Zavirený notebook

Zpráva

sixdee · #1 Příspěvek od **sixdee** » 09 lis 2014 16:40

Dobry den, doniesla mi kamoška notebook, že ho ma zavireny, tak som ho prešiel esetom, virusy (aplikácie) co som nasiel som odstránil ale stále pri zapnutí prehliadača vyskakuju reklamy, nove okna same od seba.. Ďakujem za pomoc.

RSIT log
Logfile of random's system information tool 1.10 (written by random/random)
Run by 21PP2011 at 2014-11-09 16:36:03
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 279 GB (60%) free of 464 GB
Total RAM: 3997 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:25, on 09.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\21PP2011.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=13 ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=13 ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=13 ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=13 ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://kilaboinglinuxcopertsf.com/radios/sintonia.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: (no name) - {bfc39e47-d643-4dc2-aa1d-61377501c844} - (no file)
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12590 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\HitmanPro\hmpsched.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\HitmanPro\HitmanPro.exe" /scan:boot /quiet /quick
C:\Windows\Explorer.EXE
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{B366DEBE-645B-43A5-B865-DDD82C345492}
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
rundll32.exe C:\Windows\system32\newdev.dll,pDiDeviceInstallNotification \\.\pipe\PNP_Device_Install_Pipe_1.{4251d961-af0a-4c31-b5cd-d0517b86404e} "(null)"
"C:\Windows\System32\dinotify.exe" pnpui.dll,SimplifiedDINotification
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
"C:\Users\21PP2011\Downloads\RSITx64.exe"
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
DrvInst.exe "1" "200" "USB\VID_046D&PID_C52F&MI_00\6&3933321d&0&0000" "" "" "5b0a9d4a3" "0000000000000000" "00000000000006CC" "0000000000000594"
rundll32.exe C:\Windows\system32\newdev.dll,pDiDeviceInstallNotification \\.\pipe\PNP_Device_Install_Pipe_1.{30b75138-5753-4f40-b2a6-afa217107e50} "(null)"
DrvInst.exe "1" "200" "USB\VID_046D&PID_C52F&MI_01\6&3933321d&0&0001" "" "" "572f9b51f" "0000000000000000" "0000000000000708" "00000000000006A4"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000Core.job - C:\Users\21PP2011\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000UA.job - C:\Users\21PP2011\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000Core.job - C:\Users\21PP2011\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000UA.job - C:\Users\21PP2011\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\MessageCheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\
0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com
suncult@sf.net

C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\searchplugins\
onlysearchkms.xml
Sweetpacks Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC}
{bfc39e47-d643-4dc2-aa1d-61377501c844}
{EEE6C35B-6118-11DC-9C72-001320C79847}
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2009-07-20 503864]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-17 1842472]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-02-26 818720]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5595336]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 159232]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 380928]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 358912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\21PP2011\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-04 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\21PP2011\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Users\21PP2011\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-08-12 3746120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2009-09-02 159232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2009-09-02 358912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2009-12-14 206072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22065760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-09-01 468192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TMCC]
C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [2010-07-29 774144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^21PP2011^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Obrazovková spinka a spúšťač programu OneNote 2010.lnk]
C:\PROGRA~2\MICROS~2\Office14\ONENOTEM.EXE [2013-06-25 228552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 259584]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-09 16:36:04 ----D---- C:\Program Files\trend micro
2014-11-09 16:36:03 ----D---- C:\rsit
2014-11-09 16:29:40 ----A---- C:\Windows\system32\drivers\hitmanpro37.sys
2014-11-08 15:52:09 ----A---- C:\TDSSKiller.3.0.0.41_08.11.2014_15.52.09_log.txt
2014-11-08 12:10:56 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-08 12:10:55 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-11-08 12:10:40 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-08 12:10:39 ----A---- C:\Windows\system32\mstscax.dll
2014-11-08 11:46:23 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\wksprtPS.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\wksprt.exe
2014-11-08 11:46:20 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-11-08 11:46:20 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-08 11:46:20 ----A---- C:\Windows\system32\tsgqec.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-11-08 11:46:19 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-11-08 11:46:19 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-11-08 11:46:19 ----A---- C:\Windows\system32\mstsc.exe
2014-11-08 11:45:45 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-11-08 11:45:43 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2014-11-08 11:45:43 ----A---- C:\Windows\system32\rdpudd.dll
2014-11-08 11:45:43 ----A---- C:\Windows\system32\rdpendp_winip.dll
2014-11-08 11:33:52 ----D---- C:\Windows\system32\MRT
2014-11-08 11:33:45 ----A---- C:\Windows\system32\MRT.exe
2014-11-08 11:26:47 ----D---- C:\Windows\pss
2014-11-08 11:21:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-07 20:01:09 ----D---- C:\Users\21PP2011\AppData\Roaming\ESET
2014-11-07 19:59:53 ----D---- C:\Program Files\CCleaner
2014-11-07 19:57:24 ----D---- C:\ProgramData\ESET
2014-11-07 19:57:24 ----D---- C:\Program Files\ESET
2014-11-07 18:56:14 ----D---- C:\Program Files\HitmanPro
2014-11-07 18:56:01 ----D---- C:\ProgramData\HitmanPro
2014-11-07 18:53:52 ----D---- C:\ProgramData\APN
2014-11-07 18:52:59 ----D---- C:\Users\21PP2011\AppData\Roaming\uTorrent
2014-11-07 18:50:07 ----SD---- C:\Windows\SYSWOW64\Microsoft
2014-11-07 14:52:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-23 18:57:24 ----D---- C:\Users\21PP2011\AppData\Roaming\GoforFiles
2014-10-23 18:32:46 ----D---- C:\ProgramData\DSearchLink
2014-10-23 18:28:05 ----D---- C:\Program Files (x86)\globalUpdate
2014-10-23 18:28:04 ----D---- C:\Program Files (x86)\CinePlus-1.2V23.10
2014-10-23 18:26:42 ----D---- C:\Users\21PP2011\AppData\Roaming\Dorrible
2014-10-20 16:22:02 ----D---- C:\Program Files (x86)\Windows Phone
2014-10-20 16:11:34 ----D---- C:\ProgramData\Applications
2014-10-17 12:55:10 ----A---- C:\Windows\system32\win32k.sys
2014-10-17 12:55:04 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-17 12:55:04 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-17 12:55:04 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-17 12:55:04 ----A---- C:\Windows\system32\mscories.dll
2014-10-17 12:55:04 ----A---- C:\Windows\system32\mscorier.dll
2014-10-17 12:55:04 ----A---- C:\Windows\system32\dfshim.dll
2014-10-17 12:54:48 ----A---- C:\Windows\system32\generaltel.dll
2014-10-17 12:54:48 ----A---- C:\Windows\system32\aepdu.dll
2014-10-17 12:54:43 ----A---- C:\Windows\system32\aeinv.dll
2014-10-17 12:54:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-17 12:54:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-17 12:54:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-17 12:54:33 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\iernonce.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-17 12:54:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-17 12:54:30 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-17 12:54:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-17 12:54:29 ----A---- C:\Windows\system32\urlmon.dll
2014-10-17 12:54:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-17 12:54:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-17 12:54:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 12:54:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-17 12:54:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-17 12:54:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-17 12:54:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-17 12:54:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-17 12:54:26 ----A---- C:\Windows\system32\iesetup.dll
2014-10-17 12:54:25 ----A---- C:\Windows\system32\iertutil.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-17 12:54:23 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-17 12:54:22 ----A---- C:\Windows\system32\ieui.dll
2014-10-17 12:54:22 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-17 12:54:21 ----A---- C:\Windows\system32\ieframe.dll
2014-10-17 12:54:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-17 12:54:20 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-17 12:54:19 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-17 12:54:19 ----A---- C:\Windows\system32\jscript9.dll
2014-10-17 12:54:19 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-17 12:54:18 ----A---- C:\Windows\system32\vbscript.dll
2014-10-17 12:54:18 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-17 12:54:17 ----A---- C:\Windows\system32\wininet.dll
2014-10-17 12:54:17 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-17 12:54:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 12:54:16 ----A---- C:\Windows\system32\msrating.dll
2014-10-17 12:54:15 ----A---- C:\Windows\system32\mshtml.dll
2014-10-17 12:51:35 ----A---- C:\Windows\system32\msi.dll
2014-10-17 12:51:33 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-17 12:51:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-17 12:51:28 ----A---- C:\Windows\system32\rastls.dll
2014-10-17 12:51:19 ----A---- C:\Windows\system32\winsta.dll
2014-10-17 12:51:19 ----A---- C:\Windows\system32\termsrv.dll
2014-10-17 12:51:18 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-17 12:51:18 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-17 12:51:18 ----A---- C:\Windows\system32\winlogon.exe
2014-10-17 12:51:18 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-17 12:51:18 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-17 12:51:18 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-17 12:51:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-17 12:51:17 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-17 12:51:17 ----A---- C:\Windows\system32\credssp.dll
2014-10-17 12:50:46 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-17 12:50:46 ----A---- C:\Windows\system32\packager.dll
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfwwfp.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfw.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\edevmon.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\eamonm.sys

======List of files/folders modified in the last 1 month======

2014-11-09 16:36:11 ----D---- C:\Windows\Temp
2014-11-09 16:36:04 ----D---- C:\Program Files
2014-11-09 16:35:09 ----D---- C:\Windows\system32\DriverStore
2014-11-09 16:29:40 ----D---- C:\Windows\system32\drivers
2014-11-09 16:27:52 ----D---- C:\Windows\inf
2014-11-09 16:27:11 ----D---- C:\Windows\System32
2014-11-09 16:27:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-09 16:21:45 ----D---- C:\Windows\system32\config
2014-11-08 15:57:12 ----D---- C:\Windows\winsxs
2014-11-08 15:57:09 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-11-08 15:57:09 ----D---- C:\Windows\system32\sk-SK
2014-11-08 15:56:59 ----SHD---- C:\System Volume Information
2014-11-08 14:44:00 ----D---- C:\Windows\SysWOW64
2014-11-08 14:43:44 ----D---- C:\Windows\system32\catroot2
2014-11-08 12:10:43 ----D---- C:\Windows\system32\catroot
2014-11-08 11:58:12 ----D---- C:\Windows
2014-11-08 11:53:56 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-08 11:53:56 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-08 11:53:56 ----D---- C:\Windows\system32\en-US
2014-11-08 11:53:56 ----D---- C:\Windows\system32\drivers\en-US
2014-11-08 11:53:56 ----D---- C:\Windows\PolicyDefinitions
2014-11-08 11:53:55 ----D---- C:\Windows\system32\wbem
2014-11-08 11:33:52 ----D---- C:\Windows\debug
2014-11-08 11:31:31 ----D---- C:\Users\21PP2011\AppData\Roaming\Skype
2014-11-08 11:21:27 ----RD---- C:\Program Files (x86)
2014-11-08 11:13:19 ----A---- C:\Windows\wininit.ini
2014-11-08 11:12:18 ----D---- C:\Windows\SYSWOW64\ARFC
2014-11-08 10:58:00 ----SD---- C:\ProgramData\Microsoft
2014-11-08 01:36:24 ----SHD---- C:\Windows\Installer
2014-11-08 01:34:00 ----SHD---- C:\Config.Msi
2014-11-08 01:23:05 ----D---- C:\Windows\Panther
2014-11-08 01:23:05 ----D---- C:\Windows\ModemLogs
2014-11-08 01:23:04 ----D---- C:\Windows\Minidump
2014-11-08 01:23:04 ----D---- C:\Windows\Logs
2014-11-07 20:00:01 ----D---- C:\Windows\system32\Tasks
2014-11-07 19:57:24 ----HD---- C:\ProgramData
2014-11-07 19:19:15 ----D---- C:\ProgramData\AVAST Software
2014-11-07 19:18:12 ----D---- C:\Windows\SYSWOW64\jmdp
2014-11-06 15:12:33 ----D---- C:\Windows\rescache
2014-11-06 14:39:52 ----D---- C:\OLYMP
2014-11-06 14:39:32 ----D---- C:\Windows\SYSWOW64\mjcm
2014-11-06 14:39:30 ----A---- C:\Windows\ODBC.INI
2014-11-04 19:51:46 ----D---- C:\Program Files (x86)\Opera
2014-11-04 19:50:41 ----D---- C:\Users\21PP2011\AppData\Roaming\Opera
2014-11-02 11:24:55 ----D---- C:\Program Files\Google
2014-11-02 11:24:55 ----D---- C:\Program Files (x86)\Google
2014-10-30 10:43:08 ----D---- C:\ProgramData\Google
2014-10-30 10:40:35 ----D---- C:\Windows\Tasks
2014-10-29 19:50:17 ----D---- C:\Windows\system32\tprb
2014-10-29 19:49:32 ----D---- C:\Windows\SYSWOW64\WNLT
2014-10-28 20:31:14 ----D---- C:\Users\21PP2011\AppData\Roaming\SupTab
2014-10-28 20:31:14 ----D---- C:\Program Files (x86)\1ClickDownload
2014-10-28 20:31:13 ----D---- C:\ProgramData\WLSetup
2014-10-28 20:31:13 ----D---- C:\ProgramData\IePluginService
2014-10-28 10:09:48 ----A---- C:\Windows\system32\ImHttpComm.dll
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 17:02:04 ----A---- C:\Windows\system32\msvcr100.dll
2014-10-27 17:02:04 ----A---- C:\Windows\system32\msvcp100.dll
2014-10-24 21:27:08 ----D---- C:\Program Files (x86)\Realtek
2014-10-24 21:26:26 ----D---- C:\Users\21PP2011\AppData\Roaming\qone8
2014-10-24 20:44:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-10-24 20:44:58 ----RD---- C:\Program Files (x86)\Skype
2014-10-24 20:44:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-24 20:44:58 ----D---- C:\Program Files (x86)\Common Files
2014-10-24 20:44:55 ----D---- C:\Program Files\Internet Explorer
2014-10-24 20:44:54 ----D---- C:\ProgramData\Symantec
2014-10-24 20:44:54 ----D---- C:\ProgramData\Skype
2014-10-24 20:44:11 ----SD---- C:\Windows\system32\CompatTel
2014-10-24 20:44:11 ----D---- C:\Windows\system32\drivers\UMDF
2014-10-24 20:44:11 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-24 20:43:39 ----D---- C:\Windows\registration
2014-10-20 16:48:20 ----D---- C:\Windows\Microsoft.NET
2014-10-18 19:59:55 ----RSD---- C:\Windows\assembly
2014-10-17 20:33:59 ----D---- C:\ProgramData\Microsoft Help
2014-10-11 08:56:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-10-10 63160]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1593384]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-08-11 686080]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2014-11-09 32512]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-02 7369728]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-17 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2011-09-18 246224]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-27 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-27 27760]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-09-18 117504]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2011-09-18 114304]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;Sony so0101 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-10-01 1349576]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-09-10 101888]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2014-11-07 127752]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-23 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-27 250568]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-23 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-24 114288]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 09 lis 2014 17:26

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

sixdee · #3 Příspěvek od **sixdee** » 09 lis 2014 17:39

# AdwCleaner v4.100 - Report created 09/11/2014 at 17:32:54
# DB v2014-11-07.1
# Updated 08/11/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : 21PP2011 - 21PP2011-PC
# Running from : C:\Users\21PP2011\Desktop\adwcleaner_4.100.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\ProgramData\IePluginService
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\21PP2011\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\21PP2011\AppData\Local\globalUpdate
Folder Deleted : C:\Users\21PP2011\AppData\Local\onlysearch
Folder Deleted : C:\Users\21PP2011\AppData\Local\webplayer
Folder Deleted : C:\Users\21PP2011\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\21PP2011\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\21PP2011\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\21PP2011\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\21PP2011\AppData\Roaming\Babylon
Folder Deleted : C:\Users\21PP2011\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\21PP2011\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\21PP2011\AppData\Roaming\qone8
Folder Deleted : C:\Users\21PP2011\AppData\Roaming\SupTab
Folder Deleted : C:\Users\21PP2011\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\21PP2011\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
Folder Deleted : C:\Users\21PP2011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\21PP2011\Documents\Optimizer Pro
Folder Deleted : C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\ffxtlbr@babylon.com
[!] Folder Deleted : C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\OneClickDownloader@OneClickDownloader.com.xpi
Folder Deleted : C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Folder Deleted : C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Deleted : C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\21PP2011\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\21PP2011\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\21PP2011\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\searchplugins\Sweetpacks Search.xml
File Deleted : C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : YourFile Update

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KROS\ALFA\Odinštalovanie programu ALFA.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171162}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172262}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611171162}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\5C3DE8872251453EAEAD0C673704125B
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{39C576CF-6B46-4BE7-BA83-C5341B027328}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\qone8Software
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.0
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v32.0.3 (x86 sk)

[965imzmc.default\prefs.js] - Line Deleted : user_pref("extensions.a0b105cbff1eb40b89bca7dae371d7ead239035fb4613ab38efcom61762.61762.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22a[...]
[965imzmc.default\prefs.js] - Line Deleted : user_pref("extensions.a0b105cbff1eb40b89bca7dae371d7ead239035fb4613ab38efcom61762.61762.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D[...]
[965imzmc.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "1497c222e4fc7c3045ab2cf0403a6af6");

-\\ Google Chrome v

[C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={191AC2DB-BC7E-11E1-88BC-60EB692E652B}
[C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23
[C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.only-search.com/?q={searchTerms}&ba ... w&tsp=5410

*************************

AdwCleaner[R0].txt - [39952 octets] - [09/11/2014 17:30:17]
AdwCleaner[S0].txt - [37488 octets] - [09/11/2014 17:32:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [37549 octets] ##########

#4 Příspěvek od **Rudy** » 09 lis 2014 18:55

Dejte nový log RSIT.

sixdee · #5 Příspěvek od **sixdee** » 09 lis 2014 20:00

Logfile of random's system information tool 1.10 (written by random/random)
Run by 21PP2011 at 2014-11-09 19:59:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 278 GB (60%) free of 464 GB
Total RAM: 3997 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:59:05, on 09.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\21PP2011.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://kilaboinglinuxcopertsf.com/radios/sintonia.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {bfc39e47-d643-4dc2-aa1d-61377501c844} - (no file)
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11211 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\HitmanPro\hmpsched.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"taskhost.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
taskeng.exe {E09AB0A9-E426-40BB-A988-4B96A4ABF681}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Users\21PP2011\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000Core.job - C:\Users\21PP2011\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000UA.job - C:\Users\21PP2011\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000Core.job - C:\Users\21PP2011\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000UA.job - C:\Users\21PP2011\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\MessageCheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\
0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com
suncult@sf.net

C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\searchplugins\
onlysearchkms.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{bfc39e47-d643-4dc2-aa1d-61377501c844}
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2009-07-20 503864]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-17 1842472]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-02-26 818720]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5595336]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 159232]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 380928]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 358912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\21PP2011\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-04 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\21PP2011\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Users\21PP2011\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-08-12 3746120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2009-09-02 159232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2009-09-02 358912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2009-12-14 206072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22065760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-09-01 468192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TMCC]
C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [2010-07-29 774144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^21PP2011^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Obrazovková spinka a spúšťač programu OneNote 2010.lnk]
C:\PROGRA~2\MICROS~2\Office14\ONENOTEM.EXE [2013-06-25 228552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 259584]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-09 17:30:14 ----D---- C:\AdwCleaner
2014-11-09 16:36:04 ----D---- C:\Program Files\trend micro
2014-11-09 16:36:03 ----D---- C:\rsit
2014-11-08 15:52:09 ----A---- C:\TDSSKiller.3.0.0.41_08.11.2014_15.52.09_log.txt
2014-11-08 12:10:56 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-08 12:10:55 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-11-08 12:10:40 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-08 12:10:39 ----A---- C:\Windows\system32\mstscax.dll
2014-11-08 11:46:23 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\wksprtPS.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\wksprt.exe
2014-11-08 11:46:20 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-11-08 11:46:20 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-08 11:46:20 ----A---- C:\Windows\system32\tsgqec.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-11-08 11:46:19 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-11-08 11:46:19 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-11-08 11:46:19 ----A---- C:\Windows\system32\mstsc.exe
2014-11-08 11:45:45 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-11-08 11:45:43 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2014-11-08 11:45:43 ----A---- C:\Windows\system32\rdpudd.dll
2014-11-08 11:45:43 ----A---- C:\Windows\system32\rdpendp_winip.dll
2014-11-08 11:33:52 ----D---- C:\Windows\system32\MRT
2014-11-08 11:33:45 ----A---- C:\Windows\system32\MRT.exe
2014-11-08 11:26:47 ----D---- C:\Windows\pss
2014-11-08 11:21:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-07 20:01:09 ----D---- C:\Users\21PP2011\AppData\Roaming\ESET
2014-11-07 19:59:53 ----D---- C:\Program Files\CCleaner
2014-11-07 19:57:24 ----D---- C:\ProgramData\ESET
2014-11-07 19:57:24 ----D---- C:\Program Files\ESET
2014-11-07 18:56:14 ----D---- C:\Program Files\HitmanPro
2014-11-07 18:56:01 ----D---- C:\ProgramData\HitmanPro
2014-11-07 18:52:59 ----D---- C:\Users\21PP2011\AppData\Roaming\uTorrent
2014-11-07 18:50:07 ----SD---- C:\Windows\SYSWOW64\Microsoft
2014-11-07 14:52:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-23 18:28:04 ----D---- C:\Program Files (x86)\CinePlus-1.2V23.10
2014-10-23 18:26:42 ----D---- C:\Users\21PP2011\AppData\Roaming\Dorrible
2014-10-20 16:22:02 ----D---- C:\Program Files (x86)\Windows Phone
2014-10-20 16:11:34 ----D---- C:\ProgramData\Applications
2014-10-17 12:55:10 ----A---- C:\Windows\system32\win32k.sys
2014-10-17 12:55:04 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-17 12:55:04 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-17 12:55:04 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-17 12:55:04 ----A---- C:\Windows\system32\mscories.dll
2014-10-17 12:55:04 ----A---- C:\Windows\system32\mscorier.dll
2014-10-17 12:55:04 ----A---- C:\Windows\system32\dfshim.dll
2014-10-17 12:54:48 ----A---- C:\Windows\system32\generaltel.dll
2014-10-17 12:54:48 ----A---- C:\Windows\system32\aepdu.dll
2014-10-17 12:54:43 ----A---- C:\Windows\system32\aeinv.dll
2014-10-17 12:54:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-17 12:54:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-17 12:54:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-17 12:54:33 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\iernonce.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-17 12:54:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-17 12:54:30 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-17 12:54:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-17 12:54:29 ----A---- C:\Windows\system32\urlmon.dll
2014-10-17 12:54:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-17 12:54:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-17 12:54:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 12:54:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-17 12:54:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-17 12:54:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-17 12:54:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-17 12:54:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-17 12:54:26 ----A---- C:\Windows\system32\iesetup.dll
2014-10-17 12:54:25 ----A---- C:\Windows\system32\iertutil.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-17 12:54:23 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-17 12:54:22 ----A---- C:\Windows\system32\ieui.dll
2014-10-17 12:54:22 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-17 12:54:21 ----A---- C:\Windows\system32\ieframe.dll
2014-10-17 12:54:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-17 12:54:20 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-17 12:54:19 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-17 12:54:19 ----A---- C:\Windows\system32\jscript9.dll
2014-10-17 12:54:19 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-17 12:54:18 ----A---- C:\Windows\system32\vbscript.dll
2014-10-17 12:54:18 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-17 12:54:17 ----A---- C:\Windows\system32\wininet.dll
2014-10-17 12:54:17 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-17 12:54:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 12:54:16 ----A---- C:\Windows\system32\msrating.dll
2014-10-17 12:54:15 ----A---- C:\Windows\system32\mshtml.dll
2014-10-17 12:51:35 ----A---- C:\Windows\system32\msi.dll
2014-10-17 12:51:33 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-17 12:51:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-17 12:51:28 ----A---- C:\Windows\system32\rastls.dll
2014-10-17 12:51:19 ----A---- C:\Windows\system32\winsta.dll
2014-10-17 12:51:19 ----A---- C:\Windows\system32\termsrv.dll
2014-10-17 12:51:18 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-17 12:51:18 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-17 12:51:18 ----A---- C:\Windows\system32\winlogon.exe
2014-10-17 12:51:18 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-17 12:51:18 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-17 12:51:18 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-17 12:51:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-17 12:51:17 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-17 12:51:17 ----A---- C:\Windows\system32\credssp.dll
2014-10-17 12:50:46 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-17 12:50:46 ----A---- C:\Windows\system32\packager.dll
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfwwfp.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfw.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\edevmon.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\eamonm.sys

======List of files/folders modified in the last 1 month======

2014-11-09 19:59:03 ----D---- C:\Windows\Temp
2014-11-09 19:36:38 ----D---- C:\Windows\system32\DriverStore
2014-11-09 18:54:27 ----D---- C:\Windows\system32\config
2014-11-09 17:50:25 ----D---- C:\Windows\system32\drivers
2014-11-09 17:33:01 ----D---- C:\Windows\Tasks
2014-11-09 17:33:01 ----D---- C:\Windows\system32\Tasks
2014-11-09 17:33:00 ----D---- C:\Windows\System32
2014-11-09 17:32:57 ----D---- C:\Windows\SysWOW64
2014-11-09 17:32:56 ----SHD---- C:\Windows\Installer
2014-11-09 17:32:56 ----RD---- C:\Program Files (x86)
2014-11-09 17:32:56 ----HD---- C:\ProgramData
2014-11-09 16:36:04 ----D---- C:\Program Files
2014-11-09 16:27:52 ----D---- C:\Windows\inf
2014-11-09 16:27:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-08 15:57:12 ----D---- C:\Windows\winsxs
2014-11-08 15:57:09 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-11-08 15:57:09 ----D---- C:\Windows\system32\sk-SK
2014-11-08 15:56:59 ----SHD---- C:\System Volume Information
2014-11-08 14:43:44 ----D---- C:\Windows\system32\catroot2
2014-11-08 12:10:43 ----D---- C:\Windows\system32\catroot
2014-11-08 11:58:12 ----D---- C:\Windows
2014-11-08 11:53:56 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-08 11:53:56 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-08 11:53:56 ----D---- C:\Windows\system32\en-US
2014-11-08 11:53:56 ----D---- C:\Windows\system32\drivers\en-US
2014-11-08 11:53:56 ----D---- C:\Windows\PolicyDefinitions
2014-11-08 11:53:55 ----D---- C:\Windows\system32\wbem
2014-11-08 11:33:52 ----D---- C:\Windows\debug
2014-11-08 11:31:31 ----D---- C:\Users\21PP2011\AppData\Roaming\Skype
2014-11-08 11:13:19 ----A---- C:\Windows\wininit.ini
2014-11-08 10:58:00 ----SD---- C:\ProgramData\Microsoft
2014-11-08 01:34:00 ----SHD---- C:\Config.Msi
2014-11-08 01:23:05 ----D---- C:\Windows\Panther
2014-11-08 01:23:05 ----D---- C:\Windows\ModemLogs
2014-11-08 01:23:04 ----D---- C:\Windows\Minidump
2014-11-08 01:23:04 ----D---- C:\Windows\Logs
2014-11-07 19:19:15 ----D---- C:\ProgramData\AVAST Software
2014-11-06 15:12:33 ----D---- C:\Windows\rescache
2014-11-06 14:39:52 ----D---- C:\OLYMP
2014-11-06 14:39:32 ----D---- C:\Windows\SYSWOW64\mjcm
2014-11-06 14:39:30 ----A---- C:\Windows\ODBC.INI
2014-11-04 19:51:46 ----D---- C:\Program Files (x86)\Opera
2014-11-04 19:50:41 ----D---- C:\Users\21PP2011\AppData\Roaming\Opera
2014-11-02 11:24:55 ----D---- C:\Program Files\Google
2014-11-02 11:24:55 ----D---- C:\Program Files (x86)\Google
2014-10-30 10:43:08 ----D---- C:\ProgramData\Google
2014-10-29 19:50:17 ----D---- C:\Windows\system32\tprb
2014-10-28 20:31:13 ----D---- C:\ProgramData\WLSetup
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 17:02:04 ----A---- C:\Windows\system32\msvcr100.dll
2014-10-27 17:02:04 ----A---- C:\Windows\system32\msvcp100.dll
2014-10-24 21:27:08 ----D---- C:\Program Files (x86)\Realtek
2014-10-24 20:44:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-10-24 20:44:58 ----RD---- C:\Program Files (x86)\Skype
2014-10-24 20:44:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-24 20:44:58 ----D---- C:\Program Files (x86)\Common Files
2014-10-24 20:44:55 ----D---- C:\Program Files\Internet Explorer
2014-10-24 20:44:54 ----D---- C:\ProgramData\Symantec
2014-10-24 20:44:54 ----D---- C:\ProgramData\Skype
2014-10-24 20:44:11 ----SD---- C:\Windows\system32\CompatTel
2014-10-24 20:44:11 ----D---- C:\Windows\system32\drivers\UMDF
2014-10-24 20:44:11 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-24 20:43:39 ----D---- C:\Windows\registration
2014-10-20 16:48:20 ----D---- C:\Windows\Microsoft.NET
2014-10-18 19:59:55 ----RSD---- C:\Windows\assembly
2014-10-17 20:33:59 ----D---- C:\ProgramData\Microsoft Help
2014-10-11 08:56:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-10-10 63160]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1593384]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-08-11 686080]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-02 7369728]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-17 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2011-09-18 246224]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-27 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-27 27760]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-09-18 117504]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2011-09-18 114304]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;Sony so0101 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-10-01 1349576]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-09-10 101888]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2014-11-07 127752]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-27 250568]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-09 114288]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 09 lis 2014 20:19

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Microsoft\BingBar
C:\Program Files (x86)\Skype\Toolbars
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-887980343-3317208105-2278496108-1000UA.job
C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\searchplugins\onlysearchkms.xml

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]

:services
c2cautoupdatesvc
c2cpnrsvc
BBUpdate
BBSvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

sixdee · #7 Příspěvek od **sixdee** » 09 lis 2014 21:17

Logfile of random's system information tool 1.10 (written by random/random)
Run by 21PP2011 at 2014-11-09 21:10:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 278 GB (60%) free of 464 GB
Total RAM: 3997 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:49, on 09.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\21PP2011.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://kilaboinglinuxcopertsf.com/radios/sintonia.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10607 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\HitmanPro\hmpsched.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
taskeng.exe {DC0D0650-B492-44A9-AECB-BD6C442333B3}
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\21PP2011\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\MessageCheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\
0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com
suncult@sf.net

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2009-07-20 503864]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-17 1842472]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-02-26 818720]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5595336]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 159232]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 380928]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 358912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\21PP2011\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-04 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\21PP2011\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Users\21PP2011\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-08-12 3746120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2009-09-02 159232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2009-09-02 358912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2009-12-14 206072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22065760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-09-01 468192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TMCC]
C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [2010-07-29 774144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^21PP2011^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Obrazovková spinka a spúšťač programu OneNote 2010.lnk]
C:\PROGRA~2\MICROS~2\Office14\ONENOTEM.EXE [2013-06-25 228552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 259584]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-09 21:10:46 ----D---- C:\rsit
2014-11-09 20:48:23 ----D---- C:\_OTM
2014-11-09 17:30:14 ----D---- C:\AdwCleaner
2014-11-09 16:36:04 ----D---- C:\Program Files\trend micro
2014-11-08 12:10:56 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-08 12:10:55 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-11-08 12:10:40 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-08 12:10:39 ----A---- C:\Windows\system32\mstscax.dll
2014-11-08 11:46:23 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-08 11:46:20 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\wksprtPS.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\wksprt.exe
2014-11-08 11:46:20 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-11-08 11:46:20 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-08 11:46:20 ----A---- C:\Windows\system32\tsgqec.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-11-08 11:46:20 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-11-08 11:46:19 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-11-08 11:46:19 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-11-08 11:46:19 ----A---- C:\Windows\system32\mstsc.exe
2014-11-08 11:45:45 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-11-08 11:45:43 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2014-11-08 11:45:43 ----A---- C:\Windows\system32\rdpudd.dll
2014-11-08 11:45:43 ----A---- C:\Windows\system32\rdpendp_winip.dll
2014-11-08 11:33:52 ----D---- C:\Windows\system32\MRT
2014-11-08 11:33:45 ----A---- C:\Windows\system32\MRT.exe
2014-11-08 11:26:47 ----D---- C:\Windows\pss
2014-11-08 11:21:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-07 20:01:09 ----D---- C:\Users\21PP2011\AppData\Roaming\ESET
2014-11-07 19:59:53 ----D---- C:\Program Files\CCleaner
2014-11-07 19:57:24 ----D---- C:\ProgramData\ESET
2014-11-07 19:57:24 ----D---- C:\Program Files\ESET
2014-11-07 18:56:14 ----D---- C:\Program Files\HitmanPro
2014-11-07 18:56:01 ----D---- C:\ProgramData\HitmanPro
2014-11-07 18:52:59 ----D---- C:\Users\21PP2011\AppData\Roaming\uTorrent
2014-11-07 18:50:07 ----SD---- C:\Windows\SYSWOW64\Microsoft
2014-11-07 14:52:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-23 18:28:04 ----D---- C:\Program Files (x86)\CinePlus-1.2V23.10
2014-10-23 18:26:42 ----D---- C:\Users\21PP2011\AppData\Roaming\Dorrible
2014-10-20 16:22:02 ----D---- C:\Program Files (x86)\Windows Phone
2014-10-20 16:11:34 ----D---- C:\ProgramData\Applications
2014-10-17 12:55:10 ----A---- C:\Windows\system32\win32k.sys
2014-10-17 12:55:04 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-17 12:55:04 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-17 12:55:04 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-17 12:55:04 ----A---- C:\Windows\system32\mscories.dll
2014-10-17 12:55:04 ----A---- C:\Windows\system32\mscorier.dll
2014-10-17 12:55:04 ----A---- C:\Windows\system32\dfshim.dll
2014-10-17 12:54:48 ----A---- C:\Windows\system32\generaltel.dll
2014-10-17 12:54:48 ----A---- C:\Windows\system32\aepdu.dll
2014-10-17 12:54:43 ----A---- C:\Windows\system32\aeinv.dll
2014-10-17 12:54:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-17 12:54:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-17 12:54:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-17 12:54:33 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-17 12:54:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\iernonce.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-17 12:54:32 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-17 12:54:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-17 12:54:30 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-17 12:54:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-17 12:54:29 ----A---- C:\Windows\system32\urlmon.dll
2014-10-17 12:54:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-17 12:54:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-17 12:54:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 12:54:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-17 12:54:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-17 12:54:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-17 12:54:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-17 12:54:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-17 12:54:26 ----A---- C:\Windows\system32\iesetup.dll
2014-10-17 12:54:25 ----A---- C:\Windows\system32\iertutil.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-17 12:54:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-17 12:54:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-17 12:54:23 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-17 12:54:22 ----A---- C:\Windows\system32\ieui.dll
2014-10-17 12:54:22 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-17 12:54:21 ----A---- C:\Windows\system32\ieframe.dll
2014-10-17 12:54:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-17 12:54:20 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-17 12:54:19 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-17 12:54:19 ----A---- C:\Windows\system32\jscript9.dll
2014-10-17 12:54:19 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-17 12:54:18 ----A---- C:\Windows\system32\vbscript.dll
2014-10-17 12:54:18 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-17 12:54:17 ----A---- C:\Windows\system32\wininet.dll
2014-10-17 12:54:17 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-17 12:54:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 12:54:16 ----A---- C:\Windows\system32\msrating.dll
2014-10-17 12:54:15 ----A---- C:\Windows\system32\mshtml.dll
2014-10-17 12:51:35 ----A---- C:\Windows\system32\msi.dll
2014-10-17 12:51:33 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-17 12:51:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-17 12:51:28 ----A---- C:\Windows\system32\rastls.dll
2014-10-17 12:51:19 ----A---- C:\Windows\system32\winsta.dll
2014-10-17 12:51:19 ----A---- C:\Windows\system32\termsrv.dll
2014-10-17 12:51:18 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-17 12:51:18 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-17 12:51:18 ----A---- C:\Windows\system32\winlogon.exe
2014-10-17 12:51:18 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-17 12:51:18 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-17 12:51:18 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-17 12:51:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-17 12:51:17 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-17 12:51:17 ----A---- C:\Windows\system32\credssp.dll
2014-10-17 12:50:46 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-17 12:50:46 ----A---- C:\Windows\system32\packager.dll
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfwwfp.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfw.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\edevmon.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\eamonm.sys

======List of files/folders modified in the last 1 month======

2014-11-09 21:10:48 ----D---- C:\Windows\Temp
2014-11-09 21:01:48 ----D---- C:\Windows\system32\DriverStore
2014-11-09 21:00:32 ----D---- C:\Windows\system32\config
2014-11-09 20:56:07 ----D---- C:\Windows\SysWOW64
2014-11-09 20:49:16 ----D---- C:\Windows\system32\drivers
2014-11-09 20:48:28 ----RD---- C:\Program Files (x86)\Skype
2014-11-09 20:48:28 ----D---- C:\Windows\Tasks
2014-11-09 20:26:27 ----D---- C:\Program Files (x86)\Microsoft
2014-11-09 17:33:01 ----D---- C:\Windows\system32\Tasks
2014-11-09 17:33:00 ----D---- C:\Windows\System32
2014-11-09 17:32:56 ----SHD---- C:\Windows\Installer
2014-11-09 17:32:56 ----RD---- C:\Program Files (x86)
2014-11-09 17:32:56 ----HD---- C:\ProgramData
2014-11-09 16:36:04 ----D---- C:\Program Files
2014-11-09 16:27:52 ----D---- C:\Windows\inf
2014-11-09 16:27:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-08 15:57:12 ----D---- C:\Windows\winsxs
2014-11-08 15:57:09 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-11-08 15:57:09 ----D---- C:\Windows\system32\sk-SK
2014-11-08 15:56:59 ----SHD---- C:\System Volume Information
2014-11-08 14:43:44 ----D---- C:\Windows\system32\catroot2
2014-11-08 12:10:43 ----D---- C:\Windows\system32\catroot
2014-11-08 11:58:12 ----D---- C:\Windows
2014-11-08 11:53:56 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-08 11:53:56 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-08 11:53:56 ----D---- C:\Windows\system32\en-US
2014-11-08 11:53:56 ----D---- C:\Windows\system32\drivers\en-US
2014-11-08 11:53:56 ----D---- C:\Windows\PolicyDefinitions
2014-11-08 11:53:55 ----D---- C:\Windows\system32\wbem
2014-11-08 11:33:52 ----D---- C:\Windows\debug
2014-11-08 11:31:31 ----D---- C:\Users\21PP2011\AppData\Roaming\Skype
2014-11-08 11:13:19 ----A---- C:\Windows\wininit.ini
2014-11-08 10:58:00 ----SD---- C:\ProgramData\Microsoft
2014-11-08 01:34:00 ----SHD---- C:\Config.Msi
2014-11-08 01:23:05 ----D---- C:\Windows\Panther
2014-11-08 01:23:05 ----D---- C:\Windows\ModemLogs
2014-11-08 01:23:04 ----D---- C:\Windows\Minidump
2014-11-08 01:23:04 ----D---- C:\Windows\Logs
2014-11-07 19:19:15 ----D---- C:\ProgramData\AVAST Software
2014-11-06 15:12:33 ----D---- C:\Windows\rescache
2014-11-06 14:39:52 ----D---- C:\OLYMP
2014-11-06 14:39:32 ----D---- C:\Windows\SYSWOW64\mjcm
2014-11-06 14:39:30 ----A---- C:\Windows\ODBC.INI
2014-11-04 19:51:46 ----D---- C:\Program Files (x86)\Opera
2014-11-04 19:50:41 ----D---- C:\Users\21PP2011\AppData\Roaming\Opera
2014-11-02 11:24:55 ----D---- C:\Program Files\Google
2014-11-02 11:24:55 ----D---- C:\Program Files (x86)\Google
2014-10-30 10:43:08 ----D---- C:\ProgramData\Google
2014-10-29 19:50:17 ----D---- C:\Windows\system32\tprb
2014-10-28 20:31:13 ----D---- C:\ProgramData\WLSetup
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 17:02:04 ----A---- C:\Windows\system32\msvcr100.dll
2014-10-27 17:02:04 ----A---- C:\Windows\system32\msvcp100.dll
2014-10-24 21:27:08 ----D---- C:\Program Files (x86)\Realtek
2014-10-24 20:44:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-10-24 20:44:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-24 20:44:58 ----D---- C:\Program Files (x86)\Common Files
2014-10-24 20:44:55 ----D---- C:\Program Files\Internet Explorer
2014-10-24 20:44:54 ----D---- C:\ProgramData\Symantec
2014-10-24 20:44:54 ----D---- C:\ProgramData\Skype
2014-10-24 20:44:11 ----SD---- C:\Windows\system32\CompatTel
2014-10-24 20:44:11 ----D---- C:\Windows\system32\drivers\UMDF
2014-10-24 20:44:11 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-24 20:43:39 ----D---- C:\Windows\registration
2014-10-20 16:48:20 ----D---- C:\Windows\Microsoft.NET
2014-10-18 19:59:55 ----RSD---- C:\Windows\assembly
2014-10-17 20:33:59 ----D---- C:\ProgramData\Microsoft Help
2014-10-11 08:56:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-10-10 63160]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1593384]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-08-11 686080]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-02 7369728]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-17 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2011-09-18 246224]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-27 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-27 27760]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-09-18 117504]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2011-09-18 114304]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;Sony so0101 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WSDPrintDevice;WSD Print Support via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-10-01 1349576]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-09-10 101888]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2014-11-07 127752]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-27 250568]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-09 114288]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 09 lis 2014 22:08

Dvouklikem na soubor C:\Program Files\trend micro\21PP2011.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

sixdee · #9 Příspěvek od **sixdee** » 09 lis 2014 23:35

Nepomohlo, stále je ntb zavirený :/

#10 Příspěvek od **Rudy** » 10 lis 2014 17:23

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

sixdee · #11 Příspěvek od **sixdee** » 10 lis 2014 19:27

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10.11.2014
Scan Time: 19:05:28
Logfile: textň.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.10.08
Rootkit Database: v2014.11.10.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: 21PP2011

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 323207
Time Elapsed: 17 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 7
Adware.GamePlayLab, HKU\S-1-5-21-887980343-3317208105-2278496108-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110011221158}, , [26fa68d2ed8fe056bc514682cb37db25],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CinePlus-1.2V23.10, , [57c9a8924d2f0036c41a9a981ae9f010],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CinePlus-1.2V23.10-nv, , [4cd489b1f5874aecdb039a9822e18878],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CinePlus-1.2V23.10, , [a67a88b2433994a2746cae84798aa858],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [e838c07a700c9a9cb4aaceba4bb98080],
Malware.Trace, HKU\S-1-5-21-887980343-3317208105-2278496108-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\sistemanet, , [69b7ad8dfc8089addb092b64ab58b44c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-887980343-3317208105-2278496108-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CinePlus-1.2V23.10, , [f22e6ecc6517f3433fa1b9791be8817f],

Registry Values: 4
PUP.Optional.FreeMakeConverter.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|fmconverter@gmail.com, C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\, , [fb2515250d6fab8b6a31c966d72c2ed2]
Hijack.Autoconfig, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigURL, http://kilaboinglinuxcopertsf.com/radios/sintonia.pac, , [ba6682b8e6962b0b94974a0b9a6a8779]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, , [e838c07a700c9a9cb4aaceba4bb98080]
Hijack.Autoconfig, HKU\S-1-5-21-887980343-3317208105-2278496108-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigURL, http://kilaboinglinuxcopertsf.com/radios/sintonia.pac, , [c35db7833745a19569c2f75e3fc5d32d]

Registry Data: 0
(No malicious items detected)

Folders: 16
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\defaults, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\defaults\preferences, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\userCode, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\locale, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\locale\en-US, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mnanplinmmnjhobaliikmelmmjpoogkb_0, , [58c81228e09cd46264ffd24e50b353ad],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinePlus-1.2V23.10, , [0d13d268790348ee31e16ebbc93a758b],

Files: 143
PUP.Optional.SweetIM, C:\Windows\Installer\23fdd.msi, , [db45d86214682511b7325c0bf5104bb5],
PUP.Optional.SweetIM, C:\Windows\Installer\24042.msi, , [72ae3901f488e1552cbd184fe81d4bb5],
PUP.Optional.SweetIM, C:\Windows\Installer\24057.msi, , [a17f1228700ce056fdeccb9cd5309e62],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mnanplinmmnjhobaliikmelmmjpoogkb_0.localstorage, , [8c942d0d58247bbb206238069e6511ef],
Trojan.Banker.Gen, C:\ProgramData\Project3.bat, , [8f9124160a7275c1f634f75e0103db25],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome.manifest, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\install.rdf, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\21d94253789ffb4dc7bf28e03aacc44b.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\2df843994f0442162ce7f8616ddd3aee.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\3a5632d379ae154b45832fd7a445b4e1.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\800ed1246a04e619cc20571d86975471.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\background.html, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\browser.xul, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\d0dbe974d96193c9ac67076f43ab6691.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\dialog.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\e5bebb9a9f684fb00d6f2be0649ac11a.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\ffCoreFilesIndex.txt, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\options.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\options.xul, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\search_dialog.xul, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\0523ce3a27c74c55aa896cc595e3129e.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\1919fa8038874a8b1da5ed2ef134ff49.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\2bd5ff62f6ba416babd6ac48ccb86c2d.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\3deefcdb9212f6f8d28140ebb47d7de0.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\4280eb47a16728242672177b6aea152f.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\4632bbd9ebed51b25f2cc3af7a1d9044.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\5552d124266088910b8a6e5f39cc13ee.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\75041269e0f04ada8d5aa203dcc6798c.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\75bfe41aba00c4263e4ca823081923da.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\8440423f9f1b1b4d7f171b1d5e4853d5.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\85b9b85fc0052d3ba639ddb082980b8b.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\a46cdc5bd82fd83479132a2d894ec2de.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\a7dabbf6cbd33efbde81d1fe86ad3364.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\c8bf767cc6aabeb47e95a20db988b69b.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\d7aee7a70cbc4b8aeeba9cee5b5ff9ea.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\api\de59ed89f2e3af8e075eec9b6428b7d3.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\1951b2dc04f272ef49d18b92237f4552.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\35a025d40492537c3ece8f305c984214.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\63560b7d83d61b5065100e1ac283a3b4.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\6c780b3c50661b4cb98007774225f33f.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\6dc262fe85b1fcdd9b8c8be041e76542.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\7452a9ae586d7c72d59990431434fe4c.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\781f28336cc9d1f0329f8bc42f09d61b.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\7bd3a124dfa4e93790ceedd5244cad22.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\7f26eb861d4681be116b73ed1d22e29b.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\7fa0610a5e275037202fd5bd66f61dd2.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\80d390b9f3f9d4d18f56e837808a0c4e.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\82e94a19e9d22a5eb1e0642e5488ee1a.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\89dc6a1474ec516dca5179a1323a7e61.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\91cfa24e43c60ee657191302622662f9.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\a00a868f67220da91fd9a4149e8a6bb2.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\a08bd46c60d50e05f47e1156b3f2db1c.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\bd8f074da0f907993889d274e35a80bb.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\e45e663cf9e34a4e4b89ecc87416dcc5.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\e9cc019fb5ac266f4c69c75e4eb3796f.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\f735add7186bd6358a9a85c4262d5b4b.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\chrome\content\core\installer.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\defaults\preferences\prefs.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\manifest.xml, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins.json, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\124.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\244.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\102.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\104.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\119.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\123.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\246.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\260.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\262.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\263.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\268.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\273.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\275.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\281.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\286.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\288.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\289.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\291.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\300.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\301.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\302.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\4.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\47.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\64.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\7.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\78.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\9.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\91.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\93.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\13.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\14.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\16.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\17.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\178.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\179.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\180.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\184.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\189.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\190.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\195.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\200.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\220.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\221.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\223.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\226.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\231.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\232.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\plugins\242.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\userCode\background.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\extensionData\userCode\extension.js, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\locale\en-US\translations.dtd, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\button1.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\button2.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\button3.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\button4.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\button5.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\crossrider_statusbar.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\icon128.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\icon16.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\icon24.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\icon48.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\panelarrow-up.png, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\popup.html, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\skin.css, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider, C:\Users\21PP2011\AppData\Roaming\Mozilla\Firefox\Profiles\965imzmc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com\skin\update.css, , [43ddc971403c8aacd746cb55a55e8f71],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\000102.ldb, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\000104.ldb, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\000107.ldb, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\000119.ldb, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\000120.log, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\CURRENT, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\LOCK, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\LOG, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\LOG.old, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnanplinmmnjhobaliikmelmmjpoogkb\MANIFEST-000118, , [76aa84b695e752e4a4befe222dd68e72],
PUP.Optional.CrossRider.A, C:\Users\21PP2011\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mnanplinmmnjhobaliikmelmmjpoogkb_0\101, , [58c81228e09cd46264ffd24e50b353ad],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinePlus-1.2V23.10\1293297481.mxaddon, , [0d13d268790348ee31e16ebbc93a758b],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinePlus-1.2V23.10\7f4aa049-81fa-42e7-9041-0d4d21de867b.crx, , [0d13d268790348ee31e16ebbc93a758b],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinePlus-1.2V23.10\8cf73878-2373-49bf-b1c9-a10eb4f9ad3a.crx, , [0d13d268790348ee31e16ebbc93a758b],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinePlus-1.2V23.10\8cf73878-2373-49bf-b1c9-a10eb4f9ad3a.xpi, , [0d13d268790348ee31e16ebbc93a758b],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinePlus-1.2V23.10\background.html, , [0d13d268790348ee31e16ebbc93a758b],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinePlus-1.2V23.10\bgNova.html, , [0d13d268790348ee31e16ebbc93a758b],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinePlus-1.2V23.10\CinePlus-1.2V23.10.ico, , [0d13d268790348ee31e16ebbc93a758b],

Physical Sectors: 0
(No malicious items detected)

(end)

#12 Příspěvek od **Rudy** » 10 lis 2014 19:53

Vše, co MBAM nalezl, smažte.

VIRY.CZ

Zavirený notebook

Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook

Re: Zavirený notebook