user_pref("CT2790392.WeatherPollDate", "Thu Jul 18 2013 09:54:45 GMT+0200");
Line Deleted : user_pref("CT2790392.WeatherUnit", "C");
Line Deleted : user_pref("CT2790392.alertChannelId", "1182482");
Line Deleted : user_pref("CT2790392.appApproved.129309565073350181", true);
Line Deleted : user_pref("CT2790392.approveUntrustedApps", false);
Line Deleted : user_pref("CT2790392.autoDisableScopes", -1);
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6B70707472737373");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737176767A78797979242F4B49474F42357D5D5C3D");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b-0?3g>d", "6769404041426F707A4271457B20487B4A4B254F4E4E522A5154255855562E2F2C2D5B2C");
Line Deleted : user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
Line Deleted : user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Line Deleted : user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
Line Deleted : user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Line Deleted : user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
Line Deleted : user_pref("CT2790392.backendstorage./9b5ba==9cjag", "396D693F426F42747A4345747A4A4C7A4B7C7A7B24");
Line Deleted : user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6A6E7271716F6E75707977");
Line Deleted : user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
Line Deleted : user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Line Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
Line Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F7674727977752A7A72727A79757C7C");
Line Deleted : user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
Line Deleted : user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Deleted : user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
Line Deleted : user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
Line Deleted : user_pref("CT2790392.backendstorage.cb", "31");
Line Deleted : user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
Line Deleted : user_pref("CT2790392.backendstorage.cbcountry_000", "435A");
Line Deleted : user_pref("CT2790392.backendstorage.cbcountry_001", "435A");
Line Deleted : user_pref("CT2790392.backendstorage.cbfirsttime", "4D6F6E204D617220313220323031322031333A34353A343420474D542B30313030");
Line Deleted : user_pref("CT2790392.backendstorage.cbopenmamsettings", "30");
Line Deleted : user_pref("CT2790392.backendstorage.facebook_mode", "32");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476F6E67222C2275726C223A22687474703A2F2F7072696365676F6E672E636F6E64756974617070732E636F6D2F4D414D2F763[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333734313334303934343935");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_calledsetupservice", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A2245617379746F626F6F6B5F7461726765746564222C22637269746572696173223A5B7B22637269746572696149[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E392E302E34");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_existingusersrecoverydone", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333734313334303930383338");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_mamenabled", "66616C7365");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.3.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.3.2", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A223231355F2D31222C22697354657374[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.6.0.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A223231355F2D31222C22697354657374[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.8.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2235345F30222C22697354657374223A[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.9.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2238345F30222C22697354657374223A[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_userid", "34373263333131342D616563322D343862372D623632322D376664343631336437396237");
Line Deleted : user_pref("CT2790392.backendstorage.pg_enable", "74727565");
Line Deleted : user_pref("CT2790392.backendstorage.searchappstate", "33");
Line Deleted : user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
Line Deleted : user_pref("CT2790392.backendstorage.sf_just_installed", "46414C5345");
Line Deleted : user_pref("CT2790392.backendstorage.sf_status", "454E41424C4544");
Line Deleted : user_pref("CT2790392.backendstorage.sf_user_id", "6369645F31383732303133313036333133363435303539");
Line Deleted : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F61756B726F2E637A2F7A7669726174612D686C6F64617663692D373238303F703D333A3A3A636C69636B68616E646C65723A3A3A313336323931323733333231352[...]
Line Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Thu Jul 18 2013 09:54:46 GMT+0200");
Line Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2790392.initDone", true);
Line Deleted : user_pref("CT2790392.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT2790392.myStuffEnabled", true);
Line Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2790392.oldAppsList", "129298377186075601,129298377186388102,1000234,129791371079091292,1000034,129526968991422666,129309578575850709,129313977501788460,129309577647413174,129309565073350[...]
Line Deleted : user_pref("CT2790392.revertSettingsEnabled", true);
Line Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2790392.testingCtid", "");
Line Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Thu Jul 18 2013 09:54:47 GMT+0200");
Line Deleted : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Mon Jul 08 2013 08:19:02 GMT+0200");
Line Deleted : user_pref("CT2790392.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392", "\"d63157ae7d96a4c46e76284f4ed7e2063\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1182482/1178159/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", "\"1361459328\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=CT2790392", "b5I8zzzMgsg0XG/fawLlFw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=CT2790392", "9uXRY86McHhmOreOHsv6MA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=CT2790392", "I1tfz7EBg4DmNytL9x55lQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=CT2790392", "ZI41WLbm1fFgx4gn0bs99Q==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"0ea11bd291bce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"04afd94b864cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392", "\"dbe4460d95840339477519b3f77dc11a\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"70abdacd0657f812b0a44aac41051fe8\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\P.e.t.r.y\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\1qtqy1vl.default\\conduitCommon\\modules\\3.18.0.7");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://cdn.triplegames.com/shared/apps/gamearcade/arcade.htm?ctId=CT2790392", "620x66");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.triplegames.com/shared/apps/gamearcade/arcade.htm?ctId=CT2790392", "744x662");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://facebook.conduitapps.com/v3.13/gadget.html", "409x465");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?babsrc=toolbar2&q=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Apr 18 2012 13:22:06 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "8204d5f1-af12-45a3-85a2-a8c4e13a1962");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jul 08 2013 08:19:05 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Jul 18 2013 09:54:54 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jul 18 2013 09:54:46 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "4a9048cc-883a-445b-ab7f-fa5b3cc21207");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://start.funmoods.com");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Search");
Line Deleted : user_pref("extensions.51bdf19602b81.scode", "if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//cdncache-a.akamaihd.net/loaders/15[...]
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "orgnl");
Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 9);
Line Deleted : user_pref("extensions.BabylonToolbar.cntry", "CZ");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.firstRun", false);
Line Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "0DEC6CC03F8061264E0897573FECA2DF");
Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "79667b3b77864ade9afef9d2860c847f");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15205");
Line Deleted : user_pref("extensions.BabylonToolbar.lastActv", "9");
Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 9);
Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "");
Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "9.0");
Line Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Line Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 106639085);
Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Line Deleted : user_pref("extensions.BabylonToolbar.sid", "79667b3b77864ade9afef9d2860c847f");
Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "tzb");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "cs");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "d202b4a700000000000022b9a566cf2b");
Line Deleted : user_pref("extensions.delta.instlDay", "15872");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.518:40:26");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119781&tt=120613_ndt");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.0,{88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.18.0.7,{ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.15,{972ce4c6-7e08-4474-a285-3208198ce6fd}:9[...]
Line Deleted : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "4b2f76e8939cca24");
Line Deleted : user_pref("extensions.funmoods.admin", false);
Line Deleted : user_pref("extensions.funmoods.aflt", "make");
Line Deleted : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Line Deleted : user_pref("extensions.funmoods.cntry", "CZ");
Line Deleted : user_pref("extensions.funmoods.cv", "cv5");
Line Deleted : user_pref("extensions.funmoods.dfltLng", "EN");
Line Deleted : user_pref("extensions.funmoods.dfltSrch", true);
Line Deleted : user_pref("extensions.funmoods.dfltlng", "en");
Line Deleted : user_pref("extensions.funmoods.dfltsrch", true);
Line Deleted : user_pref("extensions.funmoods.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods.fmupdtFirst", false);
Line Deleted : user_pref("extensions.funmoods.hdrMd5", "75D3CC5E686D5363E40550B29442E1A6");
Line Deleted : user_pref("extensions.funmoods.hmpg", true);
Line Deleted : user_pref("extensions.funmoods.hrdid", "0");
Line Deleted : user_pref("extensions.funmoods.id", "d202b4a7000000000000eab9a566cf2b");
Line Deleted : user_pref("extensions.funmoods.instlDay", "15381");
Line Deleted : user_pref("extensions.funmoods.instlRef", "");
Line Deleted : user_pref("extensions.funmoods.instlday", "15381");
Line Deleted : user_pref("extensions.funmoods.instlref", "");
Line Deleted : user_pref("extensions.funmoods.isDcmntCmplt", true);
Line Deleted : user_pref("extensions.funmoods.keywordurl", "");
Line Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.1612:31:38");
Line Deleted : user_pref("extensions.funmoods.newTab", true);
Line Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=make");
Line Deleted : user_pref("extensions.funmoods.newtab", true);
Line Deleted : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=make");
Line Deleted : user_pref("extensions.funmoods.noFFXTlbr", false);
Line Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods.propectorlck", 97114339);
Line Deleted : user_pref("extensions.funmoods.prtkHmpg", 1);
Line Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods.prtnrid", "funmoods");
Line Deleted : user_pref("extensions.funmoods.sg", "none");
Line Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods.smplgrp", "none");
Line Deleted : user_pref("extensions.funmoods.srch", "");
Line Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods.srchprvdr", "Search");
Line Deleted : user_pref("extensions.funmoods.stAdmnPrms", true);
Line Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=make&q=");
Line Deleted : user_pref("extensions.funmoods.tlbrid", "base");
Line Deleted : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=make&q=");
Line Deleted : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.11.1612:31:38");
Line Deleted : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods.vrsnts", "1.5.11.1612:31:38");
Line Deleted : user_pref("extensions.funmoods_i.aflt", "make");
Line Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Line Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
Line Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
Line Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods_i.hmpg", true);
Line Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=make");
Line Deleted : user_pref("extensions.funmoods_i.id", "d202b4a7000000000000eab9a566cf2b");
Line Deleted : user_pref("extensions.funmoods_i.instlDay", "15381");
Line Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Line Deleted : user_pref("extensions.funmoods_i.newTab", true);
Line Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=make");
Line Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=make&q=");
Line Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1612:31:38");
Line Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=");
-\\ Google Chrome v31.0.1650.57
[ File : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [41907 octets] - [25/11/2013 22:35:06]
AdwCleaner[S0].txt - [42107 octets] - [25/11/2013 22:35:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [42168 octets] ##########
# AdwCleaner v3.016 - Report created 29/12/2013 at 20:43:09
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : P.e.t.r.y - MARTY
# Running from : C:\Users\P.e.t.r.y\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Secure Speed Dial
Folder Deleted : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\Extensions\speeddial@instair.net
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKCU\Software\Conduit
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v
[ File : C:\Users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [43273 octets] - [25/11/2013 22:35:06]
AdwCleaner[R1].txt - [1425 octets] - [29/12/2013 20:41:40]
AdwCleaner[S0].txt - [43521 octets] - [25/11/2013 22:35:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [43582 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119504
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu + oživení ntb
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu + oživení ntb
Logfile of random's system information tool 1.09 (written by random/random)
Run by P.e.t.r.y at 2013-12-29 22:20:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 24 GB (15%) free of 153 GB
Total RAM: 4008 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:05, on 29.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\inf\mspaeqpn\mspaeqpn.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\P.e.t.r.y.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [msgmloSrv] C:\Windows\inf\msgmlo.vbe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2BC176B-2A69-4D7C-9654-8784090444FC}: NameServer = 212.96.160.7,212.96.161.6
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll ,C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (file missing)
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 11798 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {04139D8D-FC43-459F-BCA9-12731DBCC5C8}
C:\Windows\Explorer.EXE
taskeng.exe {5F42AD6F-18DE-4B06-9D3C-55A11A7C73E9}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll" /prefetch:1
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2684
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
ATKOSD.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\inf\mspaeqpn\mspaeqpn.exe -o stratum+tcp://mint.bitminter.com:3333 -u stuczle_passike -p matlar
\??\C:\Windows\system32\conhost.exe "-11510718291246499893-1026188743-20147027591393292231255699747708822617-1950016994
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2924.0.691403671\1061550591" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="2924.1.742868940\1376294041" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="2924.2.1665587874\1300041437" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll/NPIdentityGen.dll" --lang=cs --channel="2924.3.814948513\599210170" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2924.7.234504998\1219209485" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2924.8.583763775\1651513229" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2924.9.1120350701\2081471025" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2924.11.704227832\1786816026" /prefetch:673131151
"C:\Users\P.e.t.r.y\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Driver Booster Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-30 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-30 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL [2012-08-10 387040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
c:\program files (x86)\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe -launchedbylogin []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-04-12 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
c:\program files (x86)\asus\asus webstorage\service\asuswsservice.exe [2010-03-16 1754448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
c:\program files (x86)\atheros\bluetooth suite\athbttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
c:\program files (x86)\atheros\bluetooth suite\btvstack.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe [2010-08-17 5732992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\elantech\etdctrl.exe [2010-06-10 649608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\program files (x86)\hp\hp software update\hpwuschd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
c:\windows\system32\igfxtray.exe [2012-12-14 172144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
c:\programdata\flexnet\connect\11\isuspm.exe [2009-05-06 222496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
c:\program files (x86)\nokia\nokia suite\nokiasuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2012-12-14 441968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POPUPTV]
C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe [2010-03-19 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe [2010-02-03 87336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
c:\program files\realtek\audio\hda\ravbg64.exe [2010-11-30 2186856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-30 11660904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
c:\program files (x86)\asus\sonicmaster\sonicmastertray.exe [2010-07-10 984400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
c:\program files (x86)\sony\sony pc companion\pccompanion.exe [2013-05-29 449248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-17 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 3]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\INSTAL~1\{2B818~1\_94E3C~1.EXE [2011-04-12 12862]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"msgmloSrv"=C:\Windows\inf\msgmlo.vbe [2013-08-27 1558]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-12-10 243200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2013-12-29 14:02:22 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\openvr
2013-12-28 22:41:24 ----A---- C:\Windows\IsUninst.exe
2013-12-28 20:13:54 ----D---- C:\Program Files\Defraggler
2013-12-28 19:50:32 ----D---- C:\rsit
2013-12-28 18:30:09 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HPAppData
2013-12-26 03:03:28 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Zoner
2013-12-26 03:03:23 ----D---- C:\ProgramData\Zoner
2013-12-12 19:07:12 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 13:33:00 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 13:32:56 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 08:27:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 08:27:21 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 08:23:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 08:23:29 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 08:23:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 08:23:27 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 08:23:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 08:23:24 ----A---- C:\Windows\system32\jscript9.dll
2013-12-10 20:52:27 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\TP-LINK
2013-12-10 20:52:09 ----D---- C:\Program Files (x86)\TP-LINK
2013-12-10 20:51:26 ----A---- C:\Windows\system32\rtwlanu.sys
2013-12-10 20:51:26 ----A---- C:\Windows\system32\drivers\RTWlanU.sys
2013-12-10 20:50:14 ----D---- C:\ProgramData\TP-LINK
2013-12-10 20:35:51 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-10 20:31:16 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-10 20:31:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 20:31:08 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-10 20:31:08 ----A---- C:\Windows\system32\elshyph.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\wextract.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\webcheck.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\vbscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\url.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\occache.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msrating.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msls31.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshta.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\inseng.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\imgutil.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iexpress.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iepeers.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-10 20:31:06 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\icardie.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-07 18:45:16 ----D---- C:\ProgramData\WEBREG
2013-12-04 00:25:50 ----D---- C:\ProgramData\Skype
2013-11-30 18:15:59 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Origin
2013-11-30 18:00:56 ----D---- C:\ProgramData\Origin
======List of files/folders modified in the last 1 month======
2013-12-29 22:21:02 ----D---- C:\Program Files\trend micro
2013-12-29 20:57:51 ----D---- C:\Windows\system32\config
2013-12-29 20:57:11 ----D---- C:\Windows\temp
2013-12-29 20:52:25 ----D---- C:\Program Files (x86)\Steam
2013-12-29 20:51:58 ----SHD---- C:\System Volume Information
2013-12-29 20:47:51 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-29 20:47:46 ----D---- C:\Windows\system32\Tasks
2013-12-29 20:43:27 ----D---- C:\AdwCleaner
2013-12-29 20:43:12 ----RD---- C:\Program Files (x86)
2013-12-29 10:05:44 ----D---- C:\Windows
2013-12-28 22:46:43 ----D---- C:\Program Files (x86)\Common Files
2013-12-28 22:08:45 ----D---- C:\Windows\Logs
2013-12-28 20:13:54 ----RD---- C:\Program Files
2013-12-28 20:10:39 ----D---- C:\Windows\inf
2013-12-28 19:29:30 ----D---- C:\Windows\Panther
2013-12-28 19:29:29 ----D---- C:\Windows\debug
2013-12-28 16:23:32 ----D---- C:\Windows\system32\NDF
2013-12-27 20:34:41 ----D---- C:\Windows\System32
2013-12-27 20:34:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-27 19:26:13 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-12-26 03:11:43 ----SHD---- C:\Windows\Installer
2013-12-26 03:11:42 ----D---- C:\Program Files (x86)\Adobe
2013-12-26 03:11:42 ----D---- C:\Config.Msi
2013-12-26 03:03:23 ----D---- C:\ProgramData
2013-12-23 10:05:33 ----D---- C:\Windows\winsxs
2013-12-23 09:41:42 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Adobe
2013-12-23 09:41:33 ----D---- C:\Windows\SysWOW64
2013-12-23 09:33:18 ----D---- C:\ProgramData\Installations
2013-12-23 09:33:15 ----D---- C:\Program Files (x86)\Nokia
2013-12-23 09:26:50 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Skype
2013-12-19 00:08:48 ----D---- C:\Windows\system32\catroot
2013-12-15 23:41:02 ----D---- C:\Windows\system32\MRT
2013-12-15 23:31:22 ----A---- C:\Windows\system32\MRT.exe
2013-12-12 13:35:56 ----D---- C:\Program Files\Windows Media Player
2013-12-12 13:35:56 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 13:35:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Windows\system32\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Program Files\Internet Explorer
2013-12-12 13:35:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-12 13:35:44 ----D---- C:\Windows\system32\DriverStore
2013-12-12 13:35:41 ----D---- C:\Windows\system32\drivers
2013-12-12 13:34:02 ----D---- C:\Windows\system32\catroot2
2013-12-10 20:52:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-10 20:51:26 ----D---- C:\Temp
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\migration
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-10 20:38:35 ----D---- C:\Windows\system32\migration
2013-12-10 20:38:35 ----D---- C:\Windows\PolicyDefinitions
2013-12-10 20:38:34 ----D---- C:\Windows\system32\en-US
2013-12-07 18:45:16 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HP
2013-12-06 01:09:56 ----A---- C:\Windows\system32\acovcnt.exe
2013-12-05 21:47:19 ----D---- C:\ProgramData\Adobe
2013-12-04 07:00:01 ----D---- C:\Windows\Tasks
2013-12-04 07:00:01 ----D---- C:\Windows\system32\wfp
2013-12-04 07:00:01 ----D---- C:\ProgramData\P4G
2013-12-04 07:00:00 ----D---- C:\Windows\system32\wbem
2013-12-04 07:00:00 ----D---- C:\Windows\system32\drivers\etc
2013-12-04 07:00:00 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-04 06:59:59 ----D---- C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2013-12-04 06:59:59 ----D---- C:\Windows\AppCompat
2013-12-04 06:59:59 ----D---- C:\Windows\6833245EDD86479A882A8360D62C8194.TMP
2013-12-04 06:59:59 ----D---- C:\Windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
2013-12-04 06:59:59 ----D---- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2013-12-04 06:59:51 ----D---- C:\Qoobox
2013-12-04 06:59:49 ----D---- C:\ProgramData\Norton
2013-12-04 06:59:49 ----D---- C:\ProgramData\Electronic Arts
2013-12-04 06:59:32 ----D---- C:\Windows\registration
2013-12-04 06:58:58 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Macromedia
2013-12-04 00:23:31 ----D---- C:\Program Files (x86)\IObit
2013-12-03 23:19:46 ----D---- C:\Program Files (x86)\HP
2013-12-01 19:33:50 ----D---- C:\Windows\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-09-15 652344]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-09-15 28216]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-08 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-10 503352]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS [2013-05-20 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS [2013-05-22 1139800]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-03 1526488]
R1 ccSet_N360;Norton 360 Settings Manager; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [2013-04-15 169048]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131227.001\IDSvia64.sys [2013-12-13 521944]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 253528]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 94296]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [2013-03-04 36952]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2012-08-08 43680]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [2012-07-27 224416]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\N360x64\1404000.028\SYMNETS.SYS [2013-04-24 433752]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-03-02 11576]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-05-23 3948544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-20 270912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131228.006\ENG64.SYS [2013-12-03 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131228.006\EX64.SYS [2013-12-03 2099288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-09-15 872152]
R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-03-05 1528976]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSP64.SYS [2013-05-15 796760]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-07-06 177312]
S1 fpefunqc;fpefunqc; \??\C:\Windows\system32\drivers\fpefunqc.sys []
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-03-02 53816]
S3 AF9035BDA;AF9035 BDA Devices; C:\Windows\System32\Drivers\AF9035BDA.sys [2008-01-30 191488]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 ASUSVRC64;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC64.sys [2008-10-13 23424]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-10-25 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-10-25 27760]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-30 2647528]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter_hs.sys [2011-03-07 18456]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 60504]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 884512]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe []
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-08 1260320]
S2 SecureUpdateSvc;SecureUpdate; C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-12 182768]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
-----------------EOF-----------------
Run by P.e.t.r.y at 2013-12-29 22:20:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 24 GB (15%) free of 153 GB
Total RAM: 4008 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:05, on 29.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\inf\mspaeqpn\mspaeqpn.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\P.e.t.r.y.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [msgmloSrv] C:\Windows\inf\msgmlo.vbe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2BC176B-2A69-4D7C-9654-8784090444FC}: NameServer = 212.96.160.7,212.96.161.6
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll ,C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (file missing)
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 11798 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {04139D8D-FC43-459F-BCA9-12731DBCC5C8}
C:\Windows\Explorer.EXE
taskeng.exe {5F42AD6F-18DE-4B06-9D3C-55A11A7C73E9}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll" /prefetch:1
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2684
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
ATKOSD.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\inf\mspaeqpn\mspaeqpn.exe -o stratum+tcp://mint.bitminter.com:3333 -u stuczle_passike -p matlar
\??\C:\Windows\system32\conhost.exe "-11510718291246499893-1026188743-20147027591393292231255699747708822617-1950016994
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2924.0.691403671\1061550591" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="2924.1.742868940\1376294041" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="2924.2.1665587874\1300041437" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\P.e.t.r.y\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll/NPIdentityGen.dll" --lang=cs --channel="2924.3.814948513\599210170" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2924.7.234504998\1219209485" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2924.8.583763775\1651513229" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2924.9.1120350701\2081471025" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group11 pct:1d stable:pp3 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2924.11.704227832\1786816026" /prefetch:673131151
"C:\Users\P.e.t.r.y\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Driver Booster Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-30 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-30 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL [2012-08-10 387040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
c:\program files (x86)\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe -launchedbylogin []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-04-12 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
c:\program files (x86)\asus\asus webstorage\service\asuswsservice.exe [2010-03-16 1754448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
c:\program files (x86)\atheros\bluetooth suite\athbttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
c:\program files (x86)\atheros\bluetooth suite\btvstack.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe [2010-08-17 5732992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\elantech\etdctrl.exe [2010-06-10 649608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\program files (x86)\hp\hp software update\hpwuschd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
c:\windows\system32\igfxtray.exe [2012-12-14 172144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
c:\programdata\flexnet\connect\11\isuspm.exe [2009-05-06 222496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
c:\program files (x86)\nokia\nokia suite\nokiasuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2012-12-14 441968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POPUPTV]
C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe [2010-03-19 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe [2010-02-03 87336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
c:\program files\realtek\audio\hda\ravbg64.exe [2010-11-30 2186856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-30 11660904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
c:\program files (x86)\asus\sonicmaster\sonicmastertray.exe [2010-07-10 984400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
c:\program files (x86)\sony\sony pc companion\pccompanion.exe [2013-05-29 449248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-17 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 3]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\INSTAL~1\{2B818~1\_94E3C~1.EXE [2011-04-12 12862]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"msgmloSrv"=C:\Windows\inf\msgmlo.vbe [2013-08-27 1558]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-12-10 243200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2013-12-29 14:02:22 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\openvr
2013-12-28 22:41:24 ----A---- C:\Windows\IsUninst.exe
2013-12-28 20:13:54 ----D---- C:\Program Files\Defraggler
2013-12-28 19:50:32 ----D---- C:\rsit
2013-12-28 18:30:09 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HPAppData
2013-12-26 03:03:28 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Zoner
2013-12-26 03:03:23 ----D---- C:\ProgramData\Zoner
2013-12-12 19:07:12 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 13:33:00 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 13:32:56 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 08:27:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 08:27:21 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 08:23:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 08:23:29 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 08:23:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 08:23:27 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 08:23:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 08:23:24 ----A---- C:\Windows\system32\jscript9.dll
2013-12-10 20:52:27 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\TP-LINK
2013-12-10 20:52:09 ----D---- C:\Program Files (x86)\TP-LINK
2013-12-10 20:51:26 ----A---- C:\Windows\system32\rtwlanu.sys
2013-12-10 20:51:26 ----A---- C:\Windows\system32\drivers\RTWlanU.sys
2013-12-10 20:50:14 ----D---- C:\ProgramData\TP-LINK
2013-12-10 20:35:51 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-10 20:31:16 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-10 20:31:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 20:31:08 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-10 20:31:08 ----A---- C:\Windows\system32\elshyph.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\wextract.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\webcheck.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\vbscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\url.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\occache.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msrating.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msls31.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshta.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\inseng.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\imgutil.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iexpress.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iepeers.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-10 20:31:06 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\icardie.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-07 18:45:16 ----D---- C:\ProgramData\WEBREG
2013-12-04 00:25:50 ----D---- C:\ProgramData\Skype
2013-11-30 18:15:59 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Origin
2013-11-30 18:00:56 ----D---- C:\ProgramData\Origin
======List of files/folders modified in the last 1 month======
2013-12-29 22:21:02 ----D---- C:\Program Files\trend micro
2013-12-29 20:57:51 ----D---- C:\Windows\system32\config
2013-12-29 20:57:11 ----D---- C:\Windows\temp
2013-12-29 20:52:25 ----D---- C:\Program Files (x86)\Steam
2013-12-29 20:51:58 ----SHD---- C:\System Volume Information
2013-12-29 20:47:51 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-29 20:47:46 ----D---- C:\Windows\system32\Tasks
2013-12-29 20:43:27 ----D---- C:\AdwCleaner
2013-12-29 20:43:12 ----RD---- C:\Program Files (x86)
2013-12-29 10:05:44 ----D---- C:\Windows
2013-12-28 22:46:43 ----D---- C:\Program Files (x86)\Common Files
2013-12-28 22:08:45 ----D---- C:\Windows\Logs
2013-12-28 20:13:54 ----RD---- C:\Program Files
2013-12-28 20:10:39 ----D---- C:\Windows\inf
2013-12-28 19:29:30 ----D---- C:\Windows\Panther
2013-12-28 19:29:29 ----D---- C:\Windows\debug
2013-12-28 16:23:32 ----D---- C:\Windows\system32\NDF
2013-12-27 20:34:41 ----D---- C:\Windows\System32
2013-12-27 20:34:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-27 19:26:13 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-12-26 03:11:43 ----SHD---- C:\Windows\Installer
2013-12-26 03:11:42 ----D---- C:\Program Files (x86)\Adobe
2013-12-26 03:11:42 ----D---- C:\Config.Msi
2013-12-26 03:03:23 ----D---- C:\ProgramData
2013-12-23 10:05:33 ----D---- C:\Windows\winsxs
2013-12-23 09:41:42 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Adobe
2013-12-23 09:41:33 ----D---- C:\Windows\SysWOW64
2013-12-23 09:33:18 ----D---- C:\ProgramData\Installations
2013-12-23 09:33:15 ----D---- C:\Program Files (x86)\Nokia
2013-12-23 09:26:50 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Skype
2013-12-19 00:08:48 ----D---- C:\Windows\system32\catroot
2013-12-15 23:41:02 ----D---- C:\Windows\system32\MRT
2013-12-15 23:31:22 ----A---- C:\Windows\system32\MRT.exe
2013-12-12 13:35:56 ----D---- C:\Program Files\Windows Media Player
2013-12-12 13:35:56 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 13:35:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Windows\system32\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Program Files\Internet Explorer
2013-12-12 13:35:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-12 13:35:44 ----D---- C:\Windows\system32\DriverStore
2013-12-12 13:35:41 ----D---- C:\Windows\system32\drivers
2013-12-12 13:34:02 ----D---- C:\Windows\system32\catroot2
2013-12-10 20:52:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-10 20:51:26 ----D---- C:\Temp
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\migration
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-10 20:38:35 ----D---- C:\Windows\system32\migration
2013-12-10 20:38:35 ----D---- C:\Windows\PolicyDefinitions
2013-12-10 20:38:34 ----D---- C:\Windows\system32\en-US
2013-12-07 18:45:16 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HP
2013-12-06 01:09:56 ----A---- C:\Windows\system32\acovcnt.exe
2013-12-05 21:47:19 ----D---- C:\ProgramData\Adobe
2013-12-04 07:00:01 ----D---- C:\Windows\Tasks
2013-12-04 07:00:01 ----D---- C:\Windows\system32\wfp
2013-12-04 07:00:01 ----D---- C:\ProgramData\P4G
2013-12-04 07:00:00 ----D---- C:\Windows\system32\wbem
2013-12-04 07:00:00 ----D---- C:\Windows\system32\drivers\etc
2013-12-04 07:00:00 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-04 06:59:59 ----D---- C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2013-12-04 06:59:59 ----D---- C:\Windows\AppCompat
2013-12-04 06:59:59 ----D---- C:\Windows\6833245EDD86479A882A8360D62C8194.TMP
2013-12-04 06:59:59 ----D---- C:\Windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
2013-12-04 06:59:59 ----D---- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2013-12-04 06:59:51 ----D---- C:\Qoobox
2013-12-04 06:59:49 ----D---- C:\ProgramData\Norton
2013-12-04 06:59:49 ----D---- C:\ProgramData\Electronic Arts
2013-12-04 06:59:32 ----D---- C:\Windows\registration
2013-12-04 06:58:58 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Macromedia
2013-12-04 00:23:31 ----D---- C:\Program Files (x86)\IObit
2013-12-03 23:19:46 ----D---- C:\Program Files (x86)\HP
2013-12-01 19:33:50 ----D---- C:\Windows\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-09-15 652344]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-09-15 28216]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-08 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-10 503352]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS [2013-05-20 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS [2013-05-22 1139800]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-03 1526488]
R1 ccSet_N360;Norton 360 Settings Manager; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [2013-04-15 169048]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131227.001\IDSvia64.sys [2013-12-13 521944]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 253528]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 94296]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [2013-03-04 36952]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2012-08-08 43680]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [2012-07-27 224416]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\N360x64\1404000.028\SYMNETS.SYS [2013-04-24 433752]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-03-02 11576]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-05-23 3948544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-20 270912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131228.006\ENG64.SYS [2013-12-03 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131228.006\EX64.SYS [2013-12-03 2099288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-09-15 872152]
R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-03-05 1528976]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSP64.SYS [2013-05-15 796760]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-07-06 177312]
S1 fpefunqc;fpefunqc; \??\C:\Windows\system32\drivers\fpefunqc.sys []
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-03-02 53816]
S3 AF9035BDA;AF9035 BDA Devices; C:\Windows\System32\Drivers\AF9035BDA.sys [2008-01-30 191488]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 ASUSVRC64;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC64.sys [2008-10-13 23424]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-10-25 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-10-25 27760]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-30 2647528]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter_hs.sys [2011-03-07 18456]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 60504]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 884512]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe []
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-08 1260320]
S2 SecureUpdateSvc;SecureUpdate; C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-12 182768]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119504
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu + oživení ntb
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\inf\msgmlo.vbe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
C:\Windows\6833245EDD86479A882A8360D62C8194.TMP
C:\Windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"msgmloSrv"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu + oživení ntb
Logfile of random's system information tool 1.09 (written by random/random)
Run by P.e.t.r.y at 2013-12-30 00:18:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 25 GB (16%) free of 153 GB
Total RAM: 4008 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:18:40, on 30.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\trend micro\P.e.t.r.y.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2BC176B-2A69-4D7C-9654-8784090444FC}: NameServer = 212.96.160.7,212.96.161.6
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll ,C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (file missing)
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 10955 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
taskeng.exe {0117898E-6A6A-491D-9CF8-CCD9AC2C9831}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {4D7C3D7B-2C47-4937-9180-F0DB69D7A27D}
"taskhost.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
taskeng.exe {31E1F734-44EB-45C0-999B-02E9F1E46EBE}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll" /prefetch:1
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2632
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\P.e.t.r.y\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Driver Booster Update.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-30 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-30 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL [2012-08-10 387040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
c:\program files (x86)\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe -launchedbylogin []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-04-12 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
c:\program files (x86)\asus\asus webstorage\service\asuswsservice.exe [2010-03-16 1754448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
c:\program files (x86)\atheros\bluetooth suite\athbttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
c:\program files (x86)\atheros\bluetooth suite\btvstack.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe [2010-08-17 5732992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\elantech\etdctrl.exe [2010-06-10 649608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\program files (x86)\hp\hp software update\hpwuschd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
c:\windows\system32\igfxtray.exe [2012-12-14 172144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
c:\programdata\flexnet\connect\11\isuspm.exe [2009-05-06 222496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
c:\program files (x86)\nokia\nokia suite\nokiasuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2012-12-14 441968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POPUPTV]
C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe [2010-03-19 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe [2010-02-03 87336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
c:\program files\realtek\audio\hda\ravbg64.exe [2010-11-30 2186856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-30 11660904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
c:\program files (x86)\asus\sonicmaster\sonicmastertray.exe [2010-07-10 984400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
c:\program files (x86)\sony\sony pc companion\pccompanion.exe [2013-05-29 449248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-17 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 3]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\INSTAL~1\{2B818~1\_94E3C~1.EXE [2011-04-12 12862]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-12-10 243200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2013-12-30 00:11:18 ----D---- C:\_OTM
2013-12-29 14:02:22 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\openvr
2013-12-28 22:41:24 ----A---- C:\Windows\IsUninst.exe
2013-12-28 20:13:54 ----D---- C:\Program Files\Defraggler
2013-12-28 19:50:32 ----D---- C:\rsit
2013-12-28 18:30:09 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HPAppData
2013-12-26 03:03:28 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Zoner
2013-12-26 03:03:23 ----D---- C:\ProgramData\Zoner
2013-12-12 19:07:12 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 13:33:00 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 13:32:56 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 08:27:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 08:27:21 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 08:23:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 08:23:29 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 08:23:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 08:23:27 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 08:23:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 08:23:24 ----A---- C:\Windows\system32\jscript9.dll
2013-12-10 20:52:27 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\TP-LINK
2013-12-10 20:52:09 ----D---- C:\Program Files (x86)\TP-LINK
2013-12-10 20:51:26 ----A---- C:\Windows\system32\rtwlanu.sys
2013-12-10 20:51:26 ----A---- C:\Windows\system32\drivers\RTWlanU.sys
2013-12-10 20:50:14 ----D---- C:\ProgramData\TP-LINK
2013-12-10 20:35:51 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-10 20:31:16 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-10 20:31:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 20:31:08 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-10 20:31:08 ----A---- C:\Windows\system32\elshyph.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\wextract.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\webcheck.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\vbscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\url.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\occache.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msrating.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msls31.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshta.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\inseng.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\imgutil.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iexpress.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iepeers.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-10 20:31:06 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\icardie.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-07 18:45:16 ----D---- C:\ProgramData\WEBREG
2013-12-04 00:25:50 ----D---- C:\ProgramData\Skype
======List of files/folders modified in the last 1 month======
2013-12-30 00:18:38 ----D---- C:\Program Files\trend micro
2013-12-30 00:18:15 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-30 00:17:41 ----D---- C:\Windows\temp
2013-12-30 00:17:38 ----D---- C:\Windows\system32\config
2013-12-30 00:17:36 ----D---- C:\Windows\system32\Tasks
2013-12-30 00:13:46 ----SHD---- C:\System Volume Information
2013-12-30 00:12:22 ----D---- C:\Windows
2013-12-30 00:11:24 ----D---- C:\Windows\Tasks
2013-12-30 00:11:23 ----D---- C:\Windows\inf
2013-12-29 22:48:24 ----D---- C:\Program Files (x86)\Steam
2013-12-29 22:40:36 ----D---- C:\Windows\system32\NDF
2013-12-29 20:43:27 ----D---- C:\AdwCleaner
2013-12-29 20:43:12 ----RD---- C:\Program Files (x86)
2013-12-28 22:46:43 ----D---- C:\Program Files (x86)\Common Files
2013-12-28 22:08:45 ----D---- C:\Windows\Logs
2013-12-28 20:13:54 ----RD---- C:\Program Files
2013-12-28 19:29:30 ----D---- C:\Windows\Panther
2013-12-28 19:29:29 ----D---- C:\Windows\debug
2013-12-27 20:34:41 ----D---- C:\Windows\System32
2013-12-27 20:34:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-27 19:26:13 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-12-26 03:11:43 ----SHD---- C:\Windows\Installer
2013-12-26 03:11:42 ----D---- C:\Program Files (x86)\Adobe
2013-12-26 03:11:42 ----D---- C:\Config.Msi
2013-12-26 03:03:23 ----D---- C:\ProgramData
2013-12-23 10:05:33 ----D---- C:\Windows\winsxs
2013-12-23 09:41:42 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Adobe
2013-12-23 09:41:33 ----D---- C:\Windows\SysWOW64
2013-12-23 09:33:18 ----D---- C:\ProgramData\Installations
2013-12-23 09:33:15 ----D---- C:\Program Files (x86)\Nokia
2013-12-23 09:26:50 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Skype
2013-12-19 00:08:48 ----D---- C:\Windows\system32\catroot
2013-12-15 23:41:02 ----D---- C:\Windows\system32\MRT
2013-12-15 23:31:22 ----A---- C:\Windows\system32\MRT.exe
2013-12-12 13:35:56 ----D---- C:\Program Files\Windows Media Player
2013-12-12 13:35:56 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 13:35:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Windows\system32\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Program Files\Internet Explorer
2013-12-12 13:35:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-12 13:35:44 ----D---- C:\Windows\system32\DriverStore
2013-12-12 13:35:41 ----D---- C:\Windows\system32\drivers
2013-12-12 13:34:02 ----D---- C:\Windows\system32\catroot2
2013-12-10 20:52:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-10 20:51:26 ----D---- C:\Temp
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\migration
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-10 20:38:35 ----D---- C:\Windows\system32\migration
2013-12-10 20:38:35 ----D---- C:\Windows\PolicyDefinitions
2013-12-10 20:38:34 ----D---- C:\Windows\system32\en-US
2013-12-07 18:45:16 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HP
2013-12-06 01:09:56 ----A---- C:\Windows\system32\acovcnt.exe
2013-12-05 21:47:19 ----D---- C:\ProgramData\Adobe
2013-12-04 07:00:01 ----D---- C:\Windows\system32\wfp
2013-12-04 07:00:01 ----D---- C:\ProgramData\P4G
2013-12-04 07:00:00 ----D---- C:\Windows\system32\wbem
2013-12-04 07:00:00 ----D---- C:\Windows\system32\drivers\etc
2013-12-04 07:00:00 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-04 06:59:59 ----D---- C:\Windows\AppCompat
2013-12-04 06:59:51 ----D---- C:\Qoobox
2013-12-04 06:59:49 ----D---- C:\ProgramData\Norton
2013-12-04 06:59:49 ----D---- C:\ProgramData\Electronic Arts
2013-12-04 06:59:32 ----D---- C:\Windows\registration
2013-12-04 06:58:58 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Macromedia
2013-12-04 00:23:31 ----D---- C:\Program Files (x86)\IObit
2013-12-03 23:19:46 ----D---- C:\Program Files (x86)\HP
2013-12-01 19:33:50 ----D---- C:\Windows\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-09-15 652344]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-09-15 28216]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-08 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-10 503352]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS [2013-05-20 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS [2013-05-22 1139800]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-03 1526488]
R1 ccSet_N360;Norton 360 Settings Manager; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [2013-04-15 169048]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131227.001\IDSvia64.sys [2013-12-13 521944]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 253528]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 94296]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [2013-03-04 36952]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2012-08-08 43680]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [2012-07-27 224416]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\N360x64\1404000.028\SYMNETS.SYS [2013-04-24 433752]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-03-02 11576]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-05-23 3948544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-20 270912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131228.006\ENG64.SYS [2013-12-03 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131228.006\EX64.SYS [2013-12-03 2099288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-09-15 872152]
R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-03-05 1528976]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSP64.SYS [2013-05-15 796760]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-07-06 177312]
S1 fpefunqc;fpefunqc; \??\C:\Windows\system32\drivers\fpefunqc.sys []
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-03-02 53816]
S3 AF9035BDA;AF9035 BDA Devices; C:\Windows\System32\Drivers\AF9035BDA.sys [2008-01-30 191488]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 ASUSVRC64;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC64.sys [2008-10-13 23424]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-10-25 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-10-25 27760]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-30 2647528]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter_hs.sys [2011-03-07 18456]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 60504]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 884512]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe []
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-08 1260320]
S2 SecureUpdateSvc;SecureUpdate; C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-12 182768]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
-----------------EOF-----------------
Run by P.e.t.r.y at 2013-12-30 00:18:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 25 GB (16%) free of 153 GB
Total RAM: 4008 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:18:40, on 30.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\trend micro\P.e.t.r.y.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2BC176B-2A69-4D7C-9654-8784090444FC}: NameServer = 212.96.160.7,212.96.161.6
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll ,C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (file missing)
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 10955 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
taskeng.exe {0117898E-6A6A-491D-9CF8-CCD9AC2C9831}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {4D7C3D7B-2C47-4937-9180-F0DB69D7A27D}
"taskhost.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
taskeng.exe {31E1F734-44EB-45C0-999B-02E9F1E46EBE}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll" /prefetch:1
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2632
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\P.e.t.r.y\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Driver Booster Update.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-30 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-30 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL [2012-08-10 387040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
c:\program files (x86)\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe -launchedbylogin []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-04-12 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
c:\program files (x86)\asus\asus webstorage\service\asuswsservice.exe [2010-03-16 1754448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
c:\program files (x86)\atheros\bluetooth suite\athbttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
c:\program files (x86)\atheros\bluetooth suite\btvstack.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe [2010-08-17 5732992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\elantech\etdctrl.exe [2010-06-10 649608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\program files (x86)\hp\hp software update\hpwuschd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
c:\windows\system32\igfxtray.exe [2012-12-14 172144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
c:\programdata\flexnet\connect\11\isuspm.exe [2009-05-06 222496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
c:\program files (x86)\nokia\nokia suite\nokiasuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2012-12-14 441968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POPUPTV]
C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe [2010-03-19 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe [2010-02-03 87336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
c:\program files\realtek\audio\hda\ravbg64.exe [2010-11-30 2186856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-30 11660904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
c:\program files (x86)\asus\sonicmaster\sonicmastertray.exe [2010-07-10 984400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
c:\program files (x86)\sony\sony pc companion\pccompanion.exe [2013-05-29 449248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-17 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 3]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\INSTAL~1\{2B818~1\_94E3C~1.EXE [2011-04-12 12862]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-12-10 243200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2013-12-30 00:11:18 ----D---- C:\_OTM
2013-12-29 14:02:22 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\openvr
2013-12-28 22:41:24 ----A---- C:\Windows\IsUninst.exe
2013-12-28 20:13:54 ----D---- C:\Program Files\Defraggler
2013-12-28 19:50:32 ----D---- C:\rsit
2013-12-28 18:30:09 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HPAppData
2013-12-26 03:03:28 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Zoner
2013-12-26 03:03:23 ----D---- C:\ProgramData\Zoner
2013-12-12 19:07:12 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 13:33:00 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 13:32:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 13:32:56 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 08:27:28 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 08:27:27 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 08:27:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 08:27:21 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 08:26:50 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 08:26:21 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 08:26:21 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 08:23:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 08:23:32 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 08:23:31 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 08:23:30 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 08:23:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 08:23:29 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 08:23:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 08:23:28 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 08:23:27 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 08:23:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 08:23:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 08:23:24 ----A---- C:\Windows\system32\jscript9.dll
2013-12-10 20:52:27 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\TP-LINK
2013-12-10 20:52:09 ----D---- C:\Program Files (x86)\TP-LINK
2013-12-10 20:51:26 ----A---- C:\Windows\system32\rtwlanu.sys
2013-12-10 20:51:26 ----A---- C:\Windows\system32\drivers\RTWlanU.sys
2013-12-10 20:50:14 ----D---- C:\ProgramData\TP-LINK
2013-12-10 20:35:51 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-10 20:31:16 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-10 20:31:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 20:31:08 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-10 20:31:08 ----A---- C:\Windows\system32\elshyph.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-10 20:31:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\wextract.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\webcheck.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\vbscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\url.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\occache.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msrating.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msls31.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\mshta.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\jscript.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\inseng.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\imgutil.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iexpress.exe
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iepeers.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-10 20:31:06 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\icardie.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-10 20:31:06 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-07 18:45:16 ----D---- C:\ProgramData\WEBREG
2013-12-04 00:25:50 ----D---- C:\ProgramData\Skype
======List of files/folders modified in the last 1 month======
2013-12-30 00:18:38 ----D---- C:\Program Files\trend micro
2013-12-30 00:18:15 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-30 00:17:41 ----D---- C:\Windows\temp
2013-12-30 00:17:38 ----D---- C:\Windows\system32\config
2013-12-30 00:17:36 ----D---- C:\Windows\system32\Tasks
2013-12-30 00:13:46 ----SHD---- C:\System Volume Information
2013-12-30 00:12:22 ----D---- C:\Windows
2013-12-30 00:11:24 ----D---- C:\Windows\Tasks
2013-12-30 00:11:23 ----D---- C:\Windows\inf
2013-12-29 22:48:24 ----D---- C:\Program Files (x86)\Steam
2013-12-29 22:40:36 ----D---- C:\Windows\system32\NDF
2013-12-29 20:43:27 ----D---- C:\AdwCleaner
2013-12-29 20:43:12 ----RD---- C:\Program Files (x86)
2013-12-28 22:46:43 ----D---- C:\Program Files (x86)\Common Files
2013-12-28 22:08:45 ----D---- C:\Windows\Logs
2013-12-28 20:13:54 ----RD---- C:\Program Files
2013-12-28 19:29:30 ----D---- C:\Windows\Panther
2013-12-28 19:29:29 ----D---- C:\Windows\debug
2013-12-27 20:34:41 ----D---- C:\Windows\System32
2013-12-27 20:34:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-27 19:26:13 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-12-26 03:11:43 ----SHD---- C:\Windows\Installer
2013-12-26 03:11:42 ----D---- C:\Program Files (x86)\Adobe
2013-12-26 03:11:42 ----D---- C:\Config.Msi
2013-12-26 03:03:23 ----D---- C:\ProgramData
2013-12-23 10:05:33 ----D---- C:\Windows\winsxs
2013-12-23 09:41:42 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Adobe
2013-12-23 09:41:33 ----D---- C:\Windows\SysWOW64
2013-12-23 09:33:18 ----D---- C:\ProgramData\Installations
2013-12-23 09:33:15 ----D---- C:\Program Files (x86)\Nokia
2013-12-23 09:26:50 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Skype
2013-12-19 00:08:48 ----D---- C:\Windows\system32\catroot
2013-12-15 23:41:02 ----D---- C:\Windows\system32\MRT
2013-12-15 23:31:22 ----A---- C:\Windows\system32\MRT.exe
2013-12-12 13:35:56 ----D---- C:\Program Files\Windows Media Player
2013-12-12 13:35:56 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 13:35:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Windows\system32\cs-CZ
2013-12-12 13:35:53 ----D---- C:\Program Files\Internet Explorer
2013-12-12 13:35:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-12 13:35:44 ----D---- C:\Windows\system32\DriverStore
2013-12-12 13:35:41 ----D---- C:\Windows\system32\drivers
2013-12-12 13:34:02 ----D---- C:\Windows\system32\catroot2
2013-12-10 20:52:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-10 20:51:26 ----D---- C:\Temp
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\migration
2013-12-10 20:38:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-10 20:38:35 ----D---- C:\Windows\system32\migration
2013-12-10 20:38:35 ----D---- C:\Windows\PolicyDefinitions
2013-12-10 20:38:34 ----D---- C:\Windows\system32\en-US
2013-12-07 18:45:16 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\HP
2013-12-06 01:09:56 ----A---- C:\Windows\system32\acovcnt.exe
2013-12-05 21:47:19 ----D---- C:\ProgramData\Adobe
2013-12-04 07:00:01 ----D---- C:\Windows\system32\wfp
2013-12-04 07:00:01 ----D---- C:\ProgramData\P4G
2013-12-04 07:00:00 ----D---- C:\Windows\system32\wbem
2013-12-04 07:00:00 ----D---- C:\Windows\system32\drivers\etc
2013-12-04 07:00:00 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-04 06:59:59 ----D---- C:\Windows\AppCompat
2013-12-04 06:59:51 ----D---- C:\Qoobox
2013-12-04 06:59:49 ----D---- C:\ProgramData\Norton
2013-12-04 06:59:49 ----D---- C:\ProgramData\Electronic Arts
2013-12-04 06:59:32 ----D---- C:\Windows\registration
2013-12-04 06:58:58 ----D---- C:\Users\P.e.t.r.y\AppData\Roaming\Macromedia
2013-12-04 00:23:31 ----D---- C:\Program Files (x86)\IObit
2013-12-03 23:19:46 ----D---- C:\Program Files (x86)\HP
2013-12-01 19:33:50 ----D---- C:\Windows\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-09-15 652344]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-09-15 28216]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-08 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-10 503352]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS [2013-05-20 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS [2013-05-22 1139800]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-03 1526488]
R1 ccSet_N360;Norton 360 Settings Manager; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [2013-04-15 169048]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131227.001\IDSvia64.sys [2013-12-13 521944]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 253528]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 94296]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [2013-03-04 36952]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2012-08-08 43680]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [2012-07-27 224416]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\N360x64\1404000.028\SYMNETS.SYS [2013-04-24 433752]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-03-02 11576]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-05-23 3948544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-20 270912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131228.006\ENG64.SYS [2013-12-03 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131228.006\EX64.SYS [2013-12-03 2099288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-09-15 872152]
R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-03-05 1528976]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSP64.SYS [2013-05-15 796760]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-07-06 177312]
S1 fpefunqc;fpefunqc; \??\C:\Windows\system32\drivers\fpefunqc.sys []
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-03-02 53816]
S3 AF9035BDA;AF9035 BDA Devices; C:\Windows\System32\Drivers\AF9035BDA.sys [2008-01-30 191488]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 ASUSVRC64;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC64.sys [2008-10-13 23424]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-10-25 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-10-25 27760]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-30 2647528]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter_hs.sys [2011-03-07 18456]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 60504]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 884512]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe []
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-08 1260320]
S2 SecureUpdateSvc;SecureUpdate; C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-12 182768]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119504
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu + oživení ntb
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu + oživení ntb
Tak procesy i podprocesy je stejné množství, patrné oživení cítit v rychlosti jde ale není to nijak špičkové jak předtím((
-
Rudy
- Site Admin
- Příspěvky: 119504
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu + oživení ntb
Zkuste Startmenu>přík. řádek>(napsat) msconfig>Enter. V otevřeném okně na záložkách "Po spuštění" a "Služby" odstraňte zatržítka u všech položek, které nemusí automaticky startovat. Tj. u takových, které lze v případě potřeby spustit ručně.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu + oživení ntb
To právě netuším které služby si mohu dovolit zakazát a které ne((
-
Rudy
- Site Admin
- Příspěvky: 119504
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu + oživení ntb
V podstatě všechny ne-microsoftí, kromě antiviru a ovladačů.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?