Dobrý den, noťas jede (spíš se šourá) na max výkon i paměť
prosím o kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Judita at 2015-02-11 18:57:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 81 GB (36%) free of 225 GB
Total RAM: 1979 MB (14% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:03, on 11.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Judita.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
R3 - URLSearchHook: (no name) - {31264a33-a653-46c4-af49-1232c59a7da5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: BS Player ControlBar B - {31264a33-a653-46c4-af49-1232c59a7da5} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {31264a33-a653-46c4-af49-1232c59a7da5} - (no file)
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [InboxToolbar] "C:\Program Files (x86)\Inbox Toolbar\Inbox.exe" /STARTUP
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Toolbar Service (TBSrv) - ClientConnect Ltd. - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14034 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {3A4A8C29-0728-4604-A498-A99AC54E1C8E}
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
C:\Windows\system32\igfxext.exe -Embedding
WLIDSvcM.exe 2284
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -restart
"C:\Windows\system32\taskmgr.exe" /1
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {97811C27-04CE-4B60-B58E-C93E840D05B1}
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe16_ Global\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Judita\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1128242429-3161665266-3304842230-1001Core.job - C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1128242429-3161665266-3304842230-1001UA.job - C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC}
{37483b40-c254-4a72-bda4-22ee90182c1e}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
{31264a33-a653-46c4-af49-1232c59a7da5}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-14 39408]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"InboxToolbar"=C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [2015-01-29 2410392]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Judita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-02-11 18:57:57 ----D---- C:\rsit
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 20:57:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 22:56:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-16 22:56:03 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-16 22:56:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-16 22:55:54 ----A---- C:\Windows\system32\srcore.dll
2015-01-16 22:55:51 ----A---- C:\Windows\system32\rstrui.exe
2015-01-16 22:55:49 ----A---- C:\Windows\system32\srclient.dll
2015-01-16 22:55:48 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:12:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-11 18:58:19 ----D---- C:\Windows\Temp
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:55:51 ----D---- C:\Windows\system32\config
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:51 ----D---- C:\Windows\Panther
2015-02-11 18:35:51 ----D---- C:\Windows\inf
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:35:14 ----D---- C:\Windows\debug
2015-02-11 18:35:14 ----D---- C:\Windows
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-10 21:04:25 ----D---- C:\Windows\Tasks
2015-02-09 21:02:24 ----D---- C:\Windows\Prefetch
2015-02-09 21:02:10 ----D---- C:\Windows\system32\Tasks
2015-02-08 14:21:33 ----SHD---- C:\System Volume Information
2015-02-06 17:44:00 ----D---- C:\Windows\System32
2015-02-06 17:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:48:59 ----D---- C:\Windows\SysWOW64
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-02 17:39:03 ----D---- C:\Program Files (x86)\Inbox Toolbar
2015-01-30 11:11:02 ----D---- C:\Windows\system32\catroot2
2015-01-29 13:18:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-28 18:57:03 ----RD---- C:\Program Files (x86)
2015-01-23 19:50:02 ----D---- C:\Windows\system32\catroot
2015-01-23 19:50:01 ----D---- C:\Windows\system32\DriverStore
2015-01-23 19:49:17 ----D---- C:\Windows\system32\drivers
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
2015-01-17 09:34:59 ----D---- C:\Windows\winsxs
2015-01-17 09:12:54 ----D---- C:\Windows\system32\MRT
2015-01-17 08:47:07 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 awypgiwo;awypgiwo; C:\Windows\system32\drivers\awypgiwo.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TBSrv;Toolbar Service; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [2014-04-10 350528]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-23 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Max výkon i paměť
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Max výkon i paměť
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Max výkon i paměť
# AdwCleaner v4.110 - Logfile created 11/02/2015 at 19:34:25
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Judita - JUDITA-PC
# Running from : C:\Users\Judita\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
Service Deleted : TBSrv
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tbccint
Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\2907298990001755427
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\Red Sky
Folder Deleted : C:\Program Files (x86)\Tbccint
Folder Deleted : C:\Program Files (x86)\BuyNsave
Folder Deleted : C:\Program Files (x86)\YoutubeAdBlocke
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Judita\AppData\Local\Conduit
Folder Deleted : C:\Users\Judita\AppData\Local\Tbccint
Folder Deleted : C:\Users\Judita\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Judita\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Judita\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Judita\AppData\LocalLow\Tbccint
Folder Deleted : C:\Users\Judita\AppData\LocalLow\BS_Player_ControlBar_B
Folder Deleted : C:\Users\Judita\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Judita\AppData\Roaming\BabylonToolbar
Folder Deleted : C:\Users\Judita\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\ProgramData\hcadkmfcjdcobdaflojdidbgjbkmmflg
File Deleted : C:\END
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin.src
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-20.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-21.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-22.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-23.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-24.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-25.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-26.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-27.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-28.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-29.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-30.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\inbox.appserver
Key Deleted : HKLM\SOFTWARE\Classes\inbox.ibx404
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServer
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxToolbar]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0F2592C8-E434-435C-8376-6991CD2B648D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AE3480E1-116D-449A-948D-51D87A4777F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D111FB93-8CB3-4388-9711-E9DAA6F57C2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Inbox Toolbar
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v35.0 (x86 cs)
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111729");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "c8547b3d000000000000001e64630724");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "c8547b3d000000000000001e64630724");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15492");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=111729&babsrc=NT_ss&mntrId=c8547b3d000000000000001e64630724");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:50:32");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.geolastmodified", 1391863238);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.history", "jen%20jeden%20jim%20v%C5%A1em%20k%C3%A1%C5%BEehlavn%C4%9B%20nen%C3%A1padn%C4%9Bneil%20carrfeyprd%20pochvyakne%20na%20zadkup%C5%99%C3%A1tel%C3%A9%20epizoda%20[...]
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.hpChange", true);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1343642183");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.previousFFVersion", "26.0");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.showPc", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uninstStatSent", true);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uniqueID", "128776665312877666781287924232393");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1391863242);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "WUHHZMY9EVZXYYAB2OW1JTAVQWLAPKPLSNKFWXNW5BFRIMTTG5RIRI3R/38BO/WT3YYNFRAR4ZCBT88CPUUI/A");
-\\ Google Chrome v
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?ch_id=sm&q={searchTerms}&icid=chrome
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://us.yhs4.search.yahoo.com/yhs/search?hsimp=yhs-affiliate_a_gc&hspart=greentree&type=981880&p={searchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.zusuh.cz/?page=websearch&srchtext={searchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : dhkplhfnhceodhffomolpfigojocbpcb
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hcadkmfcjdcobdaflojdidbgjbkmmflg
*************************
AdwCleaner[R0].txt - [27120 bytes] - [11/02/2015 19:26:25]
AdwCleaner[S0].txt - [26237 bytes] - [11/02/2015 19:34:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26297 bytes] ##########
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Judita - JUDITA-PC
# Running from : C:\Users\Judita\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
Service Deleted : TBSrv
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tbccint
Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\2907298990001755427
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\Red Sky
Folder Deleted : C:\Program Files (x86)\Tbccint
Folder Deleted : C:\Program Files (x86)\BuyNsave
Folder Deleted : C:\Program Files (x86)\YoutubeAdBlocke
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Judita\AppData\Local\Conduit
Folder Deleted : C:\Users\Judita\AppData\Local\Tbccint
Folder Deleted : C:\Users\Judita\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Judita\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Judita\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Judita\AppData\LocalLow\Tbccint
Folder Deleted : C:\Users\Judita\AppData\LocalLow\BS_Player_ControlBar_B
Folder Deleted : C:\Users\Judita\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Judita\AppData\Roaming\BabylonToolbar
Folder Deleted : C:\Users\Judita\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\ProgramData\hcadkmfcjdcobdaflojdidbgjbkmmflg
File Deleted : C:\END
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin.src
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-20.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-21.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-22.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-23.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-24.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-25.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-26.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-27.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-28.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-29.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-30.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Judita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\inbox.appserver
Key Deleted : HKLM\SOFTWARE\Classes\inbox.ibx404
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServer
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxToolbar]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0F2592C8-E434-435C-8376-6991CD2B648D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AE3480E1-116D-449A-948D-51D87A4777F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D111FB93-8CB3-4388-9711-E9DAA6F57C2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Inbox Toolbar
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v35.0 (x86 cs)
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111729");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "c8547b3d000000000000001e64630724");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "c8547b3d000000000000001e64630724");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15492");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=111729&babsrc=NT_ss&mntrId=c8547b3d000000000000001e64630724");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:50:32");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.geolastmodified", 1391863238);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.history", "jen%20jeden%20jim%20v%C5%A1em%20k%C3%A1%C5%BEehlavn%C4%9B%20nen%C3%A1padn%C4%9Bneil%20carrfeyprd%20pochvyakne%20na%20zadkup%C5%99%C3%A1tel%C3%A9%20epizoda%20[...]
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.hpChange", true);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1343642183");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.previousFFVersion", "26.0");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.showPc", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uninstStatSent", true);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uniqueID", "128776665312877666781287924232393");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1391863242);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[whpy3k55.default\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "WUHHZMY9EVZXYYAB2OW1JTAVQWLAPKPLSNKFWXNW5BFRIMTTG5RIRI3R/38BO/WT3YYNFRAR4ZCBT88CPUUI/A");
-\\ Google Chrome v
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?ch_id=sm&q={searchTerms}&icid=chrome
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://us.yhs4.search.yahoo.com/yhs/search?hsimp=yhs-affiliate_a_gc&hspart=greentree&type=981880&p={searchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.zusuh.cz/?page=websearch&srchtext={searchTerms}
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : dhkplhfnhceodhffomolpfigojocbpcb
[C:\Users\Judita\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hcadkmfcjdcobdaflojdidbgjbkmmflg
*************************
AdwCleaner[R0].txt - [27120 bytes] - [11/02/2015 19:26:25]
AdwCleaner[S0].txt - [26237 bytes] - [11/02/2015 19:34:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26297 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Max výkon i paměť
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Max výkon i paměť
Logfile of random's system information tool 1.10 (written by random/random)
Run by Judita at 2015-02-11 20:18:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 81 GB (36%) free of 225 GB
Total RAM: 1979 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:21:27, on 11.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Judita.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13435 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {1C6CE4BD-E554-458F-B28F-7CD5885B3B8F}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 1236
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskhost.exe USER
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Windows\PLFSetI.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
taskmgr.exe /3
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Users\Judita\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1128242429-3161665266-3304842230-1001Core.job - C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1128242429-3161665266-3304842230-1001UA.job - C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{37483b40-c254-4a72-bda4-22ee90182c1e}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-14 39408]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Judita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-02-11 18:57:57 ----D---- C:\rsit
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 22:56:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-16 22:56:03 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-16 22:56:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-16 22:55:54 ----A---- C:\Windows\system32\srcore.dll
2015-01-16 22:55:51 ----A---- C:\Windows\system32\rstrui.exe
2015-01-16 22:55:49 ----A---- C:\Windows\system32\srclient.dll
2015-01-16 22:55:48 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:12:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-11 20:22:39 ----D---- C:\Windows\Temp
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:12:19 ----D---- C:\Windows\Tasks
2015-02-11 20:11:03 ----D---- C:\Windows\system32\config
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:55:04 ----SHD---- C:\System Volume Information
2015-02-11 19:52:08 ----D---- C:\Windows\system32\catroot
2015-02-11 19:52:04 ----D---- C:\Windows\system32\catroot2
2015-02-11 19:51:32 ----D---- C:\Windows\winsxs
2015-02-11 19:41:50 ----RD---- C:\Program Files (x86)
2015-02-11 19:39:04 ----D---- C:\Windows
2015-02-11 19:34:56 ----HD---- C:\ProgramData
2015-02-11 19:34:53 ----D---- C:\Program Files (x86)\Common Files
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:51 ----D---- C:\Windows\Panther
2015-02-11 18:35:51 ----D---- C:\Windows\inf
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:35:14 ----D---- C:\Windows\debug
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-09 21:02:24 ----D---- C:\Windows\Prefetch
2015-02-06 17:44:00 ----D---- C:\Windows\System32
2015-02-06 17:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:48:59 ----D---- C:\Windows\SysWOW64
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-23 19:50:01 ----D---- C:\Windows\system32\DriverStore
2015-01-23 19:49:17 ----D---- C:\Windows\system32\drivers
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
2015-01-17 09:12:54 ----D---- C:\Windows\system32\MRT
2015-01-17 08:47:07 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 avvnwo7r;avvnwo7r; C:\Windows\system32\drivers\avvnwo7r.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Judita at 2015-02-11 20:18:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 81 GB (36%) free of 225 GB
Total RAM: 1979 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:21:27, on 11.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Judita.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13435 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {1C6CE4BD-E554-458F-B28F-7CD5885B3B8F}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 1236
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskhost.exe USER
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Windows\PLFSetI.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
taskmgr.exe /3
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Users\Judita\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1128242429-3161665266-3304842230-1001Core.job - C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1128242429-3161665266-3304842230-1001UA.job - C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{37483b40-c254-4a72-bda4-22ee90182c1e}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-14 39408]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Judita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-02-11 18:57:57 ----D---- C:\rsit
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 22:56:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-16 22:56:03 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-16 22:56:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-16 22:55:54 ----A---- C:\Windows\system32\srcore.dll
2015-01-16 22:55:51 ----A---- C:\Windows\system32\rstrui.exe
2015-01-16 22:55:49 ----A---- C:\Windows\system32\srclient.dll
2015-01-16 22:55:48 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:12:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-11 20:22:39 ----D---- C:\Windows\Temp
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:12:19 ----D---- C:\Windows\Tasks
2015-02-11 20:11:03 ----D---- C:\Windows\system32\config
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:55:04 ----SHD---- C:\System Volume Information
2015-02-11 19:52:08 ----D---- C:\Windows\system32\catroot
2015-02-11 19:52:04 ----D---- C:\Windows\system32\catroot2
2015-02-11 19:51:32 ----D---- C:\Windows\winsxs
2015-02-11 19:41:50 ----RD---- C:\Program Files (x86)
2015-02-11 19:39:04 ----D---- C:\Windows
2015-02-11 19:34:56 ----HD---- C:\ProgramData
2015-02-11 19:34:53 ----D---- C:\Program Files (x86)\Common Files
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:51 ----D---- C:\Windows\Panther
2015-02-11 18:35:51 ----D---- C:\Windows\inf
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:35:14 ----D---- C:\Windows\debug
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-09 21:02:24 ----D---- C:\Windows\Prefetch
2015-02-06 17:44:00 ----D---- C:\Windows\System32
2015-02-06 17:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:48:59 ----D---- C:\Windows\SysWOW64
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-23 19:50:01 ----D---- C:\Windows\system32\DriverStore
2015-01-23 19:49:17 ----D---- C:\Windows\system32\drivers
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
2015-01-17 09:12:54 ----D---- C:\Windows\system32\MRT
2015-01-17 08:47:07 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 avvnwo7r;avvnwo7r; C:\Windows\system32\drivers\avvnwo7r.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Max výkon i paměť
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\Google\GoogleToolbarNotifier
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1128242429-3161665266-3304842230-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1128242429-3161665266-3304842230-1001UA.job
C:\Windows\AutoKMS\AutoKMS.exe
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Max výkon i paměť
Logfile of random's system information tool 1.10 (written by random/random)
Run by Judita at 2015-02-11 21:59:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 81 GB (36%) free of 225 GB
Total RAM: 1979 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:59:05, on 11.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\Program Files\trend micro\Judita.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12476 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {1B581238-E01A-40FD-AB81-0E7C6BD9FA89}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"taskhost.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {DD54E2C0-8890-4FA4-B296-EEF1A6D85F83}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 2232
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
taskeng.exe {474B8E2B-E39D-41C2-8DEA-DCB4C088F74A}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\sppsvc.exe
"C:\Users\Judita\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-11 21:36:03 ----D---- C:\_OTM
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-02-11 18:57:57 ----D---- C:\rsit
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 22:56:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-16 22:56:03 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-16 22:56:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-16 22:55:54 ----A---- C:\Windows\system32\srcore.dll
2015-01-16 22:55:51 ----A---- C:\Windows\system32\rstrui.exe
2015-01-16 22:55:49 ----A---- C:\Windows\system32\srclient.dll
2015-01-16 22:55:48 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:12:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-11 21:58:59 ----D---- C:\Windows\Temp
2015-02-11 21:36:17 ----RD---- C:\Program Files (x86)\Skype
2015-02-11 21:36:17 ----D---- C:\Windows\Tasks
2015-02-11 21:36:17 ----D---- C:\Windows\AutoKMS
2015-02-11 21:36:17 ----D---- C:\Program Files (x86)\Google
2015-02-11 21:23:34 ----D---- C:\Windows\system32\config
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:55:04 ----SHD---- C:\System Volume Information
2015-02-11 19:52:08 ----D---- C:\Windows\system32\catroot
2015-02-11 19:52:04 ----D---- C:\Windows\system32\catroot2
2015-02-11 19:51:32 ----D---- C:\Windows\winsxs
2015-02-11 19:41:50 ----RD---- C:\Program Files (x86)
2015-02-11 19:39:04 ----D---- C:\Windows
2015-02-11 19:34:56 ----HD---- C:\ProgramData
2015-02-11 19:34:53 ----D---- C:\Program Files (x86)\Common Files
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:51 ----D---- C:\Windows\Panther
2015-02-11 18:35:51 ----D---- C:\Windows\inf
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:35:14 ----D---- C:\Windows\debug
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-09 21:02:24 ----D---- C:\Windows\Prefetch
2015-02-06 17:44:00 ----D---- C:\Windows\System32
2015-02-06 17:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:48:59 ----D---- C:\Windows\SysWOW64
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-23 19:50:01 ----D---- C:\Windows\system32\DriverStore
2015-01-23 19:49:17 ----D---- C:\Windows\system32\drivers
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
2015-01-17 09:12:54 ----D---- C:\Windows\system32\MRT
2015-01-17 08:47:07 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
S3 afdpa3wj;afdpa3wj; C:\Windows\system32\drivers\afdpa3wj.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Judita at 2015-02-11 21:59:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 81 GB (36%) free of 225 GB
Total RAM: 1979 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:59:05, on 11.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\Program Files\trend micro\Judita.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12476 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {1B581238-E01A-40FD-AB81-0E7C6BD9FA89}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"taskhost.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {DD54E2C0-8890-4FA4-B296-EEF1A6D85F83}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 2232
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
taskeng.exe {474B8E2B-E39D-41C2-8DEA-DCB4C088F74A}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\sppsvc.exe
"C:\Users\Judita\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-11 21:36:03 ----D---- C:\_OTM
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-02-11 18:57:57 ----D---- C:\rsit
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 22:56:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-16 22:56:03 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-16 22:56:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-16 22:55:54 ----A---- C:\Windows\system32\srcore.dll
2015-01-16 22:55:51 ----A---- C:\Windows\system32\rstrui.exe
2015-01-16 22:55:49 ----A---- C:\Windows\system32\srclient.dll
2015-01-16 22:55:48 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:12:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-11 21:58:59 ----D---- C:\Windows\Temp
2015-02-11 21:36:17 ----RD---- C:\Program Files (x86)\Skype
2015-02-11 21:36:17 ----D---- C:\Windows\Tasks
2015-02-11 21:36:17 ----D---- C:\Windows\AutoKMS
2015-02-11 21:36:17 ----D---- C:\Program Files (x86)\Google
2015-02-11 21:23:34 ----D---- C:\Windows\system32\config
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:55:04 ----SHD---- C:\System Volume Information
2015-02-11 19:52:08 ----D---- C:\Windows\system32\catroot
2015-02-11 19:52:04 ----D---- C:\Windows\system32\catroot2
2015-02-11 19:51:32 ----D---- C:\Windows\winsxs
2015-02-11 19:41:50 ----RD---- C:\Program Files (x86)
2015-02-11 19:39:04 ----D---- C:\Windows
2015-02-11 19:34:56 ----HD---- C:\ProgramData
2015-02-11 19:34:53 ----D---- C:\Program Files (x86)\Common Files
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:51 ----D---- C:\Windows\Panther
2015-02-11 18:35:51 ----D---- C:\Windows\inf
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:35:14 ----D---- C:\Windows\debug
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-09 21:02:24 ----D---- C:\Windows\Prefetch
2015-02-06 17:44:00 ----D---- C:\Windows\System32
2015-02-06 17:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:48:59 ----D---- C:\Windows\SysWOW64
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-23 19:50:01 ----D---- C:\Windows\system32\DriverStore
2015-01-23 19:49:17 ----D---- C:\Windows\system32\drivers
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
2015-01-17 09:12:54 ----D---- C:\Windows\system32\MRT
2015-01-17 08:47:07 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
S3 afdpa3wj;afdpa3wj; C:\Windows\system32\drivers\afdpa3wj.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Max výkon i paměť
Dvouklikem na soubor C:\Program Files\trend micro\Judita.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Max výkon i paměť
Provedýno, ale pořád stejný 
Nový RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Judita at 2015-02-11 23:02:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 81 GB (36%) free of 225 GB
Total RAM: 1979 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:02:50, on 11.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\trend micro\Judita.exe
C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12056 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {75C4E6CF-55AA-411D-92E4-798C1AA9608A}
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Windows\system32\Dwm.exe"
WLIDSvcM.exe 1532
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {D208AEED-ECA7-4B31-A853-0A339EAD47FD}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\igfxext.exe -Embedding
taskeng.exe {E73078FA-A2AD-46D7-A403-E244F3490C3F}
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
taskmgr.exe /3
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Users\Judita\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\sppsvc.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-11 23:02:08 ----D---- C:\rsit
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 22:56:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-16 22:56:03 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-16 22:56:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-16 22:55:54 ----A---- C:\Windows\system32\srcore.dll
2015-01-16 22:55:51 ----A---- C:\Windows\system32\rstrui.exe
2015-01-16 22:55:49 ----A---- C:\Windows\system32\srclient.dll
2015-01-16 22:55:48 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:12:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-11 23:00:58 ----D---- C:\Windows\Temp
2015-02-11 23:00:56 ----D---- C:\Windows\system32\config
2015-02-11 22:58:12 ----D---- C:\Windows
2015-02-11 21:36:17 ----RD---- C:\Program Files (x86)\Skype
2015-02-11 21:36:17 ----D---- C:\Windows\Tasks
2015-02-11 21:36:17 ----D---- C:\Windows\AutoKMS
2015-02-11 21:36:17 ----D---- C:\Program Files (x86)\Google
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:55:04 ----SHD---- C:\System Volume Information
2015-02-11 19:52:08 ----D---- C:\Windows\system32\catroot
2015-02-11 19:52:04 ----D---- C:\Windows\system32\catroot2
2015-02-11 19:51:32 ----D---- C:\Windows\winsxs
2015-02-11 19:41:50 ----RD---- C:\Program Files (x86)
2015-02-11 19:34:56 ----HD---- C:\ProgramData
2015-02-11 19:34:53 ----D---- C:\Program Files (x86)\Common Files
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:51 ----D---- C:\Windows\Panther
2015-02-11 18:35:51 ----D---- C:\Windows\inf
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:35:14 ----D---- C:\Windows\debug
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-09 21:02:24 ----D---- C:\Windows\Prefetch
2015-02-06 17:44:00 ----D---- C:\Windows\System32
2015-02-06 17:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:48:59 ----D---- C:\Windows\SysWOW64
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-23 19:50:01 ----D---- C:\Windows\system32\DriverStore
2015-01-23 19:49:17 ----D---- C:\Windows\system32\drivers
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
2015-01-17 09:12:54 ----D---- C:\Windows\system32\MRT
2015-01-17 08:47:07 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 ar1c289n;ar1c289n; C:\Windows\system32\drivers\ar1c289n.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Nový RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Judita at 2015-02-11 23:02:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 81 GB (36%) free of 225 GB
Total RAM: 1979 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:02:50, on 11.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\trend micro\Judita.exe
C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12056 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {75C4E6CF-55AA-411D-92E4-798C1AA9608A}
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Windows\system32\Dwm.exe"
WLIDSvcM.exe 1532
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {D208AEED-ECA7-4B31-A853-0A339EAD47FD}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\igfxext.exe -Embedding
taskeng.exe {E73078FA-A2AD-46D7-A403-E244F3490C3F}
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
taskmgr.exe /3
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Users\Judita\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\sppsvc.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-11 23:02:08 ----D---- C:\rsit
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 22:56:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-16 22:56:03 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-16 22:56:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-16 22:55:54 ----A---- C:\Windows\system32\srcore.dll
2015-01-16 22:55:51 ----A---- C:\Windows\system32\rstrui.exe
2015-01-16 22:55:49 ----A---- C:\Windows\system32\srclient.dll
2015-01-16 22:55:48 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:12:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-11 23:00:58 ----D---- C:\Windows\Temp
2015-02-11 23:00:56 ----D---- C:\Windows\system32\config
2015-02-11 22:58:12 ----D---- C:\Windows
2015-02-11 21:36:17 ----RD---- C:\Program Files (x86)\Skype
2015-02-11 21:36:17 ----D---- C:\Windows\Tasks
2015-02-11 21:36:17 ----D---- C:\Windows\AutoKMS
2015-02-11 21:36:17 ----D---- C:\Program Files (x86)\Google
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:55:04 ----SHD---- C:\System Volume Information
2015-02-11 19:52:08 ----D---- C:\Windows\system32\catroot
2015-02-11 19:52:04 ----D---- C:\Windows\system32\catroot2
2015-02-11 19:51:32 ----D---- C:\Windows\winsxs
2015-02-11 19:41:50 ----RD---- C:\Program Files (x86)
2015-02-11 19:34:56 ----HD---- C:\ProgramData
2015-02-11 19:34:53 ----D---- C:\Program Files (x86)\Common Files
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:51 ----D---- C:\Windows\Panther
2015-02-11 18:35:51 ----D---- C:\Windows\inf
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:35:14 ----D---- C:\Windows\debug
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-09 21:02:24 ----D---- C:\Windows\Prefetch
2015-02-06 17:44:00 ----D---- C:\Windows\System32
2015-02-06 17:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:48:59 ----D---- C:\Windows\SysWOW64
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-23 19:50:01 ----D---- C:\Windows\system32\DriverStore
2015-01-23 19:49:17 ----D---- C:\Windows\system32\drivers
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
2015-01-17 09:12:54 ----D---- C:\Windows\system32\MRT
2015-01-17 08:47:07 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 ar1c289n;ar1c289n; C:\Windows\system32\drivers\ar1c289n.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Max výkon i paměť
V noci proběhla docela velká aktualizace systému, ale změnu nepřinesla.
Pamět se trochu snížila (pak jsem ji ještě posílil tím, co jsem našel v šuplíku).
Ale využití procesoru běží pořád na 100% od nastartování PC.
Čerstvý rsitlog:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Judita at 2015-02-12 10:56:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 79 GB (35%) free of 225 GB
Total RAM: 2491 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:33, on 12.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Judita.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11817 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {C0A5415B-A77D-4D05-8EEB-79442EAA0924}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 2288
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
taskmgr.exe /3
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {D8D1E9D2-649F-41C1-BAC5-BFDBCA95E606}
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Judita\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-12 10:56:02 ----D---- C:\rsit
2015-02-12 00:04:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:04:07 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 00:04:06 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 00:04:06 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 00:04:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 00:04:04 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 00:04:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 00:04:02 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 00:04:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 00:04:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 00:04:01 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 00:04:01 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 00:03:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 00:03:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 00:03:58 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 00:03:58 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 23:57:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 23:57:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 23:57:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 23:57:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 23:57:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 23:57:24 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 23:57:24 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 23:57:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 23:57:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 23:57:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 23:57:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 23:57:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 23:57:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 23:57:15 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 23:57:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 23:57:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 23:57:13 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 23:57:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 23:57:13 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 23:57:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 23:57:12 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 23:57:10 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 23:57:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 23:57:06 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 23:57:04 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 23:57:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-11 23:57:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 23:57:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 23:57:03 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 23:57:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 23:57:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 23:57:00 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 23:56:59 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 23:56:58 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 23:56:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 23:56:56 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 23:56:55 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-11 23:56:54 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 23:56:53 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 23:56:52 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 23:56:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 23:56:49 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 23:56:46 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 23:54:50 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 23:54:49 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 23:54:49 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 23:54:48 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 23:54:48 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 23:54:47 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 23:54:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 23:54:46 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 23:54:46 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 23:54:46 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 23:54:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 23:54:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 23:54:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 23:54:44 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 23:42:53 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 23:42:53 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 23:42:51 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 23:42:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 23:08:12 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 23:08:11 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 23:07:24 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-11 23:07:24 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-02-11 23:06:57 ----A---- C:\Windows\system32\mstscax.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 19:46:46 ----A---- C:\Windows\system32\win32k.sys
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:12:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-12 10:56:31 ----D---- C:\Windows\Temp
2015-02-12 10:45:49 ----D---- C:\Windows\inf
2015-02-12 10:45:16 ----D---- C:\Windows\system32\config
2015-02-12 09:19:33 ----D---- C:\Windows\system32\catroot2
2015-02-12 09:15:08 ----D---- C:\Windows\winsxs
2015-02-12 09:13:52 ----D---- C:\Windows
2015-02-12 09:10:58 ----D---- C:\Windows\SysWOW64
2015-02-12 09:10:58 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 09:10:57 ----D---- C:\Windows\System32
2015-02-12 09:10:56 ----D---- C:\Program Files\Internet Explorer
2015-02-12 09:10:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-12 09:10:54 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-12 09:10:51 ----D---- C:\Windows\system32\en-US
2015-02-12 09:10:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 09:10:40 ----D---- C:\Windows\system32\drivers
2015-02-12 02:25:10 ----SHD---- C:\Windows\Installer
2015-02-12 02:25:08 ----D---- C:\ProgramData\Microsoft Help
2015-02-12 01:47:26 ----D---- C:\Windows\system32\MRT
2015-02-12 01:47:25 ----D---- C:\Windows\debug
2015-02-12 01:47:17 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 01:31:32 ----SHD---- C:\System Volume Information
2015-02-12 01:13:43 ----D---- C:\Windows\Panther
2015-02-12 00:18:12 ----D---- C:\ProgramData\Adobe
2015-02-12 00:18:10 ----D---- C:\Program Files (x86)\Common Files
2015-02-12 00:18:10 ----D---- C:\Program Files (x86)\Adobe
2015-02-11 23:41:44 ----D---- C:\Windows\system32\catroot
2015-02-11 21:36:17 ----RD---- C:\Program Files (x86)\Skype
2015-02-11 21:36:17 ----D---- C:\Windows\Tasks
2015-02-11 21:36:17 ----D---- C:\Windows\AutoKMS
2015-02-11 21:36:17 ----D---- C:\Program Files (x86)\Google
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:41:50 ----RD---- C:\Program Files (x86)
2015-02-11 19:34:56 ----HD---- C:\ProgramData
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-09 21:02:24 ----D---- C:\Windows\Prefetch
2015-02-06 17:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-23 19:50:01 ----D---- C:\Windows\system32\DriverStore
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S3 a4yplqk8;a4yplqk8; C:\Windows\system32\drivers\a4yplqk8.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Pamět se trochu snížila (pak jsem ji ještě posílil tím, co jsem našel v šuplíku).
Ale využití procesoru běží pořád na 100% od nastartování PC.
Čerstvý rsitlog:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Judita at 2015-02-12 10:56:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 79 GB (35%) free of 225 GB
Total RAM: 2491 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:33, on 12.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Judita.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11817 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {C0A5415B-A77D-4D05-8EEB-79442EAA0924}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 2288
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
taskmgr.exe /3
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {D8D1E9D2-649F-41C1-BAC5-BFDBCA95E606}
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Judita\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-12 10:56:02 ----D---- C:\rsit
2015-02-12 00:04:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:04:07 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 00:04:06 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 00:04:06 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 00:04:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 00:04:04 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 00:04:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 00:04:02 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 00:04:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 00:04:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 00:04:01 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 00:04:01 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 00:03:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 00:03:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 00:03:58 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 00:03:58 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 23:57:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 23:57:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 23:57:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 23:57:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 23:57:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 23:57:24 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 23:57:24 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 23:57:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 23:57:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 23:57:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 23:57:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 23:57:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 23:57:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 23:57:15 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 23:57:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 23:57:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 23:57:13 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 23:57:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 23:57:13 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 23:57:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 23:57:12 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 23:57:10 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 23:57:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 23:57:06 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 23:57:04 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 23:57:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-11 23:57:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 23:57:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 23:57:03 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 23:57:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 23:57:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 23:57:00 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 23:56:59 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 23:56:58 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 23:56:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 23:56:56 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 23:56:55 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-11 23:56:54 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 23:56:53 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 23:56:52 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 23:56:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 23:56:49 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 23:56:46 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 23:54:50 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 23:54:49 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 23:54:49 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 23:54:48 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 23:54:48 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 23:54:47 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 23:54:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 23:54:46 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 23:54:46 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 23:54:46 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 23:54:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 23:54:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 23:54:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 23:54:44 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 23:42:53 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 23:42:53 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 23:42:51 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 23:42:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 23:08:12 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 23:08:11 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 23:07:24 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-11 23:07:24 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-02-11 23:06:57 ----A---- C:\Windows\system32\mstscax.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 19:46:46 ----A---- C:\Windows\system32\win32k.sys
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:12:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-12 10:56:31 ----D---- C:\Windows\Temp
2015-02-12 10:45:49 ----D---- C:\Windows\inf
2015-02-12 10:45:16 ----D---- C:\Windows\system32\config
2015-02-12 09:19:33 ----D---- C:\Windows\system32\catroot2
2015-02-12 09:15:08 ----D---- C:\Windows\winsxs
2015-02-12 09:13:52 ----D---- C:\Windows
2015-02-12 09:10:58 ----D---- C:\Windows\SysWOW64
2015-02-12 09:10:58 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 09:10:57 ----D---- C:\Windows\System32
2015-02-12 09:10:56 ----D---- C:\Program Files\Internet Explorer
2015-02-12 09:10:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-12 09:10:54 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-12 09:10:51 ----D---- C:\Windows\system32\en-US
2015-02-12 09:10:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 09:10:40 ----D---- C:\Windows\system32\drivers
2015-02-12 02:25:10 ----SHD---- C:\Windows\Installer
2015-02-12 02:25:08 ----D---- C:\ProgramData\Microsoft Help
2015-02-12 01:47:26 ----D---- C:\Windows\system32\MRT
2015-02-12 01:47:25 ----D---- C:\Windows\debug
2015-02-12 01:47:17 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 01:31:32 ----SHD---- C:\System Volume Information
2015-02-12 01:13:43 ----D---- C:\Windows\Panther
2015-02-12 00:18:12 ----D---- C:\ProgramData\Adobe
2015-02-12 00:18:10 ----D---- C:\Program Files (x86)\Common Files
2015-02-12 00:18:10 ----D---- C:\Program Files (x86)\Adobe
2015-02-11 23:41:44 ----D---- C:\Windows\system32\catroot
2015-02-11 21:36:17 ----RD---- C:\Program Files (x86)\Skype
2015-02-11 21:36:17 ----D---- C:\Windows\Tasks
2015-02-11 21:36:17 ----D---- C:\Windows\AutoKMS
2015-02-11 21:36:17 ----D---- C:\Program Files (x86)\Google
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:41:50 ----RD---- C:\Program Files (x86)
2015-02-11 19:34:56 ----HD---- C:\ProgramData
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-09 21:02:24 ----D---- C:\Windows\Prefetch
2015-02-06 17:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-23 19:50:01 ----D---- C:\Windows\system32\DriverStore
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S3 a4yplqk8;a4yplqk8; C:\Windows\system32\drivers\a4yplqk8.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Max výkon i paměť
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Max výkon i paměť
Odpoledne jsem se úpěnlivě věnoval aktualizaci windows, pořád něco chtěly... výkon procesoru byl pořád na 100 vůbec neklesnul... díky programu Process Explorer jsem zjistil, že nejvíce výkonu (cca 90%) si be svchost.exe
Odpoledne jsem také zakázal tři procesy po spuštění: update google, Norton Online backup a DefaultsettingEXE Aplication. Po tomto zrušení se nic zvláštního nestalo. Procesor záhy po spuštění pc vyběhl na 100% a tam setrvale zůstával.
Opustil jsem pc asi v 17:00 a po návratu cca 22:00 jsem zjistil, že ukazatel využití procesoru není na 100, ale cestuje zdá se normálně a na pc je to taky trochu znát... že by pomohly ty aktualizace?
Udělal jsem sken podle zadání (taky u něho neběžel procesor na 100 jako dřív). Zde je log:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 12.2.2015
Scan Time: 22:07:59
Logfile: mal.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.02.12.06
Rootkit Database: v2015.02.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Judita
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342526
Time Elapsed: 27 min, 12 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 10
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [31658796b7d344f249e2dd27778cf60a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [31658796b7d344f249e2dd27778cf60a],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\NCH_EN, , [494d7e9f3e4c4cea4b8b3775f40f53ad],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\apgjagobplilmcdfelodhgefiidomnfl, , [573f33ea7f0b68ce9fea49646b9825db],
Trojan.FakeAlert, HKU\S-1-5-21-1128242429-3161665266-3304842230-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\JCFSE7V7Z1, , [4650a8752b5f35012f885de721e338c8],
PUP.Optional.Conduit.A, HKU\S-1-5-21-1128242429-3161665266-3304842230-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\NCH_EN, , [d4c29a8397f38da912c56745eb18a25e],
Trojan.FakeAlert, HKU\S-1-5-21-1128242429-3161665266-3304842230-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMH2B46TDP, , [6c2aab728307b87edecd59f6d62e966a],
Malware.Trace, HKU\S-1-5-21-1128242429-3161665266-3304842230-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\Handle, , [4e48001de9a1db5b5cd489bc13f132ce],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{125B7A09-B405-46FB-95FB-96CF6B72992D}, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{125B7A09-B405-46FB-95FB-96CF6B72992D}, , [a0f6ea33008a9d99ed64a0cedc2713ed],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 41
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\AddedAppDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DefualtImages, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DetectedAppDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\EngineFirstTimeDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\Images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarUntrustedAppsApprovalDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UninstallDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAddedAppDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppApprovalDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppPendingDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Logs, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\MyStuffApps, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\RadioPlayer, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\AppsMetaData, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\DynamicDialogs, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenLogin, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenSettings, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarLogin, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarSettings, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarTranslation, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_en-us, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_en-us\ToolbarTranslation, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\SearchInNewTab, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\UserDefinedItems, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN, , [a0f6ea33008a9d99ed64a0cedc2713ed],
Files: 342
PUP.Optional.DealioTB.A, C:\Program Files (x86)\AV DVD Player Morpher\DealioToolbar-stub-1.exe, , [e6b08895345645f1546e418e5ca9c838],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hk64tbNCH0.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hk64tbNCH2.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hk64tbNCH3.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hktbNCH0.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hktbNCH2.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hktbNCH3.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ldrtbNCH0.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ldrtbNCH2.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ldrtbNCH3.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ldrtbNCH_.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH0.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH1.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH2.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH3.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH_.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ThirdPartyComponents.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\toolbar.cfg, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642233431250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634733954948152887_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634787844809773210_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634816859809670790_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_PopUpBlocker-03_gif-Shiny-634223929360968750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_bankimages_commandcomps_block_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_MarketPlace_2e_33e_2ec9e65c-72a4-4035-8a0e-06a6f1e0533e_Appearance_634394279015031252_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_MarketPlace_38_2ca_3891fffa-0564-431b-a0b7-b94ea9f192ca_Thumbnail_634653519259561565_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_MarketPlace_92_fdd_9278f259-cbb0-4e3b-9711-e13d36f55fdd_Thumbnail_634374241400443754_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_drizzle_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_hazy_night_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_mostly_cloudy_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_night_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_night_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633637555161093750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734198268750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734567800000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735080143750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735423893750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735924518750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736222643750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736543268750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736904987500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737605925000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738350925000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_45_203_CT2038145_Images_633628017266675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633637554254375000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_Menu_uninstall-icon_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642638587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642673743750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642707181250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642737650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642769212500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642807650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642838431250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642876556250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643356868750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643398431250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643436087500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643468587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643505775000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643543431250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643598275000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643637650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643682493750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642273587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642308275000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642347650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642391868750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642426400000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642461087500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642507025000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642551400000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643754681250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643795931250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643839993750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633936819456468750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634223252648000000_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634223252976750000_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634223254379406250_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634223255083468750_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634709842924903382_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634709843396778382_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642967493750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643010775000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643052806250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643105150000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643143900000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643184212500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643245462500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643283275000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738403581250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738499675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738555300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738609987500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655641918900000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642019837500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642057650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642098587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642135462500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642176400000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737647487500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737682800000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737718737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737755456250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737804987500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737880612500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737917018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737956550000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737988425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738030300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738178112500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738224675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738258425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738311393750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633637556125468750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633637557088906250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654716861862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654716928737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654717003737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654717076393750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654717188112500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654733928425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654733969518750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734005143750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734064206250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734099518750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734144831250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736937643750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736969518750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737014050000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737065612500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737144050000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737428268750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737462018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737494675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737531706250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737572331250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736592018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736642175000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736686862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736728737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736765456250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736832018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736867487500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736253112500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736296237500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736337331250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736374831250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736409675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736449675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736489675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642588275000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642916400000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643319056250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643718587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634723732255026399_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_games_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_MarketPlace_07_ddd_07caac71-eac9-4963-9fa6-f6c1cc836ddd_Appearance_634581083935348787_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735957800000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735999987500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736038893750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736078737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736116706250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736145768750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736175300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735467331250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735526550000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735566081250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735597643750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735635300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735672487500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735702018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735734362500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735772956250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735806393750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735840300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735883268750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735121862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735153112500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735187487500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735227018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735260300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735296393750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735342175000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735383893750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734629831250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734684050000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734761862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734850768750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734920300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734953737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734993425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735038893750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734242800000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734306862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734346081250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734383425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734427175000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734476706250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734525300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_mail_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_news_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_notepad_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_timer_alarm_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_tools_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_eula_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_silkset_control_play_blue_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_about_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_configure_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\RoundedCornersIE9.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DialogsAPI.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\excanvas.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\generalDialogStyle.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\PIE.htc, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\RoundedCorners.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\settings.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\version.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\AddedAppDialog\app-added.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\AddedAppDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DefualtImages\icon.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DetectedAppDialog\app-2go.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DetectedAppDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\EngineFirstTimeDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\EngineFirstTimeDialog\right-click.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\SearchProtector.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\SearchProtector.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\images\ok-button.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\images\separation-line.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\images\warning.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\bubble.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\bubble.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\information.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\SearchProtector.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\SearchProtector.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\Images\info.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\Images\ok-on.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\Images\ok.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\divider.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAddedAppDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppApprovalDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppPendingDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\AccountTypes.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\aol.com.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\comcast.net.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\google.com.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\hotmail.com.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\yahoo.com.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en-us.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en-us&ctid=CT2801948.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en-us.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en-us&ctid=CT2801948.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en-us&ctid=CT2801948.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en-us.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en-us&ctid=CT2801948&UM=UM_UNINSTALL_ID.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en-us&ctid=CT2801948.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en-us.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\RadioPlayer\IP_Stations_Media_List.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\RadioPlayer\Predefined_Media_List.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\AppsMetaData\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\AppsMetaData\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\DynamicDialogs\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\DynamicDialogs\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenLogin\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenSettings\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenSettings\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarLogin\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarLogin\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarSettings\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarSettings\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarTranslation\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarTranslation\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_en-us\ToolbarTranslation\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_en-us\ToolbarTranslation\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\SearchInNewTab\SearchInNewTabContent.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\GottenAppsContextMenu.xml, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\ldrtbNCH_.dll, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\NCH_ENToolbarHelper.exe, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\OtherAppsContextMenu.xml, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\SharedAppsContextMenu.xml, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\tbNCH_.dll, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\toolbar.cfg, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\ToolbarContextMenu.xml, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\uninstall.exe, , [a0f6ea33008a9d99ed64a0cedc2713ed],
Physical Sectors: 0
(No malicious items detected)
(end)
Odpoledne jsem také zakázal tři procesy po spuštění: update google, Norton Online backup a DefaultsettingEXE Aplication. Po tomto zrušení se nic zvláštního nestalo. Procesor záhy po spuštění pc vyběhl na 100% a tam setrvale zůstával.
Opustil jsem pc asi v 17:00 a po návratu cca 22:00 jsem zjistil, že ukazatel využití procesoru není na 100, ale cestuje zdá se normálně a na pc je to taky trochu znát... že by pomohly ty aktualizace?
Udělal jsem sken podle zadání (taky u něho neběžel procesor na 100 jako dřív). Zde je log:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 12.2.2015
Scan Time: 22:07:59
Logfile: mal.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.02.12.06
Rootkit Database: v2015.02.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Judita
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342526
Time Elapsed: 27 min, 12 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 10
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [31658796b7d344f249e2dd27778cf60a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [31658796b7d344f249e2dd27778cf60a],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\NCH_EN, , [494d7e9f3e4c4cea4b8b3775f40f53ad],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\apgjagobplilmcdfelodhgefiidomnfl, , [573f33ea7f0b68ce9fea49646b9825db],
Trojan.FakeAlert, HKU\S-1-5-21-1128242429-3161665266-3304842230-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\JCFSE7V7Z1, , [4650a8752b5f35012f885de721e338c8],
PUP.Optional.Conduit.A, HKU\S-1-5-21-1128242429-3161665266-3304842230-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\NCH_EN, , [d4c29a8397f38da912c56745eb18a25e],
Trojan.FakeAlert, HKU\S-1-5-21-1128242429-3161665266-3304842230-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMH2B46TDP, , [6c2aab728307b87edecd59f6d62e966a],
Malware.Trace, HKU\S-1-5-21-1128242429-3161665266-3304842230-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\Handle, , [4e48001de9a1db5b5cd489bc13f132ce],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{125B7A09-B405-46FB-95FB-96CF6B72992D}, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{125B7A09-B405-46FB-95FB-96CF6B72992D}, , [a0f6ea33008a9d99ed64a0cedc2713ed],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 41
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\AddedAppDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DefualtImages, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DetectedAppDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\EngineFirstTimeDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\Images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarUntrustedAppsApprovalDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UninstallDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAddedAppDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppApprovalDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppPendingDialog, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Logs, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\MyStuffApps, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\RadioPlayer, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\AppsMetaData, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\DynamicDialogs, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenLogin, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenSettings, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarLogin, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarSettings, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarTranslation, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_en-us, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_en-us\ToolbarTranslation, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\SearchInNewTab, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\UserDefinedItems, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN, , [a0f6ea33008a9d99ed64a0cedc2713ed],
Files: 342
PUP.Optional.DealioTB.A, C:\Program Files (x86)\AV DVD Player Morpher\DealioToolbar-stub-1.exe, , [e6b08895345645f1546e418e5ca9c838],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hk64tbNCH0.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hk64tbNCH2.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hk64tbNCH3.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hktbNCH0.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hktbNCH2.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\hktbNCH3.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ldrtbNCH0.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ldrtbNCH2.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ldrtbNCH3.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ldrtbNCH_.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH0.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH1.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH2.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH3.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\tbNCH_.dll, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ThirdPartyComponents.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\toolbar.cfg, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642233431250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634733954948152887_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634787844809773210_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634816859809670790_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_PopUpBlocker-03_gif-Shiny-634223929360968750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_bankimages_commandcomps_block_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_MarketPlace_2e_33e_2ec9e65c-72a4-4035-8a0e-06a6f1e0533e_Appearance_634394279015031252_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_MarketPlace_38_2ca_3891fffa-0564-431b-a0b7-b94ea9f192ca_Thumbnail_634653519259561565_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_MarketPlace_92_fdd_9278f259-cbb0-4e3b-9711-e13d36f55fdd_Thumbnail_634374241400443754_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_drizzle_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_hazy_night_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_mostly_cloudy_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_night_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_night_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633637555161093750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734198268750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734567800000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735080143750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735423893750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735924518750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736222643750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736543268750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736904987500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737605925000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738350925000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_45_203_CT2038145_Images_633628017266675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633637554254375000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_Menu_uninstall-icon_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642638587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642673743750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642707181250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642737650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642769212500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642807650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642838431250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642876556250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643356868750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643398431250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643436087500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643468587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643505775000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643543431250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643598275000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643637650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643682493750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642273587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642308275000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642347650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642391868750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642426400000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642461087500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642507025000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642551400000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643754681250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643795931250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643839993750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633936819456468750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634223252648000000_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634223252976750000_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634223254379406250_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_634223255083468750_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634709842924903382_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634709843396778382_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642967493750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643010775000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643052806250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643105150000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643143900000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643184212500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643245462500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643283275000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738403581250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738499675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738555300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738609987500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655641918900000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642019837500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642057650000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642098587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642135462500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642176400000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737647487500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737682800000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737718737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737755456250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737804987500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737880612500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737917018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737956550000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737988425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738030300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738178112500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738224675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738258425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654738311393750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633637556125468750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633637557088906250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654716861862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654716928737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654717003737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654717076393750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654717188112500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654733928425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654733969518750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734005143750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734064206250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734099518750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734144831250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736937643750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736969518750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737014050000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737065612500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737144050000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737428268750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737462018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737494675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737531706250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654737572331250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736592018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736642175000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736686862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736728737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736765456250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736832018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736867487500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736253112500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736296237500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736337331250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736374831250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736409675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736449675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736489675000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642588275000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655642916400000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643319056250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633655643718587500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_images_634723732255026399_24PX_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_games_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_MarketPlace_07_ddd_07caac71-eac9-4963-9fa6-f6c1cc836ddd_Appearance_634581083935348787_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735957800000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735999987500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736038893750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736078737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736116706250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736145768750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654736175300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735467331250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735526550000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735566081250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735597643750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735635300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735672487500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735702018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735734362500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735772956250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735806393750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735840300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735883268750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735121862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735153112500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735187487500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735227018750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735260300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735296393750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735342175000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735383893750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734629831250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734684050000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734761862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734850768750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734920300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734953737500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734993425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654735038893750_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734242800000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734306862500_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734346081250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734383425000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734427175000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734476706250_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_48_280_CT2801948_Images_633654734525300000_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_mail_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_news_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_notepad_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_timer_alarm_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_tools_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_eula_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_silkset_control_play_blue_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_about_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\CacheIcons\http___storage_conduit_com_BankImages_vectoria_configure_gif.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\RoundedCornersIE9.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DialogsAPI.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\excanvas.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\generalDialogStyle.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\PIE.htc, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\RoundedCorners.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\settings.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\version.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\AddedAppDialog\app-added.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\AddedAppDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DefualtImages\icon.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DetectedAppDialog\app-2go.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\DetectedAppDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\EngineFirstTimeDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\EngineFirstTimeDialog\right-click.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\SearchProtector.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\SearchProtector.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\images\ok-button.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\images\separation-line.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\NewSearchProtectorDialog\images\warning.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\bubble.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\bubble.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\information.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\SearchProtector.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\SearchProtector.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\Images\info.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\Images\ok-on.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorDialog\Images\ok.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\divider.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAddedAppDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppApprovalDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppPendingDialog\main.html, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\AccountTypes.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\aol.com.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\comcast.net.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\google.com.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\hotmail.com.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\EmailNotifier\yahoo.com.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en-us.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en-us&ctid=CT2801948.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en-us.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en-us&ctid=CT2801948.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en-us&ctid=CT2801948.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en-us.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en-us&ctid=CT2801948&UM=UM_UNINSTALL_ID.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en-us&ctid=CT2801948.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en-us.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\RadioPlayer\IP_Stations_Media_List.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\RadioPlayer\Predefined_Media_List.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\AppsMetaData\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\AppsMetaData\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\DynamicDialogs\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\DynamicDialogs\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenLogin\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenSettings\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarHiddenSettings\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarLogin\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarLogin\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarSettings\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarSettings\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarTranslation\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_CT2801948\ToolbarTranslation\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_en-us\ToolbarTranslation\data.bck.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\Repository\conduit_CT2801948_en-us\ToolbarTranslation\data.txt, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Users\Judita\AppData\LocalLow\NCH_EN\SearchInNewTab\SearchInNewTabContent.xml, , [c2d4f528ed9dfe38c789b6b84bb8ca36],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\GottenAppsContextMenu.xml, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\ldrtbNCH_.dll, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\NCH_ENToolbarHelper.exe, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\OtherAppsContextMenu.xml, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\SharedAppsContextMenu.xml, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\tbNCH_.dll, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\toolbar.cfg, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\ToolbarContextMenu.xml, , [a0f6ea33008a9d99ed64a0cedc2713ed],
PUP.Optional.Conduit.A, C:\Program Files (x86)\NCH_EN\uninstall.exe, , [a0f6ea33008a9d99ed64a0cedc2713ed],
Physical Sectors: 0
(No malicious items detected)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Max výkon i paměť
Možná pomohly, v každém případě ale smažte vše, co MBAM nalezl.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Max výkon i paměť
jásání bylo evidentně předčasné..
vymazáno
nový rsit log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Judita at 2015-02-13 22:07:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 82 GB (36%) free of 225 GB
Total RAM: 2491 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:08:07, on 13.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\trend micro\Judita.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11742 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {BDAD0211-F4CD-4D41-AE4E-95DB5B643306}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 2632
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
taskmgr.exe /3
C:\Windows\system32\sppsvc.exe
wmiadap.exe /F /T /R
"C:\Windows\system32\wuauclt.exe"
"C:\Users\Judita\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2009-12-14 206072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-13 11:34:08 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-13 11:33:41 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-13 11:33:41 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-13 11:33:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-13 11:33:36 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-13 11:33:36 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-13 11:33:35 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-13 11:33:35 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-13 11:33:35 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-13 11:33:35 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-13 11:33:35 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-13 11:33:34 ----A---- C:\Windows\system32\wksprt.exe
2015-02-13 11:33:33 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-13 11:33:32 ----A---- C:\Windows\system32\mstsc.exe
2015-02-13 11:33:30 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-13 11:33:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-13 11:33:28 ----A---- C:\Windows\system32\mstscax.dll
2015-02-13 11:33:27 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-13 10:31:07 ----SHD---- C:\Config.Msi
2015-02-13 10:08:44 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-13 10:08:23 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-02-13 10:07:52 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2015-02-13 10:07:50 ----A---- C:\Windows\system32\rdpudd.dll
2015-02-13 10:07:49 ----A---- C:\Windows\system32\rdpendp_winip.dll
2015-02-13 10:07:45 ----A---- C:\Windows\system32\rdpcorets.dll
2015-02-13 09:58:10 ----A---- C:\Windows\system32\powertracker.dll
2015-02-13 09:58:09 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-13 09:58:09 ----A---- C:\Windows\system32\wdi.dll
2015-02-13 09:58:09 ----A---- C:\Windows\system32\perftrack.dll
2015-02-13 09:51:19 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-13 09:51:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-13 09:51:15 ----A---- C:\Windows\system32\jscript9.dll
2015-02-13 09:51:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 22:06:54 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-02-12 22:05:59 ----D---- C:\ProgramData\Malwarebytes
2015-02-12 22:05:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-12 22:05:59 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-02-12 22:05:59 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-02-12 22:05:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-02-12 16:54:48 ----A---- C:\Windows\system32\generaltel.dll
2015-02-12 16:54:48 ----A---- C:\Windows\system32\appraiser.dll
2015-02-12 16:54:47 ----A---- C:\Windows\system32\invagent.dll
2015-02-12 16:54:47 ----A---- C:\Windows\system32\aeinv.dll
2015-02-12 16:54:46 ----A---- C:\Windows\system32\devinv.dll
2015-02-12 16:54:46 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-12 16:54:44 ----A---- C:\Windows\system32\aepdu.dll
2015-02-12 16:54:42 ----A---- C:\Windows\system32\aepic.dll
2015-02-12 10:56:02 ----D---- C:\rsit
2015-02-12 00:04:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:04:07 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 00:04:06 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 00:04:06 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 00:04:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 00:04:04 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 00:04:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 00:04:02 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 00:04:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 00:04:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 00:04:01 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 00:04:01 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 00:03:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 00:03:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 00:03:58 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 00:03:58 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 23:57:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 23:57:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 23:57:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 23:57:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 23:57:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 23:57:24 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 23:57:24 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 23:57:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 23:57:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 23:57:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 23:57:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 23:57:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 23:57:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 23:57:15 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 23:57:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 23:57:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 23:57:13 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 23:57:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 23:57:13 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 23:57:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 23:57:12 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 23:57:10 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 23:57:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 23:57:06 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 23:57:04 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 23:57:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 23:57:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 23:57:03 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 23:57:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 23:57:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 23:57:00 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 23:56:59 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 23:56:58 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 23:56:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 23:56:56 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 23:56:53 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 23:56:52 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 23:56:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 23:56:49 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 23:56:46 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 23:54:50 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 23:54:49 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 23:54:49 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 23:54:48 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 23:54:48 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 23:54:47 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 23:54:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 23:54:46 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 23:54:46 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 23:54:46 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 23:54:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 23:54:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 23:54:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 23:54:44 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 23:42:53 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 23:42:53 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 23:42:51 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 23:42:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 23:08:12 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 23:08:11 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 19:46:46 ----A---- C:\Windows\system32\win32k.sys
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-13 22:07:57 ----D---- C:\Windows\Temp
2015-02-13 22:05:18 ----D---- C:\Windows\Prefetch
2015-02-13 22:00:54 ----D---- C:\Windows\inf
2015-02-13 22:00:39 ----D---- C:\Windows\system32\config
2015-02-13 21:59:25 ----D---- C:\Windows
2015-02-13 21:56:20 ----RD---- C:\Program Files (x86)
2015-02-13 21:56:10 ----D---- C:\Program Files (x86)\AV DVD Player Morpher
2015-02-13 18:15:45 ----D---- C:\Windows\rescache
2015-02-13 17:36:11 ----D---- C:\Windows\debug
2015-02-13 17:00:40 ----D---- C:\Windows\Microsoft.NET
2015-02-13 17:00:39 ----RSD---- C:\Windows\assembly
2015-02-13 13:30:26 ----D---- C:\Windows\System32
2015-02-13 13:30:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-13 13:18:02 ----D---- C:\Windows\winsxs
2015-02-13 13:14:40 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-13 13:14:40 ----D---- C:\Windows\SysWOW64
2015-02-13 13:14:40 ----D---- C:\Windows\system32\en-US
2015-02-13 13:14:39 ----D---- C:\Windows\tracing
2015-02-13 13:14:39 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-13 13:14:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-13 13:14:39 ----D---- C:\Windows\system32\wbem
2015-02-13 13:14:39 ----D---- C:\Windows\system32\drivers\en-US
2015-02-13 13:14:39 ----D---- C:\Windows\system32\drivers
2015-02-13 13:14:39 ----D---- C:\Windows\system32\cs-CZ
2015-02-13 13:14:38 ----D---- C:\Windows\PolicyDefinitions
2015-02-13 13:14:33 ----D---- C:\Windows\system32\DriverStore
2015-02-13 11:32:16 ----SHD---- C:\Windows\Installer
2015-02-13 10:54:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-13 10:04:31 ----SHD---- C:\System Volume Information
2015-02-13 09:40:31 ----D---- C:\Windows\system32\catroot2
2015-02-13 08:25:02 ----SD---- C:\Windows\system32\CompatTel
2015-02-13 08:25:02 ----D---- C:\Windows\system32\appraiser
2015-02-13 08:21:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-12 22:05:59 ----HD---- C:\ProgramData
2015-02-12 09:10:56 ----D---- C:\Program Files\Internet Explorer
2015-02-12 09:10:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 02:25:08 ----D---- C:\ProgramData\Microsoft Help
2015-02-12 02:05:13 ----D---- C:\Windows\system32\MRT
2015-02-12 01:47:17 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 01:13:43 ----D---- C:\Windows\Panther
2015-02-12 00:18:12 ----D---- C:\ProgramData\Adobe
2015-02-12 00:18:10 ----D---- C:\Program Files (x86)\Common Files
2015-02-12 00:18:10 ----D---- C:\Program Files (x86)\Adobe
2015-02-11 23:41:44 ----D---- C:\Windows\system32\catroot
2015-02-11 21:36:17 ----RD---- C:\Program Files (x86)\Skype
2015-02-11 21:36:17 ----D---- C:\Windows\Tasks
2015-02-11 21:36:17 ----D---- C:\Windows\AutoKMS
2015-02-11 21:36:17 ----D---- C:\Program Files (x86)\Google
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:34:49 ----D---- C:\ProgramData\ICQ
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-02-13 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S3 a4mjhlo7;a4mjhlo7; C:\Windows\system32\drivers\a4mjhlo7.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
vymazáno
nový rsit log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Judita at 2015-02-13 22:07:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 82 GB (36%) free of 225 GB
Total RAM: 2491 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:08:07, on 13.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\trend micro\Judita.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11742 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {BDAD0211-F4CD-4D41-AE4E-95DB5B643306}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 2632
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
taskmgr.exe /3
C:\Windows\system32\sppsvc.exe
wmiadap.exe /F /T /R
"C:\Windows\system32\wuauclt.exe"
"C:\Users\Judita\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.2.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}10242010180103
C:\Users\Judita\AppData\Roaming\Mozilla\Firefox\Profiles\whpy3k55.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-03 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-03 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-01-19 832544]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Judita\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2009-12-14 206072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-05-18 296056]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-31 5227112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-13 11:34:08 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-13 11:33:41 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-13 11:33:41 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-13 11:33:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-13 11:33:36 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-13 11:33:36 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-13 11:33:35 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-13 11:33:35 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-13 11:33:35 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-13 11:33:35 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-13 11:33:35 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-13 11:33:34 ----A---- C:\Windows\system32\wksprt.exe
2015-02-13 11:33:33 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-13 11:33:32 ----A---- C:\Windows\system32\mstsc.exe
2015-02-13 11:33:30 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-13 11:33:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-13 11:33:28 ----A---- C:\Windows\system32\mstscax.dll
2015-02-13 11:33:27 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-13 10:31:07 ----SHD---- C:\Config.Msi
2015-02-13 10:08:44 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-13 10:08:23 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-02-13 10:07:52 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2015-02-13 10:07:50 ----A---- C:\Windows\system32\rdpudd.dll
2015-02-13 10:07:49 ----A---- C:\Windows\system32\rdpendp_winip.dll
2015-02-13 10:07:45 ----A---- C:\Windows\system32\rdpcorets.dll
2015-02-13 09:58:10 ----A---- C:\Windows\system32\powertracker.dll
2015-02-13 09:58:09 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-13 09:58:09 ----A---- C:\Windows\system32\wdi.dll
2015-02-13 09:58:09 ----A---- C:\Windows\system32\perftrack.dll
2015-02-13 09:51:19 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-13 09:51:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-13 09:51:15 ----A---- C:\Windows\system32\jscript9.dll
2015-02-13 09:51:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 22:06:54 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-02-12 22:05:59 ----D---- C:\ProgramData\Malwarebytes
2015-02-12 22:05:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-12 22:05:59 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-02-12 22:05:59 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-02-12 22:05:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-02-12 16:54:48 ----A---- C:\Windows\system32\generaltel.dll
2015-02-12 16:54:48 ----A---- C:\Windows\system32\appraiser.dll
2015-02-12 16:54:47 ----A---- C:\Windows\system32\invagent.dll
2015-02-12 16:54:47 ----A---- C:\Windows\system32\aeinv.dll
2015-02-12 16:54:46 ----A---- C:\Windows\system32\devinv.dll
2015-02-12 16:54:46 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-12 16:54:44 ----A---- C:\Windows\system32\aepdu.dll
2015-02-12 16:54:42 ----A---- C:\Windows\system32\aepic.dll
2015-02-12 10:56:02 ----D---- C:\rsit
2015-02-12 00:04:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:04:07 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 00:04:06 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 00:04:06 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 00:04:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 00:04:04 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 00:04:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 00:04:02 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 00:04:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 00:04:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 00:04:01 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 00:04:01 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 00:04:01 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 00:04:00 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 00:04:00 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 00:03:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 00:03:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 00:03:58 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 00:03:58 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 23:57:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 23:57:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 23:57:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 23:57:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 23:57:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 23:57:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 23:57:24 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 23:57:24 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 23:57:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 23:57:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 23:57:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 23:57:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 23:57:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 23:57:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 23:57:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 23:57:15 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 23:57:14 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 23:57:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 23:57:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 23:57:13 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 23:57:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 23:57:13 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 23:57:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 23:57:12 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 23:57:10 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 23:57:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 23:57:06 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 23:57:04 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 23:57:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 23:57:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 23:57:03 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 23:57:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 23:57:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 23:57:00 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 23:56:59 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 23:56:58 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 23:56:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 23:56:56 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 23:56:53 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 23:56:52 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 23:56:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 23:56:49 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 23:56:46 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 23:54:50 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 23:54:49 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 23:54:49 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 23:54:48 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 23:54:48 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 23:54:47 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 23:54:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 23:54:46 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 23:54:46 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 23:54:46 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 23:54:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 23:54:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 23:54:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 23:54:44 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 23:42:53 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 23:42:53 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 23:42:51 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 23:42:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 23:08:12 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 23:08:11 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 23:05:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 23:04:51 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 19:46:46 ----A---- C:\Windows\system32\win32k.sys
2015-02-11 19:26:16 ----D---- C:\AdwCleaner
2015-02-11 19:13:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-11 18:58:06 ----D---- C:\Program Files\trend micro
2015-01-27 20:36:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-23 19:44:30 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-16 21:12:46 ----A---- C:\Windows\system32\profsvc.dll
2015-01-16 21:12:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-16 21:12:43 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-16 21:12:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-16 21:11:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-02-13 22:07:57 ----D---- C:\Windows\Temp
2015-02-13 22:05:18 ----D---- C:\Windows\Prefetch
2015-02-13 22:00:54 ----D---- C:\Windows\inf
2015-02-13 22:00:39 ----D---- C:\Windows\system32\config
2015-02-13 21:59:25 ----D---- C:\Windows
2015-02-13 21:56:20 ----RD---- C:\Program Files (x86)
2015-02-13 21:56:10 ----D---- C:\Program Files (x86)\AV DVD Player Morpher
2015-02-13 18:15:45 ----D---- C:\Windows\rescache
2015-02-13 17:36:11 ----D---- C:\Windows\debug
2015-02-13 17:00:40 ----D---- C:\Windows\Microsoft.NET
2015-02-13 17:00:39 ----RSD---- C:\Windows\assembly
2015-02-13 13:30:26 ----D---- C:\Windows\System32
2015-02-13 13:30:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-13 13:18:02 ----D---- C:\Windows\winsxs
2015-02-13 13:14:40 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-13 13:14:40 ----D---- C:\Windows\SysWOW64
2015-02-13 13:14:40 ----D---- C:\Windows\system32\en-US
2015-02-13 13:14:39 ----D---- C:\Windows\tracing
2015-02-13 13:14:39 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-13 13:14:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-13 13:14:39 ----D---- C:\Windows\system32\wbem
2015-02-13 13:14:39 ----D---- C:\Windows\system32\drivers\en-US
2015-02-13 13:14:39 ----D---- C:\Windows\system32\drivers
2015-02-13 13:14:39 ----D---- C:\Windows\system32\cs-CZ
2015-02-13 13:14:38 ----D---- C:\Windows\PolicyDefinitions
2015-02-13 13:14:33 ----D---- C:\Windows\system32\DriverStore
2015-02-13 11:32:16 ----SHD---- C:\Windows\Installer
2015-02-13 10:54:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-13 10:04:31 ----SHD---- C:\System Volume Information
2015-02-13 09:40:31 ----D---- C:\Windows\system32\catroot2
2015-02-13 08:25:02 ----SD---- C:\Windows\system32\CompatTel
2015-02-13 08:25:02 ----D---- C:\Windows\system32\appraiser
2015-02-13 08:21:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-12 22:05:59 ----HD---- C:\ProgramData
2015-02-12 09:10:56 ----D---- C:\Program Files\Internet Explorer
2015-02-12 09:10:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 02:25:08 ----D---- C:\ProgramData\Microsoft Help
2015-02-12 02:05:13 ----D---- C:\Windows\system32\MRT
2015-02-12 01:47:17 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 01:13:43 ----D---- C:\Windows\Panther
2015-02-12 00:18:12 ----D---- C:\ProgramData\Adobe
2015-02-12 00:18:10 ----D---- C:\Program Files (x86)\Common Files
2015-02-12 00:18:10 ----D---- C:\Program Files (x86)\Adobe
2015-02-11 23:41:44 ----D---- C:\Windows\system32\catroot
2015-02-11 21:36:17 ----RD---- C:\Program Files (x86)\Skype
2015-02-11 21:36:17 ----D---- C:\Windows\Tasks
2015-02-11 21:36:17 ----D---- C:\Windows\AutoKMS
2015-02-11 21:36:17 ----D---- C:\Program Files (x86)\Google
2015-02-11 20:12:23 ----D---- C:\Windows\system32\Tasks
2015-02-11 20:09:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-11 19:34:49 ----D---- C:\ProgramData\ICQ
2015-02-11 18:58:06 ----D---- C:\Program Files
2015-02-11 18:40:02 ----D---- C:\Users\Judita\AppData\Roaming\PhotoScape
2015-02-11 18:40:01 ----D---- C:\Users\Judita\AppData\Roaming\Skype
2015-02-11 18:35:14 ----D---- C:\Windows\Minidump
2015-02-11 18:35:14 ----D---- C:\Windows\Logs
2015-02-11 18:26:59 ----D---- C:\Program Files\CCleaner
2015-02-04 22:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-18 10:48:15 ----D---- C:\Users\Judita\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-03 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-30 503352]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-03 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-03 436624]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-03 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-03 116728]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-02-13 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S3 a4mjhlo7;a4mjhlo7; C:\Windows\system32\drivers\a4mjhlo7.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-01-03 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-19 842784]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-11 114800]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Max výkon i paměť
Log je OK. Který proces nejvíc zatěžuje systém?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?