Prosil bych o kontrolu

Zpráva

Tomas 34 · #1 Příspěvek od **Tomas 34** » 08 led 2016 23:05

Logfile of random's system information tool 1.10 (written by random/random)
Run by Rodina at 2016-01-08 23:00:19
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 732 GB (77%) free of 954 GB
Total RAM: 4041 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:00:55, on 8.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\VM305_STI.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Rodina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - (no file)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BigDog305] C:\Windows\VM305_STI.EXE USB PC Camera VC305
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10060 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch

#2 Příspěvek od **Márty84** » 09 led 2016 08:56

Zdravim

Log neni cely, potreboval bych videt i ten zbytek. Chybi toho hooodne

Tomas 34 · #3 Příspěvek od **Tomas 34** » 09 led 2016 12:57

Jáj, pardon. Špatně se mi to zkopírovalo

Posílám tedy už celý.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Rodina at 2016-01-09 12:49:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 730 GB (76%) free of 954 GB
Total RAM: 4041 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:49:20, on 9.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\VM305_STI.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Rodina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - (no file)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BigDog305] C:\Windows\VM305_STI.EXE USB PC Camera VC305
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10060 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {1AE7D45F-105C-48FC-B62E-851F6D40B7EE}
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" -startup
"C:\Program Files\Logitech\SetPoint\SetPoint.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe"
KHALMNPR.EXE /API
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Windows\VM305_STI.EXE" USB PC Camera VC305
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Users\Rodina\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job - C:\Program Files (x86)\TuneUp Utilities 2008\OneClickStarter.exe /schedulestart
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\esdd1qti.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.66.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppluginrichmediaplayer.dll

C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\esdd1qti.default\searchplugins\
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-08 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-08 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-01-23 134416]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-11-22 1127592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-26 291608]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-07-27 495616]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-03-27 73832]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-08 7021880]
"BigDog305"=C:\Windows\VM305_STI.EXE [2007-01-05 61440]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-11-09 596528]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-01-08 22:48:05 ----D---- C:\Windows\pss
2016-01-08 19:39:18 ----SHD---- C:\Config.Msi
2016-01-08 18:05:41 ----D---- C:\Users\Rodina\AppData\Roaming\FreeFixer
2016-01-08 18:05:34 ----D---- C:\Program Files\FreeFixer
2016-01-08 17:01:02 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-08 17:00:06 ----A---- C:\Windows\avastSS.scr
2016-01-08 16:54:26 ----D---- C:\Users\Rodina\AppData\Roaming\Seznam.cz
2016-01-07 13:51:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-12-26 22:30:58 ----D---- C:\Program Files (x86)\Quake III (Upragde)

======List of files/folders modified in the last 1 month======

2016-01-09 12:49:19 ----D---- C:\Windows\temp
2016-01-09 12:49:19 ----D---- C:\Program Files\trend micro
2016-01-09 12:46:47 ----D---- C:\Windows\System32
2016-01-09 12:46:47 ----D---- C:\Windows\inf
2016-01-09 12:46:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-09 12:44:50 ----A---- C:\Windows\SYSWOW64\log.txt
2016-01-08 22:55:33 ----D---- C:\Windows\system32\NDF
2016-01-08 22:54:26 ----SHD---- C:\System Volume Information
2016-01-08 22:48:05 ----D---- C:\Windows
2016-01-08 22:19:33 ----D---- C:\Program Files (x86)\AMD APP
2016-01-08 20:41:24 ----D---- C:\Windows\system32\config
2016-01-08 20:18:57 ----D---- C:\Windows\system32\wbem
2016-01-08 20:18:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 20:18:24 ----D---- C:\Program Files (x86)\Claw
2016-01-08 20:18:21 ----D---- C:\SuperChargerProfile
2016-01-08 20:18:20 ----D---- C:\Users\Rodina\AppData\Roaming\Skype
2016-01-08 20:18:20 ----D---- C:\Users\Rodina\AppData\Roaming\IrfanView
2016-01-08 20:18:20 ----D---- C:\Users\Rodina\AppData\Roaming\GHISLER
2016-01-08 20:18:19 ----D---- C:\Windows\system32\DriverStore
2016-01-08 20:18:19 ----D---- C:\Windows\system32\drivers
2016-01-08 20:18:19 ----D---- C:\Windows\system32\CodeIntegrity
2016-01-08 20:18:19 ----D---- C:\Windows\system32\catroot2
2016-01-08 20:18:19 ----D---- C:\Windows\AppCompat
2016-01-08 20:18:18 ----D---- C:\Windows\winsxs
2016-01-08 20:18:18 ----D---- C:\Windows\Tasks
2016-01-08 20:18:18 ----D---- C:\Windows\SysWOW64
2016-01-08 20:18:18 ----D---- C:\Windows\system32\Tasks
2016-01-08 20:18:18 ----D---- C:\Windows\registration
2016-01-08 20:06:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-01-08 20:04:47 ----D---- C:\Games
2016-01-08 20:03:21 ----D---- C:\Program Files (x86)\Valve
2016-01-08 20:02:31 ----RD---- C:\Program Files (x86)
2016-01-08 20:00:06 ----D---- C:\Oblivione
2016-01-08 19:46:12 ----SHD---- C:\Windows\Installer
2016-01-08 19:41:00 ----D---- C:\Program Files (x86)\Common Files
2016-01-08 19:40:50 ----D---- C:\Program Files (x86)\Nero
2016-01-08 19:40:03 ----D---- C:\ProgramData\Nero
2016-01-08 19:24:00 ----D---- C:\Program Files (x86)\a626359a-9b8e-4c1b-b28a-b86d55d0ff09
2016-01-08 19:05:52 ----D---- C:\Users\Rodina\AppData\Roaming\uTorrent
2016-01-08 19:05:52 ----D---- C:\Users\Rodina\AppData\Roaming\DAEMON Tools Lite
2016-01-08 18:05:34 ----D---- C:\Program Files
2016-01-08 16:55:00 ----D---- C:\Windows\Prefetch
2016-01-08 00:41:03 ----D---- C:\Program Files\Diablo II
2015-12-30 06:21:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-12-23 00:38:02 ----A---- C:\Windows\win.ini
2015-12-23 00:37:55 ----D---- C:\Program Files (x86)\Worms Armageddon

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-01-08 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-01-08 273784]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2012-03-26 19224]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-11-15 458584]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-01-08 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-08 1055560]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-08 451040]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-19 283064]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-02-21 613720]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2012-12-13 450136]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-01-08 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-01-08 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-01-08 155304]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 33712]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 460288]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-01-23 51984]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-01-23 48912]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2012-07-24 46016]
S3 L8042Kbd;SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-01-23 35600]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vvftav;vvftav; C:\Windows\system32\drivers\vvftav.sys [2007-02-02 300800]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001); C:\Windows\system32\drivers\WPRO_41_2001.sys [2012-11-07 34752]
S3 ZSMC0305;USB PC Camera VC305; C:\Windows\System32\Drivers\usbVM305.sys [2007-03-08 1541120]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-08 226440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 828072]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-29 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-29 277784]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-06-29 136704]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-29 363800]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-03-27 2447888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-30 269504]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-07 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2013-02-22 497920]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-11 1255736]

-----------------EOF-----------------

#4 Příspěvek od **Márty84** » 09 led 2016 20:12

Jedna se ciste jen o prevenci, nebo je i nejaky konkretni problem?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Tomas 34 · #5 Příspěvek od **Tomas 34** » 10 led 2016 15:03

Jedná se spíše jen čistě o prevenci.

Log z AdwCleaner:

# AdwCleaner v5.028 - Logfile created 10/01/2016 at 13:21:10
# Updated 04/01/2016 by Xplode
# Database : 2015-12-30.1 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Rodina - RODINA-ALFA
# Running from : C:\Users\Rodina\Desktop\adwcleaner_5.028.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[#] Folder Deleted : C:\Users\Rodina\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\7d896ce5-5336-4ed7-b194-2cefd04cc37c
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DownLite
[-] Key Deleted : HKCU\Software\Check Point Software Technologies LTD
[-] Key Deleted : HKLM\SOFTWARE\Check Point Software Technologies LTD
[-] Key Deleted : HKU\.DEFAULT\Software\IM
[-] Key Deleted : HKU\.DEFAULT\Software\ImInstaller

***** [ Web browsers ] *****

[-] [C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\esdd1qti.default\prefs.js] [Preference] Deleted : user_pref("extensions.kango.storage.m2_k5", "1410470653362");
[-] [C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\esdd1qti.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={2CF7EEFF-FC1E-11E2-B8F8-D43D7E4B18CC}");
[-] [C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ogccgbmabaphcakpiclgcnmcnimhokcj
[-] [C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://home.sweetim.com/?barid={2CF7EEFF-FC1E-11E2-B8F8-D43D7E4B18CC}&src=10&&st=23&ptr=100

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [4390 bytes] ##########

Log z MBAM:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 10.1.2016
Čas skenování: 13:28
Protokol: MBAM.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.09.22.05
Databáze rootkitů: v2015.09.18.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Rodina

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 570711
Uplynulý čas: 1 hod, 27 min, 43 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 117
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{10403E80-6E2E-4E42-98EF-A6A282AD71BC}, , [87660230b5d6bd79de2dc2d30202629e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{18F77431-ED3F-44EF-A8A1-7347B6A0B075}, , [41acef437b10c67075952b6ad92b0000],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19F058FA-6CD2-4034-8C28-D5F8F711ACE2}, , [2ebfa989048745f1bf4cd7be29db4ab6],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1BABC41F-C4DC-475D-ADFD-A176C634933D}, , [6687c46e4942082e5ab1d4c1798ba25e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C95C22C-DC0D-4E4B-B6F4-E97B5CA8712E}, , [12db9b979deeb97d64a7f5a022e2926e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D904071-5B65-4130-8E5C-20C3BD4414B4}, , [78757bb7692275c19179fa9b778d08f8],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F7E190D-61D6-4461-A91F-843AE79B833F}, , [ec013bf74e3daa8c38d2a7ee996be61a],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2191D9B7-F527-4AE1-98D2-113B80604399}, , [04e9bf73d1bacf67aa6161342cd8dd23],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21FACD92-E4D5-4F8C-AF5A-A7EA5B0EB412}, , [1fceab87cdbed6600308247116ee9e62],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{23D65E04-4CB0-4436-A34C-B7F09AF8AB60}, , [cf1e41f1e0ab280e0703a6ef3ec6ec14],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25CE1783-FB07-44DC-892E-6E4B4C335222}, , [8568ba785635270f2dddb4e1e321ff01],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A3A4A1F-E1B1-4337-BD95-573DCCDB5EA8}, , [39b448eabdcefc3a4ac1880d9a6a7c84],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A7BF196-1FC5-400E-AD95-BEFFD2513289}, , [23ca6fc332591c1abb4f8c0907fd40c0],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2B5AB862-BA7B-48E3-B3BD-86497D872EE4}, , [8f5e161c0b807eb80dfef3a223e103fd],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2BC192A1-5881-42E4-BA7D-1C8C1AEE7924}, , [737aee444a411422e2285a3bcd3737c9],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2CA6A4D7-6B66-438F-ACED-E5512D8BE9BC}, , [04e9dd55a8e35cda4ac023722ed6956b],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3704449D-C16B-4EAA-9EB7-6DFBDB80B096}, , [1ad3131feba0c175be4cebaa33d1ff01],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AFE57D7-3A0E-4215-9191-B89F395434C8}, , [2bc2e54d414a87af0802a5f021e341bf],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3B8E053A-F8D5-44C2-B557-57B976D13E48}, , [eeff4ce65a315ed8b555187d0bf908f8],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3CC3E569-F299-41C0-B557-77BB59A6B132}, , [3fae7cb60d7e60d659b12a6bd232f60a],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DC0BAAF-39D6-4A7C-8ECF-5A4AA6CA6B3C}, , [11dc88aaf3980f2735d6badb996bd22e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E2BA900-B382-4074-8B5B-1FE6ED1B206F}, , [11dcff335b3056e0e02b860f0bf912ee],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3EFCCC16-7831-408F-886B-F8B84763536B}, , [d21b38fa474481b538d2781d5ea658a8],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F935903-A721-4FA9-A068-A4E5C7EEC2DA}, , [cd206fc37912f93d05063b5af70d1be5],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{488A111E-1786-40EB-BB82-8018D051BC1C}, , [8e5f8da59af19d999e6dd9bcb84c7d83],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4A1C5D24-F70A-4809-A2C6-E58A752EBD1B}, , [32bbe44e3e4d68cec9413d581fe518e8],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4AB34596-124E-4E9D-B191-9A8A7117D1E4}, , [e5080f23345758de31d997fe7b8923dd],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4B5F1898-7545-487C-8196-759EBB61AFC7}, , [8c618ba787049d99cd3e5f36fd07f10f],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4C2259D5-D1BC-4C72-87B0-B1F153F3EEA9}, , [806d7ab8256632043ad02c69798bf50b],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4D253F88-2A04-40BC-AE75-8C7A2980FB59}, , [995457dbf19a330315f651446f957789],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{550A22CB-B768-4D65-B61A-2DEDC25154F0}, , [0edffc36018a39fdc6458213bc487e82],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{569093BB-623C-4C2E-A9A9-68F6DCA29672}, , [22cb250de8a3360062a8ff963fc56b95],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5BC34EDA-8F02-4215-928F-235A82BAB384}, , [36b790a20f7ce4527f8b96ffae567c84],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5ECAF66A-9C67-475B-98E3-939356F95146}, , [ac41de545b305adc808a1085e71db050],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{62ABEE6D-6ABF-45BD-9180-F15F27714FE9}, , [f8f5e44e3a512115c5459203679d817f],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63D766E0-78BB-452A-AEFF-5361CB9D5A76}, , [fbf20b27c1cab680cb3f99fc08fcea16],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{66D98274-79C3-42FA-B6A9-4B77676EEDA8}, , [5e8fd959c5c61125df2c514464a07888],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6710C516-5440-4BB6-BE4C-8E39BD8DE315}, , [c42972c0b1da0c2a09023f569074e818],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B05B93-9CD8-4979-8258-223F17766BE0}, , [836aa191c2c98caad732eda8f80cfe02],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{693FFF3A-26E9-447C-9FC1-D0DCB015AAFA}, , [04e9979baeddd56154b66a2bb94bf60a],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69F336E2-82CD-4FBE-8DB3-306DE8929E44}, , [529ba88ad5b689ad5caff4a1b74dff01],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6BBB80F4-78AA-4397-B165-CF8E8F9FEC26}, , [8d60f33f78130d29b259eaabaf556a96],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6DC566-2C39-41BF-A46A-B2D04B5377E2}, , [8e5f74bed4b7d363ae5ddfb6c4408f71],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E850523-BBEF-4EA1-8F23-A41A641A642B}, , [a74653df9eed1c1a9c6ef99c31d3d22e],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75581421-D408-4427-B5AF-8678D348E197}, , [e4098ea46b20b58104074c49778df808],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75FAA9F0-21D5-4E24-AC27-CB8D7F4E319F}, , [f5f869c9ef9c261029e1910446be52ae],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{776D6D9F-45BA-4CAC-999E-9DCA66F033C8}, , [b63780b291fa89ad39d2cec741c3c43c],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7AB3FB2A-2C87-43A3-8B1F-F1803AADDBC1}, , [d01d4be7711aac8ae426f79eff057a86],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7ACCF56C-ECC0-4C2C-BE99-B1368FC1F3F6}, , [ae3fa9895932c76f8d7da6ef6e9639c7],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C33F027-4C6C-4B64-8EFF-9AE02C48F4BD}, , [66871b173f4c55e1f317068f51b3d030],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7E46B70C-998C-4BFB-89DD-F327F5731DB3}, , [08e5a78b6e1dd561719a0f862ed639c7],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F33B71F-E3BF-411E-A885-1D1A2ED6A7F0}, , [3ab3cf638506a3931cef375ead57748c],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F39EFCC-502A-4D53-8864-A763B987AFD2}, , [7e6f69c9810a082e33d795007490e719],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B0BE9DE-D2F7-4466-ADD0-7C3F26B39439}, , [cd20d85a8cff1e18987254418a7ae719],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8BAE5BCF-1076-4AA1-A1FA-9B97BE794B66}, , [c924bd75d8b36dc9ad5d85107193ca36],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8EC9D83D-AB0E-4431-84D6-5D72F2B4E3EF}, , [ad40ee4490fb59dd16f4e4b1e61e44bc],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{92069C29-9609-427F-B489-65805C85E4AB}, , [85680b27f9923cfa709b8a0b2dd79070],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9409EA6D-BD1F-4299-824A-56FBCEEA323E}, , [ab4277bbfa911f174fbb4b4ac24208f8],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95EF84E0-A545-4384-AAD1-27D92DBFB61E}, , [e10c3df53853280eb852d0c5ac584db3],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{961F61C6-E9C4-4E6E-B317-6EA79436D921}, , [eeff47eb701b66d0c9425540df25be42],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{991787CB-6E5B-49C0-BCB8-715582D4C5E5}, , [8469230f800b76c030da65309f652fd1],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{996EC11D-9F54-4978-B788-273251DF5DBB}, , [9c51181acbc08caabd4e3e5758ac0ff1],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99D26213-73A0-4E46-9458-10241AA2D668}, , [44a9052db7d4c6708f7c920327dd53ad],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B75AFC1-5F78-427D-BD7A-129363C4D76C}, , [30bd70c2107b54e29278534205fffb05],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E8351FD-3B28-4D40-95DD-B877A6E09EA1}, , [a34a12205d2ef442b4564c498d7709f7],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5B55278-D86E-4BCA-A320-27BDCFB19C9F}, , [34b9062c2467e650a06b0c89fa0ace32],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5FD8AFB-F07F-4243-89C8-F04C2817CAA7}, , [4e9f58da0784ec4aa169dbbad232b14f],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A6291B3D-32D5-419A-8270-71407E6390C3}, , [87667db52863c17556b4d7be51b315eb],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A9C9A0D6-494C-476A-88DB-2C9A4311B0F9}, , [559854de54377abc33d7276ec73dc937],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB33CA54-5135-4C81-AA85-83A42F78FE39}, , [07e6062c7d0ead89808aa4f1966edf21],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ABB5FFBC-C586-4255-93F7-F82DF7F8314F}, , [c32ada58711a2c0a5eacbdd85aaaf709],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC12AB00-E15D-47EC-A98F-C6568D6EFF3A}, , [31bc7bb77e0d6acc878404919a6a4ab6],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AFC6208C-CCA9-4A31-AEF6-D4FF90AECCFC}, , [d21b63cf4d3ed95d37d44a4b679dbd43],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B82463B1-F636-43D6-BC49-F77DF0E4FA9F}, , [3cb1f939a8e3181e0a005b3ac044b947],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B8F014A5-A229-4D75-9253-97AB244BE994}, , [5499969cb9d2e155fd0d148160a412ee],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9C31CDE-660B-4438-9586-8FC9B618E0B0}, , [747949e9a9e2ce682bdf7421a85c4db3],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BC5AF399-68A4-4B17-A8CE-283AF22C6D5C}, , [e904211197f4fd390b00088d49bb37c9],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD210CCE-362C-429C-95D6-C82C43E839E7}, , [33ba76bc414a11253ad1662fb35115eb],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C02376D4-D421-4D9D-B326-D38FAC67A960}, , [fcf11f131c6fb58172985d38ca3a7e82],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0AB9670-7F8F-4154-81B8-3A16C6A4CBE2}, , [d31af2403c4f4bebee1cbadbfd07847c],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0EE7C5C-E45B-4256-8060-501C8DC021E3}, , [4ba2ea484348a98df813563ffc08f907],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C101306A-3CE2-4641-8518-3B27A59E9BC6}, , [6a83ab877a117cbad635029361a38d73],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C1FD3E93-7504-49BA-9B74-7A3244F68331}, , [c825fb379eed1620d13a158008fc09f7],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C94FB64B-C150-475B-86B7-A533179FAE46}, , [e805e54dbecd0234b05ac0d51de7bd43],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CBB59546-ABDF-4A61-B450-D2FBE58B1B9F}, , [d716db570e7db4826d9db5e0b74d06fa],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CD4D4B0D-2441-4619-9457-B6AE3D278EBC}, , [46a7a38f46456acc35d597fef90bb34d],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CDD6FF2F-A083-4787-9DBD-FC4B3DB324AF}, , [46a7fa380d7ecb6b2cdf5243df2551af],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CE2DFA27-C93F-4CB6-BB81-5C2B5070ED9A}, , [ffee1022a2e91e187a9164311ee62ad6],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CF317A02-64A7-4784-B3A7-412C9263227A}, , [dc119e942b6074c2ae5d8411897bc739],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0A0BF11-68B7-430B-8E79-D2635F997BBB}, , [15d876bced9e5dd997748e07f212738d],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3503FC8-615B-47D3-AAED-7193CB398E40}, , [d21bd45e94f7a195ba50a3f26e9622de],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D45B1B15-CAE4-46F1-89A4-451917E47540}, , [47a66ac8305bca6c3cce2e67956f37c9],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9ED4B66-71C3-45CF-99C2-BE5374A0D396}, , [db122a08c9c2ba7c22e8e8ada75d1be5],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA228CD0-F66B-4FE7-9F39-45F22012DAA0}, , [22cb33ff662569cd9c6f8c097c8857a9],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB86C990-6F22-4FD8-9C79-578044381310}, , [e607072b6823979fc8426d2842c28f71],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCCA0922-6F4A-4193-993C-1437AFD26AA6}, , [866744eef992d85e60ab93025aaa24dc],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE74A312-4509-4DB3-BB57-40F6AE675412}, , [54996fc37417082e6b9f99fc06fedd23],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E07ED409-25DF-424B-807E-D163C63AC764}, , [9855c76b3a51df578b805243de2657a9],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E2484017-E8F1-4318-8880-41B74957936A}, , [539a3ef45734e5513ecc7d188a7a45bb],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E30E788F-5949-49D2-8F6E-E88BCD9C8462}, , [3fae939f9cef46f0eb20494cae5622de],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E43535EB-EC41-48DC-8169-FCACDB79BED8}, , [1dd0a58d3754e55182895d38c4406799],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4E5D6C2-8977-4E2C-B74B-E47789176EAB}, , [5b92db572e5d1a1c917a771eb54fed13],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6D88EA1-A226-4C00-A2E0-47A8806226B7}, , [c726b67c5b3088ae61a9cacb47bdcf31],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE2EB482-8942-4585-A599-82EE82C931DE}, , [5994df533457b5811af03a5bf60ebf41],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EFD6366E-4421-4391-9E3E-C580BEAE3ECF}, , [e805de54c5c674c2fd0e8e077f857c84],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F081EE4A-EAF7-4E7F-8B20-41DB2EAEDB34}, , [18d5cd65e7a4191d85869302f70dbd43],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2567087-68FD-44D0-866B-B8563C83B39E}, , [e30ac46ec9c2bf77aa60662fb1534eb2],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F4BA2916-5689-4242-BEAF-20CEFC888031}, , [539a79b9e7a457df1ceee2b3887c22de],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F68EBD5B-71AA-4198-8B96-4C5E662CF722}, , [9d50e949711a0b2b7992870ed430946c],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F6A289D0-9DDD-4C09-AC51-E5125DDC9EFB}, , [30bd86ac96f5df57d733fa9bd52f59a7],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F8C8513C-2B19-45A2-B1DF-3577E188B836}, , [19d4c76bb2d90531e228692c2fd554ac],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9F4DEEA-5B49-445E-89E1-5C61AC672F92}, , [7c712f03513a57df9873ccc9ba4ae917],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9F6D91E-A26B-4D2F-8C35-3D3A7B232DA7}, , [47a65bd71c6f72c499727025a361867a],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA604084-9A4F-4DEC-9069-E314BAA17B3D}, , [0fde61d193f82e08a961d7be986c3cc4],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FB33398C-A1DE-4258-9339-D972DBF88DA8}, , [8c6175bd7912ff3761aa0491f014db25],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FD8BD498-4A29-4D03-BD38-23CE3AF0FD86}, , [31bca191fd8e132337d47b1abe464bb5],
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE4775B8-FFB4-4A3D-9757-34411F8F29EF}, , [32bbf2404645c670ba507520ea1a2ad6],

Hodnoty registru: 117
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{10403E80-6E2E-4E42-98EF-A6A282AD71BC}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [87660230b5d6bd79de2dc2d30202629e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{18F77431-ED3F-44EF-A8A1-7347B6A0B075}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [41acef437b10c67075952b6ad92b0000]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19F058FA-6CD2-4034-8C28-D5F8F711ACE2}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [2ebfa989048745f1bf4cd7be29db4ab6]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1BABC41F-C4DC-475D-ADFD-A176C634933D}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [6687c46e4942082e5ab1d4c1798ba25e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C95C22C-DC0D-4E4B-B6F4-E97B5CA8712E}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [12db9b979deeb97d64a7f5a022e2926e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D904071-5B65-4130-8E5C-20C3BD4414B4}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [78757bb7692275c19179fa9b778d08f8]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F7E190D-61D6-4461-A91F-843AE79B833F}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [ec013bf74e3daa8c38d2a7ee996be61a]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2191D9B7-F527-4AE1-98D2-113B80604399}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [04e9bf73d1bacf67aa6161342cd8dd23]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21facd92-e4d5-4f8c-af5a-a7ea5b0eb412}|AppName, HDQ-V2.3V14.11-codedownloader.exe, , [1fceab87cdbed6600308247116ee9e62]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{23D65E04-4CB0-4436-A34C-B7F09AF8AB60}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [cf1e41f1e0ab280e0703a6ef3ec6ec14]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25CE1783-FB07-44DC-892E-6E4B4C335222}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [8568ba785635270f2dddb4e1e321ff01]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A3A4A1F-E1B1-4337-BD95-573DCCDB5EA8}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [39b448eabdcefc3a4ac1880d9a6a7c84]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A7BF196-1FC5-400E-AD95-BEFFD2513289}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [23ca6fc332591c1abb4f8c0907fd40c0]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2B5AB862-BA7B-48E3-B3BD-86497D872EE4}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [8f5e161c0b807eb80dfef3a223e103fd]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2BC192A1-5881-42E4-BA7D-1C8C1AEE7924}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [737aee444a411422e2285a3bcd3737c9]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2CA6A4D7-6B66-438F-ACED-E5512D8BE9BC}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [04e9dd55a8e35cda4ac023722ed6956b]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3704449D-C16B-4EAA-9EB7-6DFBDB80B096}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [1ad3131feba0c175be4cebaa33d1ff01]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AFE57D7-3A0E-4215-9191-B89F395434C8}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [2bc2e54d414a87af0802a5f021e341bf]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3B8E053A-F8D5-44C2-B557-57B976D13E48}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [eeff4ce65a315ed8b555187d0bf908f8]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3CC3E569-F299-41C0-B557-77BB59A6B132}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [3fae7cb60d7e60d659b12a6bd232f60a]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DC0BAAF-39D6-4A7C-8ECF-5A4AA6CA6B3C}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [11dc88aaf3980f2735d6badb996bd22e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E2BA900-B382-4074-8B5B-1FE6ED1B206F}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [11dcff335b3056e0e02b860f0bf912ee]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3EFCCC16-7831-408F-886B-F8B84763536B}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [d21b38fa474481b538d2781d5ea658a8]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F935903-A721-4FA9-A068-A4E5C7EEC2DA}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [cd206fc37912f93d05063b5af70d1be5]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{488A111E-1786-40EB-BB82-8018D051BC1C}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [8e5f8da59af19d999e6dd9bcb84c7d83]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4A1C5D24-F70A-4809-A2C6-E58A752EBD1B}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [32bbe44e3e4d68cec9413d581fe518e8]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4AB34596-124E-4E9D-B191-9A8A7117D1E4}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [e5080f23345758de31d997fe7b8923dd]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4B5F1898-7545-487C-8196-759EBB61AFC7}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [8c618ba787049d99cd3e5f36fd07f10f]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4C2259D5-D1BC-4C72-87B0-B1F153F3EEA9}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [806d7ab8256632043ad02c69798bf50b]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4D253F88-2A04-40BC-AE75-8C7A2980FB59}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [995457dbf19a330315f651446f957789]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{550A22CB-B768-4D65-B61A-2DEDC25154F0}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [0edffc36018a39fdc6458213bc487e82]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{569093BB-623C-4C2E-A9A9-68F6DCA29672}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [22cb250de8a3360062a8ff963fc56b95]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5BC34EDA-8F02-4215-928F-235A82BAB384}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [36b790a20f7ce4527f8b96ffae567c84]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5ECAF66A-9C67-475B-98E3-939356F95146}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [ac41de545b305adc808a1085e71db050]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{62ABEE6D-6ABF-45BD-9180-F15F27714FE9}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [f8f5e44e3a512115c5459203679d817f]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63D766E0-78BB-452A-AEFF-5361CB9D5A76}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [fbf20b27c1cab680cb3f99fc08fcea16]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{66D98274-79C3-42FA-B6A9-4B77676EEDA8}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [5e8fd959c5c61125df2c514464a07888]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6710C516-5440-4BB6-BE4C-8E39BD8DE315}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [c42972c0b1da0c2a09023f569074e818]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68b05b93-9cd8-4979-8258-223f17766be0}|AppName, HDQ-V2.3V14.11-bg.exe, , [836aa191c2c98caad732eda8f80cfe02]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{693FFF3A-26E9-447C-9FC1-D0DCB015AAFA}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [04e9979baeddd56154b66a2bb94bf60a]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69F336E2-82CD-4FBE-8DB3-306DE8929E44}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [529ba88ad5b689ad5caff4a1b74dff01]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6BBB80F4-78AA-4397-B165-CF8E8F9FEC26}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [8d60f33f78130d29b259eaabaf556a96]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6DC566-2C39-41BF-A46A-B2D04B5377E2}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [8e5f74bed4b7d363ae5ddfb6c4408f71]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E850523-BBEF-4EA1-8F23-A41A641A642B}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [a74653df9eed1c1a9c6ef99c31d3d22e]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75581421-D408-4427-B5AF-8678D348E197}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [e4098ea46b20b58104074c49778df808]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75FAA9F0-21D5-4E24-AC27-CB8D7F4E319F}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [f5f869c9ef9c261029e1910446be52ae]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{776D6D9F-45BA-4CAC-999E-9DCA66F033C8}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [b63780b291fa89ad39d2cec741c3c43c]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7AB3FB2A-2C87-43A3-8B1F-F1803AADDBC1}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [d01d4be7711aac8ae426f79eff057a86]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7ACCF56C-ECC0-4C2C-BE99-B1368FC1F3F6}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [ae3fa9895932c76f8d7da6ef6e9639c7]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C33F027-4C6C-4B64-8EFF-9AE02C48F4BD}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [66871b173f4c55e1f317068f51b3d030]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7E46B70C-998C-4BFB-89DD-F327F5731DB3}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [08e5a78b6e1dd561719a0f862ed639c7]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F33B71F-E3BF-411E-A885-1D1A2ED6A7F0}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [3ab3cf638506a3931cef375ead57748c]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F39EFCC-502A-4D53-8864-A763B987AFD2}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [7e6f69c9810a082e33d795007490e719]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B0BE9DE-D2F7-4466-ADD0-7C3F26B39439}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [cd20d85a8cff1e18987254418a7ae719]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8BAE5BCF-1076-4AA1-A1FA-9B97BE794B66}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [c924bd75d8b36dc9ad5d85107193ca36]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8EC9D83D-AB0E-4431-84D6-5D72F2B4E3EF}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [ad40ee4490fb59dd16f4e4b1e61e44bc]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{92069C29-9609-427F-B489-65805C85E4AB}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [85680b27f9923cfa709b8a0b2dd79070]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9409EA6D-BD1F-4299-824A-56FBCEEA323E}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [ab4277bbfa911f174fbb4b4ac24208f8]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95EF84E0-A545-4384-AAD1-27D92DBFB61E}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [e10c3df53853280eb852d0c5ac584db3]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{961F61C6-E9C4-4E6E-B317-6EA79436D921}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [eeff47eb701b66d0c9425540df25be42]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{991787CB-6E5B-49C0-BCB8-715582D4C5E5}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [8469230f800b76c030da65309f652fd1]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{996EC11D-9F54-4978-B788-273251DF5DBB}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [9c51181acbc08caabd4e3e5758ac0ff1]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99D26213-73A0-4E46-9458-10241AA2D668}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [44a9052db7d4c6708f7c920327dd53ad]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B75AFC1-5F78-427D-BD7A-129363C4D76C}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [30bd70c2107b54e29278534205fffb05]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E8351FD-3B28-4D40-95DD-B877A6E09EA1}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [a34a12205d2ef442b4564c498d7709f7]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5B55278-D86E-4BCA-A320-27BDCFB19C9F}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [34b9062c2467e650a06b0c89fa0ace32]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5FD8AFB-F07F-4243-89C8-F04C2817CAA7}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [4e9f58da0784ec4aa169dbbad232b14f]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A6291B3D-32D5-419A-8270-71407E6390C3}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [87667db52863c17556b4d7be51b315eb]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A9C9A0D6-494C-476A-88DB-2C9A4311B0F9}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [559854de54377abc33d7276ec73dc937]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB33CA54-5135-4C81-AA85-83A42F78FE39}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [07e6062c7d0ead89808aa4f1966edf21]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ABB5FFBC-C586-4255-93F7-F82DF7F8314F}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [c32ada58711a2c0a5eacbdd85aaaf709]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC12AB00-E15D-47EC-A98F-C6568D6EFF3A}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [31bc7bb77e0d6acc878404919a6a4ab6]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AFC6208C-CCA9-4A31-AEF6-D4FF90AECCFC}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [d21b63cf4d3ed95d37d44a4b679dbd43]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B82463B1-F636-43D6-BC49-F77DF0E4FA9F}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [3cb1f939a8e3181e0a005b3ac044b947]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B8F014A5-A229-4D75-9253-97AB244BE994}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [5499969cb9d2e155fd0d148160a412ee]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9C31CDE-660B-4438-9586-8FC9B618E0B0}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [747949e9a9e2ce682bdf7421a85c4db3]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BC5AF399-68A4-4B17-A8CE-283AF22C6D5C}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [e904211197f4fd390b00088d49bb37c9]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD210CCE-362C-429C-95D6-C82C43E839E7}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [33ba76bc414a11253ad1662fb35115eb]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C02376D4-D421-4D9D-B326-D38FAC67A960}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [fcf11f131c6fb58172985d38ca3a7e82]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0AB9670-7F8F-4154-81B8-3A16C6A4CBE2}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [d31af2403c4f4bebee1cbadbfd07847c]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0EE7C5C-E45B-4256-8060-501C8DC021E3}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [4ba2ea484348a98df813563ffc08f907]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C101306A-3CE2-4641-8518-3B27A59E9BC6}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [6a83ab877a117cbad635029361a38d73]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C1FD3E93-7504-49BA-9B74-7A3244F68331}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [c825fb379eed1620d13a158008fc09f7]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C94FB64B-C150-475B-86B7-A533179FAE46}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [e805e54dbecd0234b05ac0d51de7bd43]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CBB59546-ABDF-4A61-B450-D2FBE58B1B9F}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [d716db570e7db4826d9db5e0b74d06fa]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CD4D4B0D-2441-4619-9457-B6AE3D278EBC}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [46a7a38f46456acc35d597fef90bb34d]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CDD6FF2F-A083-4787-9DBD-FC4B3DB324AF}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [46a7fa380d7ecb6b2cdf5243df2551af]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CE2DFA27-C93F-4CB6-BB81-5C2B5070ED9A}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [ffee1022a2e91e187a9164311ee62ad6]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CF317A02-64A7-4784-B3A7-412C9263227A}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [dc119e942b6074c2ae5d8411897bc739]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0A0BF11-68B7-430B-8E79-D2635F997BBB}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [15d876bced9e5dd997748e07f212738d]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3503FC8-615B-47D3-AAED-7193CB398E40}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [d21bd45e94f7a195ba50a3f26e9622de]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D45B1B15-CAE4-46F1-89A4-451917E47540}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [47a66ac8305bca6c3cce2e67956f37c9]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9ED4B66-71C3-45CF-99C2-BE5374A0D396}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [db122a08c9c2ba7c22e8e8ada75d1be5]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA228CD0-F66B-4FE7-9F39-45F22012DAA0}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [22cb33ff662569cd9c6f8c097c8857a9]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB86C990-6F22-4FD8-9C79-578044381310}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [e607072b6823979fc8426d2842c28f71]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCCA0922-6F4A-4193-993C-1437AFD26AA6}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [866744eef992d85e60ab93025aaa24dc]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE74A312-4509-4DB3-BB57-40F6AE675412}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [54996fc37417082e6b9f99fc06fedd23]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E07ED409-25DF-424B-807E-D163C63AC764}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [9855c76b3a51df578b805243de2657a9]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E2484017-E8F1-4318-8880-41B74957936A}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [539a3ef45734e5513ecc7d188a7a45bb]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E30E788F-5949-49D2-8F6E-E88BCD9C8462}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [3fae939f9cef46f0eb20494cae5622de]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E43535EB-EC41-48DC-8169-FCACDB79BED8}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [1dd0a58d3754e55182895d38c4406799]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4E5D6C2-8977-4E2C-B74B-E47789176EAB}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [5b92db572e5d1a1c917a771eb54fed13]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6D88EA1-A226-4C00-A2E0-47A8806226B7}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [c726b67c5b3088ae61a9cacb47bdcf31]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE2EB482-8942-4585-A599-82EE82C931DE}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [5994df533457b5811af03a5bf60ebf41]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EFD6366E-4421-4391-9E3E-C580BEAE3ECF}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [e805de54c5c674c2fd0e8e077f857c84]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F081EE4A-EAF7-4E7F-8B20-41DB2EAEDB34}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [18d5cd65e7a4191d85869302f70dbd43]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2567087-68FD-44D0-866B-B8563C83B39E}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [e30ac46ec9c2bf77aa60662fb1534eb2]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F4BA2916-5689-4242-BEAF-20CEFC888031}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [539a79b9e7a457df1ceee2b3887c22de]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F68EBD5B-71AA-4198-8B96-4C5E662CF722}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [9d50e949711a0b2b7992870ed430946c]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F6A289D0-9DDD-4C09-AC51-E5125DDC9EFB}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [30bd86ac96f5df57d733fa9bd52f59a7]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F8C8513C-2B19-45A2-B1DF-3577E188B836}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [19d4c76bb2d90531e228692c2fd554ac]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9F4DEEA-5B49-445E-89E1-5C61AC672F92}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [7c712f03513a57df9873ccc9ba4ae917]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9F6D91E-A26B-4D2F-8C35-3D3A7B232DA7}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [47a65bd71c6f72c499727025a361867a]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA604084-9A4F-4DEC-9069-E314BAA17B3D}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [0fde61d193f82e08a961d7be986c3cc4]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FB33398C-A1DE-4258-9339-D972DBF88DA8}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [8c6175bd7912ff3761aa0491f014db25]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FD8BD498-4A29-4D03-BD38-23CE3AF0FD86}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-codedownloader.exe, , [31bca191fd8e132337d47b1abe464bb5]
PUP.Optional.CrossRider, HKU\S-1-5-21-4125149103-1521511784-2178673614-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE4775B8-FFB4-4A3D-9757-34411F8F29EF}|AppName, 90d99070-0369-406a-b6cb-16ed3bd8d009-2.exe-buttonutil.exe, , [32bbf2404645c670ba507520ea1a2ad6]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#6 Příspěvek od **Márty84** » 10 led 2016 18:32

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Tomas 34 · #7 Příspěvek od **Tomas 34** » 10 led 2016 22:13

Čisto, bez nějakých hrozeb.

#8 Příspěvek od **Márty84** » 11 led 2016 20:40

MBAM odinstalujte.

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Tomas 34 · #9 Příspěvek od **Tomas 34** » 15 led 2016 16:50

Pardon, byl jsem na pár dní pryč. Zde je log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Rodina at 2016-01-15 16:48:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 724 GB (76%) free of 954 GB
Total RAM: 4041 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:48:11, on 15.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\VM305_STI.EXE
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Rodina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - (no file)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BigDog305] C:\Windows\VM305_STI.EXE USB PC Camera VC305
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{7BC9349B-20CD-4B80-AFB8-380D54034FFD}: NameServer = 212.111.0.10,194.213.32.237
O17 - HKLM\System\CS1\Services\Tcpip\..\{7BC9349B-20CD-4B80-AFB8-380D54034FFD}: NameServer = 212.111.0.10,194.213.32.237
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10357 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" -startup
"C:\Program Files\Logitech\SetPoint\SetPoint.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"taskhost.exe"
"C:\Windows\VM305_STI.EXE" USB PC Camera VC305
"C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552
"C:\Users\Rodina\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job - C:\Program Files (x86)\TuneUp Utilities 2008\OneClickStarter.exe /schedulestart
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\esdd1qti.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.66.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppluginrichmediaplayer.dll

C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\esdd1qti.default\searchplugins\
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-08 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-08 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-01-23 134416]
"ISW"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-26 291608]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-07-27 495616]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-03-27 73832]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-08 7021880]
"BigDog305"=C:\Windows\VM305_STI.EXE [2007-01-05 61440]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-11-09 596528]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-01-08 22:48:05 ----D---- C:\Windows\pss
2016-01-08 19:39:18 ----SHD---- C:\Config.Msi
2016-01-08 18:05:41 ----D---- C:\Users\Rodina\AppData\Roaming\FreeFixer
2016-01-08 18:05:34 ----D---- C:\Program Files\FreeFixer
2016-01-08 17:01:02 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-08 17:00:06 ----A---- C:\Windows\avastSS.scr
2016-01-08 16:54:26 ----D---- C:\Users\Rodina\AppData\Roaming\Seznam.cz
2016-01-07 13:51:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-12-26 22:30:58 ----D---- C:\Program Files (x86)\Quake III (Upragde)

======List of files/folders modified in the last 1 month======

2016-01-15 16:48:11 ----D---- C:\Windows\Prefetch
2016-01-15 16:48:11 ----D---- C:\Program Files\trend micro
2016-01-15 16:48:10 ----D---- C:\Windows\temp
2016-01-15 16:45:29 ----RD---- C:\Program Files (x86)
2016-01-15 16:45:29 ----D---- C:\Windows\system32\drivers
2016-01-15 16:44:42 ----D---- C:\Users\Rodina\AppData\Roaming\Skype
2016-01-15 16:04:04 ----D---- C:\Windows\System32
2016-01-15 16:04:04 ----D---- C:\Windows\inf
2016-01-15 16:04:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-15 16:00:01 ----A---- C:\Windows\SYSWOW64\log.txt
2016-01-10 14:57:07 ----D---- C:\AdwCleaner
2016-01-10 13:21:59 ----D---- C:\Windows
2016-01-10 13:07:38 ----D---- C:\Fotky
2016-01-09 18:28:09 ----D---- C:\Windows\system32\config
2016-01-08 22:55:33 ----D---- C:\Windows\system32\NDF
2016-01-08 22:54:26 ----SHD---- C:\System Volume Information
2016-01-08 22:19:33 ----D---- C:\Program Files (x86)\AMD APP
2016-01-08 20:18:57 ----D---- C:\Windows\system32\wbem
2016-01-08 20:18:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 20:18:24 ----D---- C:\Program Files (x86)\Claw
2016-01-08 20:18:21 ----D---- C:\SuperChargerProfile
2016-01-08 20:18:20 ----D---- C:\Users\Rodina\AppData\Roaming\IrfanView
2016-01-08 20:18:20 ----D---- C:\Users\Rodina\AppData\Roaming\GHISLER
2016-01-08 20:18:19 ----D---- C:\Windows\system32\DriverStore
2016-01-08 20:18:19 ----D---- C:\Windows\system32\CodeIntegrity
2016-01-08 20:18:19 ----D---- C:\Windows\system32\catroot2
2016-01-08 20:18:19 ----D---- C:\Windows\AppCompat
2016-01-08 20:18:18 ----D---- C:\Windows\winsxs
2016-01-08 20:18:18 ----D---- C:\Windows\Tasks
2016-01-08 20:18:18 ----D---- C:\Windows\SysWOW64
2016-01-08 20:18:18 ----D---- C:\Windows\system32\Tasks
2016-01-08 20:18:18 ----D---- C:\Windows\registration
2016-01-08 20:06:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-01-08 20:04:47 ----D---- C:\Games
2016-01-08 20:03:21 ----D---- C:\Program Files (x86)\Valve
2016-01-08 20:00:06 ----D---- C:\Oblivione
2016-01-08 19:46:12 ----SHD---- C:\Windows\Installer
2016-01-08 19:41:00 ----D---- C:\Program Files (x86)\Common Files
2016-01-08 19:40:50 ----D---- C:\Program Files (x86)\Nero
2016-01-08 19:40:03 ----D---- C:\ProgramData\Nero
2016-01-08 19:24:00 ----D---- C:\Program Files (x86)\a626359a-9b8e-4c1b-b28a-b86d55d0ff09
2016-01-08 19:05:52 ----D---- C:\Users\Rodina\AppData\Roaming\uTorrent
2016-01-08 19:05:52 ----D---- C:\Users\Rodina\AppData\Roaming\DAEMON Tools Lite
2016-01-08 18:05:34 ----D---- C:\Program Files
2016-01-08 00:41:03 ----D---- C:\Program Files\Diablo II
2015-12-30 06:21:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-12-23 00:38:02 ----A---- C:\Windows\win.ini
2015-12-23 00:37:55 ----D---- C:\Program Files (x86)\Worms Armageddon

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-01-08 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-01-08 273784]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2012-03-26 19224]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-11-15 458584]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-01-08 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-08 1055560]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-08 451040]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-19 283064]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-02-21 613720]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2012-12-13 450136]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-01-08 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-01-08 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-01-08 155304]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 33712]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 460288]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-01-23 51984]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-01-23 48912]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2012-07-24 46016]
S3 L8042Kbd;SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-01-23 35600]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vvftav;vvftav; C:\Windows\system32\drivers\vvftav.sys [2007-02-02 300800]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001); C:\Windows\system32\drivers\WPRO_41_2001.sys [2012-11-07 34752]
S3 ZSMC0305;USB PC Camera VC305; C:\Windows\System32\Drivers\usbVM305.sys [2007-03-08 1541120]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-08 226440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 828072]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-29 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-29 277784]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-06-29 136704]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-29 363800]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-03-27 2447888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-30 269504]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-07 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2013-02-22 497920]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-11 1255736]

-----------------EOF-----------------

#10 Příspěvek od **Márty84** » 16 led 2016 08:25

A kde mam logy z FRST?

20.2. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Prosil bych o kontrolu

Prosil bych o kontrolu

Re: Prosil bych o kontrolu

Re: Prosil bych o kontrolu

Re: Prosil bych o kontrolu

Re: Prosil bych o kontrolu

Re: Prosil bych o kontrolu

Re: Prosil bych o kontrolu

Re: Prosil bych o kontrolu

Re: Prosil bych o kontrolu

Re: Prosil bych o kontrolu