VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivní kontrolu

https://forum.viry.cz:443/viewtopic.php?t=137434

Stránka 1 z 3

Prosím o preventivní kontrolu

Napsal: 14 dub 2014 13:03
od petouf
Nějak se mi PC zpomaluje, ale snad je vše OK.
Děkuji, přeji pěkný den!

Logfile of random's system information tool 1.09 (written by random/random)
Run by HP at 2014-04-14 13:58:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (30%) free of 38 GB
Total RAM: 2039 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:59:04, on 14.4.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tenda\Common\RaRegistry.exe
C:\Program Files\Prevx\prevx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\desksware\Desktop iCalendar\Desktop iCalendar.exe
C:\Program Files\organizer\Organizer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\HP\Plocha\PC udrzba\viry.cz\RSIT.exe
C:\Program Files\trend micro\HP.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: SafeOnline BHO - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\WINDOWS\system32\PxSecure.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\b052ef86-522d-4705-af6c-0848e61e22a9.exe /check
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Desktop iCalendar.exe] "C:\Program Files\desksware\Desktop iCalendar\Desktop iCalendar.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - Organizer.exe.lnk = C:\Program Files\organizer\Organizer.exe
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané FDM - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše FDM - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: CSIScanner - Prevx - C:\Program Files\Prevx\prevx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Tenda\Common\RaRegistry.exe
O24 - Desktop Component 1: (no name) - https://www.google.com/calendar/embed?s ... ope/Prague

--
End of file - 8730 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoforFilesUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cf4d924d6a3eea.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\0dm8il94.default-1397108393062

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npcortona.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\plugins\
NPLV80Win32.dll
nppdf32.dll
npPDFXCviewNPPlugin.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69D72956-317C-44bd-B369-8E44D4EF9801}]
SafeOnline BHO - C:\WINDOWS\system32\PxSecure.dll [2014-01-03 71880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-21 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-07 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2013-10-04 365056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Zástupce stránky vlastností sběrnice High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"SetRefresh"=C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe [2003-11-20 525824]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2013-03-12 20143688]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-15 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-15 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-15 131072]
"C-Media Mixer"=Mixer.exe /startup []
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\b052ef86-522d-4705-af6c-0848e61e22a9.exe [2013-11-25 180184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-07 3854640]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Desktop iCalendar.exe"=C:\Program Files\desksware\Desktop iCalendar\Desktop iCalendar.exe [2014-03-20 1804288]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-04-01 4616984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro]
C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe [2003-08-20 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband]
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-01-06 5625624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VmbNotifier]
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.3.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-10-08 1198592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP^Nabídka Start^Programy^Po spuštění^Vodafone Mobile Broadband.lnk]
C:\PROGRA~1\Vodafone\VODAFO~1\Bin\MOBILE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"VmbService"=2
"gupdatem"=3
"gupdate"=2

C:\Documents and Settings\HP\Nabídka Start\Programy\Po spuštění
Zástupce - Organizer.exe.lnk - C:\Program Files\organizer\Organizer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-08 115440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe"="C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe:*:Enabled:MyPhoneExplorer"
"C:\Program Files\Tenda\Common\ApUI.exe"="C:\Program Files\Tenda\Common\ApUI.exe:*:Enabled:Tenda Wireless Access Point Utility"
"C:\Program Files\Labcenter Electronics\Proteus 8 Professional\BIN\PDS.EXE"="C:\Program Files\Labcenter Electronics\Proteus 8 Professional\BIN\PDS.EXE:*:Enabled:Proteus 8 Design Suite"
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\VSO\VSO Downloader\3\VsoDownloader.exe"="C:\Program Files\VSO\VSO Downloader\3\VsoDownloader.exe:*:Enabled:VSO Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-04-14 13:58:30 ----D---- C:\Program Files\trend micro
2014-04-14 13:58:28 ----D---- C:\rsit
2014-04-09 07:14:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$
2014-04-07 11:59:44 ----A---- C:\WINDOWS\avastSS.scr
2014-03-31 11:07:06 ----D---- C:\Documents and Settings\HP\Data aplikací\Ancestry
2014-03-31 07:54:19 ----D---- C:\Program Files\Mozilla Firefox
2014-03-26 13:42:10 ----D---- C:\Program Files\desksware
2014-03-26 13:34:16 ----D---- C:\Documents and Settings\HP\Data aplikací\Free Download Manager
2014-03-26 13:33:55 ----D---- C:\Program Files\Free Download Manager
2014-03-26 13:29:17 ----D---- C:\Program Files\YoutubeAdblocker
2014-03-26 13:29:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\YoutubeAdblocker
2014-03-26 13:29:07 ----D---- C:\Program Files\saFEiwEb
2014-03-26 13:29:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\saFEiwEb
2014-03-26 13:28:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\ab8ab9a6021a330
2014-03-26 13:28:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallMate
2014-03-26 13:11:23 ----D---- C:\Documents and Settings\HP\Data aplikací\desksware
2014-03-26 12:53:52 ----D---- C:\WINDOWS\SxsCaPendDel
2014-03-26 12:41:32 ----D---- C:\Documents and Settings\HP\Data aplikací\Desktop Sidebar
2014-03-26 11:02:22 ----D---- C:\Documents and Settings\HP\Data aplikací\VueMinder.Google.Auth
2014-03-20 15:15:52 ----D---- C:\Documents and Settings\HP\Data aplikací\Tracker Software
2014-03-20 12:00:14 ----D---- C:\Program Files\Common Files\Windows Live
2014-03-17 09:17:43 ----D---- C:\Program Files\EAGLE-4.16r2
2014-03-17 09:17:31 ----A---- C:\WINDOWS\uninst.exe

======List of files/folders modified in the last 1 month======

2014-04-14 13:58:30 ----RD---- C:\Program Files
2014-04-14 13:43:29 ----D---- C:\WINDOWS\system32\CatRoot2
2014-04-14 12:49:10 ----D---- C:\WINDOWS\Temp
2014-04-14 12:21:45 ----AD---- C:\WINDOWS
2014-04-14 10:06:37 ----D---- C:\Documents and Settings\HP\Data aplikací\vlc
2014-04-14 08:36:19 ----D---- C:\Downloads
2014-04-14 08:17:25 ----D---- C:\Program Files\PDFCreator
2014-04-14 08:17:23 ----D---- C:\WINDOWS\system32
2014-04-14 08:17:22 ----D---- C:\WINDOWS\Minidump
2014-04-14 08:17:22 ----D---- C:\WINDOWS\Debug
2014-04-14 08:16:25 ----D---- C:\Program Files\CCleaner
2014-04-14 07:03:21 ----D---- C:\Program Files\organizer
2014-04-09 08:34:44 ----D---- C:\Program Files\Mozilla Thunderbird
2014-04-09 07:18:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-09 07:14:23 ----HD---- C:\WINDOWS\inf
2014-04-09 07:14:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-04-09 07:14:07 ----D---- C:\WINDOWS\system32\MRT
2014-04-09 07:07:55 ----A---- C:\WINDOWS\system32\MRT.exe
2014-04-09 07:07:13 ----D---- C:\Program Files\Internet Explorer
2014-04-09 07:06:46 ----D---- C:\WINDOWS\ie8updates
2014-04-08 11:35:58 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-07 11:59:55 ----SD---- C:\WINDOWS\Tasks
2014-04-07 11:59:44 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-04-01 12:08:23 ----SHD---- C:\WINDOWS\Installer
2014-03-31 12:36:04 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-03-28 08:26:12 ----D---- C:\Program Files\MyPhoneExplorer
2014-03-28 08:22:12 ----D---- C:\Documents and Settings\HP\Data aplikací\Dexpot
2014-03-27 14:10:10 ----D---- C:\Documents and Settings\HP\Data aplikací\MyPhoneExplorer
2014-03-27 11:52:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
2014-03-27 07:51:06 ----D---- C:\Program Files\Google
2014-03-26 13:34:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Free Download Manager
2014-03-26 13:28:56 ----D---- C:\Documents and Settings
2014-03-26 13:11:25 ----RSD---- C:\WINDOWS\Fonts
2014-03-26 12:53:51 ----D---- C:\WINDOWS\WinSxS
2014-03-26 11:59:15 ----D---- C:\WINDOWS\Prefetch
2014-03-26 10:59:20 ----RSD---- C:\WINDOWS\assembly
2014-03-25 19:26:09 ----A---- C:\WINDOWS\nwc.ini
2014-03-24 09:01:10 ----D---- C:\Program Files\DeltaCad
2014-03-20 12:00:14 ----D---- C:\Program Files\Common Files
2014-03-20 12:00:01 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2013-09-25 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\WINDOWS\system32\drivers\aswNdis2.sys [2013-12-04 247192]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-04-07 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-04-07 180760]
R0 pxscan;pxscan; C:\WINDOWS\System32\drivers\pxscan.sys [2014-01-03 32008]
R1 aswKbd;aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys []
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-04-07 54832]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-04-07 776976]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-04-07 411552]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-04-07 57672]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2013-03-04 30616]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 pxrts;pxrts; C:\WINDOWS\System32\drivers\pxrts.sys [2014-01-03 76440]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-04-07 67824]
R2 cvintdrv;cvintdrv; C:\WINDOWS\system32\drivers\cvintdrv.sys [2005-06-10 7140]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2013-01-03 12808]
R2 Scutum50;Scutum50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\Scutum50.sys [2009-04-21 19072]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-03-29 5444680]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pxkbf;pxkbf; C:\WINDOWS\System32\drivers\pxkbf.sys [2014-01-03 26096]
R3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2013-07-24 30720]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-10-26 237096]
S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2008-06-06 98816]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-14 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-14 71552]
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
S3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2011-03-30 1486336]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2010-03-20 117504]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2013-02-13 63464]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2013-02-13 73576]
S3 HdAudAddService;Ovladač funkcí Microsoft UAA pro služby sběrnice High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105728]
S3 IObitUnlocker;IObitUnlocker; \??\C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys []
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2013-01-03 44680]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2013-01-03 40200]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2013-01-03 30984]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2010-11-10 1130848]
S3 tap0901;avast! SecureLine TAP Adapter; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-04-30 35088]
S3 TotRec8;Total Recorder WDM audio filter driver; \??\C:\WINDOWS\system32\drivers\TotRec8.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbser;USB RS-232 Emulation Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-29 26240]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;Sony sa0102 ADB Interface; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-11 120088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-07 50344]
R2 CSIScanner;CSIScanner; C:\Program Files\Prevx\prevx.exe [2014-01-03 6415608]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-01-21 182696]
R2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2005-08-25 688190]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2005-10-11 45056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2005-10-11 53248]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2005-10-11 204800]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2005-10-10 49152]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\Tenda\Common\RaRegistry.exe [2010-06-28 193888]
S2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-12-04 116776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-18 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-08 257928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-18 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-31 119408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 AbSoftMgr4;AbSoftMgr4; C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe [2008-06-16 630784]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 14 dub 2014 20:48
od Roli
Zdravím, v HJT fixni :

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\b052ef86-522d-4705-af6c-0848e61e22a9.exe /check
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\HP.exe

Fix znamená že spustíš HJT Obrázek jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Služba Google Update (gupdate)
Služba Google Update (gupdatem)

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


V Naplánovaných úlohách smaž Gofor Files Update a Google Update, tohle tam bude několikrát.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Defragmentuj disk buď integrovaným windows nástrojem,

nebo jinou aplikací, například Defragglerem


Pak dej vědět zda se to zlepšilo, případně budeme pokračovat.

Re: Prosím o preventivní kontrolu

Napsal: 17 dub 2014 16:37
od petouf
Díky, zdá se, že je to lepší, pro mne dostačující. Pošlu nějakou podporu :-)
Poprosil bych ještě o kontrolu druhého PC. Občas se "seká" a někdy mi gůgl hlásí podezřelou činnost a chce napsat kontrolní kód. Spyware terminator mě nic nenašel a avast se mi "kousne" na cca 4 procentech kontroly. Defrag se taky zastavil při analýze někde na 25procentech. Tak prosím o kontrolu, zda to má na svědomí nějaká havěť, nebo je-li čas na přeinstalování...:-/
Zde je log: Děkuji a přeji pěkný den!


Logfile of random's system information tool 1.09 (written by random/random)
Run by petra at 2014-04-17 17:19:03
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 24 GB (24%) free of 100 GB
Total RAM: 4094 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:09, on 17.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Users\petra\AppData\Local\FilesFrog Update Checker\update_checker.exe
C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
C:\Users\petra\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\petra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Instair - {0D778FDC-FAD7-4B1D-AB88-7A76A562D65C} - C:\PROGRA~1\Instair\Instair.dll
O2 - BHO: WinZipBar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll
O3 - Toolbar: WinZipBar Toolbar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [ACSW15EN] "C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NexusServer] "C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [EPSON Stylus Photo R265 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE /FU "C:\Windows\TEMP\E_S6B14.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Users\petra\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\petra\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\petra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [FLV Player] C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3338490639-4165212360-2111865542-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3338490639-4165212360-2111865542-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dropbox.lnk = petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CD82C85E-37B7-48E3-9E88-31E140C13C86} (TeeChart Commander v7) - http://www.premis.cz/PremisGUI/cab/Teechart7.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: SluA3ba BonanzaDealsLive (bonanzadealslive) (bonanzadealslive) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: SluA3ba BonanzaDealsLive (bonanzadealslivem) (bonanzadealslivem) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15477 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {6A39AB71-3F55-41DE-A199-F24610AC93BC}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\vsnp2uvc.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Users\petra\AppData\Local\FilesFrog Update Checker\update_checker.exe" /auto
"C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"
szndesktop.exe default start
"C:\Users\petra\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1320386506-425921313-1285190825-1883730953-1647322323-1315768697-1771991340-1096558359
"C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Windows\System32\CtHelper.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe"
"C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\splwow64.exe 12288
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-68018698516236965167281769763753281742101539189-1788061195-1537808930200645977
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Windows\System32\alg.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5060.0.472766813\372100682" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,28,34 --gpu-vendor-id=0x10de --gpu-device-id=0x1245 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.1.460692544\2125110938" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.2.1098136788\452890509" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.3.1825771797\254640605" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.4.238140243\2034343036" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.5.1462904141\795668072" /prefetch:673131151
"C:\Users\petra\Desktop\pc udrzba\antivir\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000UA.job
C:\Windows\tasks\PMCS_Wakeup634657982909132950.job

=========Mozilla firefox=========

ProfilePath - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3]
"Description"=BonanzaDealsLive Update
"Path"=C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9]
"Description"=BonanzaDealsLive Update
"Path"=C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\searchplugins\
Ask.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-16 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}]
Instair - C:\PROGRA~1\Instair\Instair.dll [2013-05-28 590640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}]
WinZipBar Toolbar - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-09-19 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-16 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll [2014-03-22 3486232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-09-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17}]
BonanzaDeals - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll [2013-08-21 100336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - WinZipBar Toolbar - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll [2011-05-09 176936]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll [2014-03-22 3486232]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R265 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE [2006-05-19 139264]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
"Google Update"=C:\Users\petra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-02 116648]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"cz.seznam.software.autoupdate"=C:\Users\petra\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\petra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"FLV Player"=C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2012-10-26 202752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"CTxfiHlp"=CTXFIHLP.EXE []
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL []
"CTHelper"=CTHELPER.EXE []
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"ACSW15EN"=C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [2012-11-14 1133176]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-03-22 2544664]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"tsnp2uvc"=C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [2012-02-23 322560]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"NexusServer"=C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe [2007-03-26 389120]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-16 3854640]

C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Dropbox.lnk - C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-17 17:19:04 ----D---- C:\Program Files\trend micro
2014-04-17 17:19:03 ----D---- C:\rsit
2014-04-16 17:52:31 ----A---- C:\Windows\{00000005-00000000-00000001-00001102-00000004-10071102}.BAK
2014-04-16 17:45:37 ----A---- C:\Windows\avastSS.scr
2014-04-16 17:00:18 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-04-16 17:00:15 ----D---- C:\Users\petra\AppData\Roaming\Spyware Terminator
2014-04-16 17:00:15 ----D---- C:\ProgramData\Spyware Terminator
2014-04-16 16:58:11 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-04-11 05:33:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-11 05:33:40 ----A---- C:\Windows\system32\ieui.dll
2014-04-11 05:33:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-11 05:33:36 ----A---- C:\Windows\system32\vbscript.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\iernonce.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-11 05:33:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-11 05:33:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\system32\iesetup.dll
2014-04-11 05:33:25 ----A---- C:\Windows\system32\mshtml.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-11 05:33:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 05:33:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-11 05:33:21 ----A---- C:\Windows\system32\iertutil.dll
2014-04-11 05:33:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\wininet.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\urlmon.dll
2014-04-11 05:33:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-11 05:33:19 ----A---- C:\Windows\system32\ieframe.dll
2014-04-11 05:33:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-11 05:33:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-11 05:33:17 ----A---- C:\Windows\system32\jscript9.dll
2014-04-09 04:57:56 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 04:57:37 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 04:57:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 04:57:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-03-24 20:31:58 ----D---- C:\Program Files\CyberLink
2014-03-23 22:05:05 ----D---- C:\ProgramData\MAGIX
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files\NewBlue
2014-03-22 21:07:49 ----D---- C:\ProgramData\AVG Secure Search
2014-03-19 21:18:37 ----D---- C:\Users\petra\AppData\Roaming\Titler 2.0
2014-03-19 20:52:31 ----D---- C:\ProgramData\eSellerate
2014-03-19 20:52:31 ----D---- C:\Program Files\Adobe
2014-03-19 20:50:36 ----D---- C:\Program Files\Common Files\OFX
2014-03-19 20:49:56 ----D---- C:\Program Files\NewBlue
2014-03-19 20:49:23 ----D---- C:\Program Files (x86)\NewBlue
2014-03-19 20:12:07 ----D---- C:\Users\petra\AppData\Roaming\Avid Technology Inc
2014-03-19 19:40:12 ----D---- C:\Windows\SYSWOW64\MEDIA
2014-03-19 19:39:16 ----D---- C:\Program Files\Avid
2014-03-19 19:17:16 ----D---- C:\ProgramData\PACE
2014-03-19 19:14:10 ----D---- C:\Program Files\Java
2014-03-19 10:52:59 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-04-17 17:19:10 ----D---- C:\Windows\Prefetch
2014-04-17 17:19:06 ----D---- C:\Windows\Temp
2014-04-17 17:19:04 ----RD---- C:\Program Files
2014-04-17 16:19:04 ----D---- C:\Windows\system32\config
2014-04-17 15:48:31 ----D---- C:\Users\petra\AppData\Roaming\Dropbox
2014-04-17 13:36:24 ----ASD---- C:\ProgramData\Microsoft
2014-04-17 13:34:28 ----D---- C:\Users\petra\AppData\Roaming\Seznam.cz
2014-04-17 13:28:08 ----D---- C:\ProgramData\NVIDIA
2014-04-16 17:52:31 ----D---- C:\Windows
2014-04-16 17:45:48 ----D---- C:\Windows\system32\Tasks
2014-04-16 17:45:38 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-16 17:44:49 ----SHD---- C:\System Volume Information
2014-04-16 17:07:52 ----RD---- C:\Program Files (x86)
2014-04-16 17:00:19 ----D---- C:\Windows\system32\drivers
2014-04-16 17:00:19 ----D---- C:\Windows\inf
2014-04-16 17:00:15 ----HD---- C:\ProgramData
2014-04-16 16:55:50 ----D---- C:\Windows\Panther
2014-04-16 16:55:49 ----D---- C:\Windows\Logs
2014-04-16 16:55:49 ----D---- C:\Windows\debug
2014-04-16 16:51:51 ----SHD---- C:\Windows\Installer
2014-04-15 19:32:04 ----D---- C:\Users\petra\AppData\Roaming\MediaMonkey
2014-04-15 19:30:36 ----D---- C:\Program Files (x86)\The KMPlayer
2014-04-15 12:12:04 ----D---- C:\Windows\system32\NDF
2014-04-11 16:04:14 ----D---- C:\Windows\System32
2014-04-11 16:04:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-11 09:56:45 ----D---- C:\Windows\rescache
2014-04-11 08:32:42 ----D---- C:\Windows\winsxs
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-11 08:29:40 ----D---- C:\Program Files\Internet Explorer
2014-04-11 08:29:39 ----D---- C:\Windows\SysWOW64
2014-04-11 08:29:38 ----D---- C:\Windows\system32\en-US
2014-04-11 08:29:38 ----D---- C:\Windows\system32\cs-CZ
2014-04-11 08:29:38 ----D---- C:\Windows\PolicyDefinitions
2014-04-11 08:29:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-11 05:34:22 ----D---- C:\Windows\system32\catroot2
2014-04-11 05:34:22 ----D---- C:\Windows\system32\catroot
2014-04-10 05:01:44 ----D---- C:\Windows\AppPatch
2014-04-10 05:01:40 ----D---- C:\Windows\system32\DriverStore
2014-04-09 05:40:22 ----D---- C:\Windows\system32\MRT
2014-04-09 05:37:36 ----A---- C:\Windows\system32\MRT.exe
2014-03-27 16:37:57 ----SD---- C:\Users\petra\AppData\Roaming\Microsoft
2014-03-24 20:49:15 ----D---- C:\Program Files (x86)\Boris FX, Inc
2014-03-24 20:39:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-03-24 08:45:39 ----A---- C:\Windows\NeroDigital.ini
2014-03-23 22:21:16 ----D---- C:\Program Files (x86)\Avid
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files
2014-03-23 22:01:46 ----D---- C:\Program Files (x86)\Common Files
2014-03-22 21:06:51 ----D---- C:\Program Files (x86)\AVG Secure Search
2014-03-20 06:00:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 20:12:36 ----D---- C:\Users\petra\AppData\Roaming\PACE Anti-Piracy
2014-03-19 20:12:36 ----D---- C:\ProgramData\PACE Anti-Piracy
2014-03-19 20:11:44 ----D---- C:\ProgramData\Avid
2014-03-19 19:41:38 ----D---- C:\Program Files\Common Files\Avid
2014-03-19 19:40:07 ----RSD---- C:\Windows\Fonts
2014-03-19 19:17:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-03-19 10:32:45 ----D---- C:\Windows\SYSWOW64\drivers
2014-03-18 19:19:02 ----D---- C:\Users\petra\AppData\Roaming\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-16 208928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2011-06-28 105592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-16 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-16 423240]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-03-22 49952]
R1 cdrblock;cdrblock; C:\Windows\system32\DRIVERS\cdrblock.sys [2008-05-30 34360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-16 79184]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2007-04-27 142120]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-04-16 51496]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-16 84816]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 158808]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-03-18 580696]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-03-18 866264]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 706648]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-03-18 16984]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 681048]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-03-18 290392]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-03-18 147544]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2010-03-18 1360984]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2010-03-18 259672]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-03-18 221272]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-11-24 648808]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-09-09 3567232]
S1 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys []
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\Windows\system32\DRIVERS\avcstrm.sys [2009-07-14 17664]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL []
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 158808]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL []
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 706648]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL []
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTERFXFX;CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL []
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 681048]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\Everest Ultimate Engineer Edition v5.50 build 2253\kerneld.amd64 []
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2010-03-18 295000]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\Windows\system32\DRIVERS\mstape.sys [2009-07-14 56448]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-16 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PaceLicenseDServices;PACE License Services; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2011-07-09 2932224]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-10-22 1149104]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [2014-03-22 1771032]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S2 bonanzadealslive;Služba BonanzaDealsLive (bonanzadealslive); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-12-02 148976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-02-27 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 bonanzadealslivem;Služba BonanzaDealsLive (bonanzadealslivem); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-12-02 148976]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-07-10 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-03-17 79360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-19 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 17 dub 2014 16:37
od petouf
Díky, zdá se, že je to lepší, pro mne dostačující. Pošlu nějakou podporu :-)
Poprosil bych ještě o kontrolu druhého PC. Občas se "seká" a někdy mi gůgl hlásí podezřelou činnost a chce napsat kontrolní kód. Spyware terminator mě nic nenašel a avast se mi "kousne" na cca 4 procentech kontroly. Defrag se taky zastavil při analýze někde na 25procentech. Tak prosím o kontrolu, zda to má na svědomí nějaká havěť, nebo je-li čas na přeinstalování...:-/
Zde je log: Děkuji a přeji pěkný den!


Logfile of random's system information tool 1.09 (written by random/random)
Run by petra at 2014-04-17 17:19:03
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 24 GB (24%) free of 100 GB
Total RAM: 4094 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:09, on 17.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Users\petra\AppData\Local\FilesFrog Update Checker\update_checker.exe
C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
C:\Users\petra\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\petra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Instair - {0D778FDC-FAD7-4B1D-AB88-7A76A562D65C} - C:\PROGRA~1\Instair\Instair.dll
O2 - BHO: WinZipBar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll
O3 - Toolbar: WinZipBar Toolbar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [ACSW15EN] "C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NexusServer] "C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [EPSON Stylus Photo R265 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE /FU "C:\Windows\TEMP\E_S6B14.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Users\petra\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\petra\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\petra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [FLV Player] C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3338490639-4165212360-2111865542-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3338490639-4165212360-2111865542-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dropbox.lnk = petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CD82C85E-37B7-48E3-9E88-31E140C13C86} (TeeChart Commander v7) - http://www.premis.cz/PremisGUI/cab/Teechart7.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: SluA3ba BonanzaDealsLive (bonanzadealslive) (bonanzadealslive) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: SluA3ba BonanzaDealsLive (bonanzadealslivem) (bonanzadealslivem) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15477 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {6A39AB71-3F55-41DE-A199-F24610AC93BC}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\vsnp2uvc.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Users\petra\AppData\Local\FilesFrog Update Checker\update_checker.exe" /auto
"C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"
szndesktop.exe default start
"C:\Users\petra\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1320386506-425921313-1285190825-1883730953-1647322323-1315768697-1771991340-1096558359
"C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Windows\System32\CtHelper.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe"
"C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\splwow64.exe 12288
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-68018698516236965167281769763753281742101539189-1788061195-1537808930200645977
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Windows\System32\alg.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5060.0.472766813\372100682" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,28,34 --gpu-vendor-id=0x10de --gpu-device-id=0x1245 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.1.460692544\2125110938" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.2.1098136788\452890509" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.3.1825771797\254640605" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.4.238140243\2034343036" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.5.1462904141\795668072" /prefetch:673131151
"C:\Users\petra\Desktop\pc udrzba\antivir\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000UA.job
C:\Windows\tasks\PMCS_Wakeup634657982909132950.job

=========Mozilla firefox=========

ProfilePath - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3]
"Description"=BonanzaDealsLive Update
"Path"=C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9]
"Description"=BonanzaDealsLive Update
"Path"=C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\searchplugins\
Ask.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-16 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}]
Instair - C:\PROGRA~1\Instair\Instair.dll [2013-05-28 590640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}]
WinZipBar Toolbar - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-09-19 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-16 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll [2014-03-22 3486232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-09-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17}]
BonanzaDeals - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll [2013-08-21 100336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - WinZipBar Toolbar - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll [2011-05-09 176936]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll [2014-03-22 3486232]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R265 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE [2006-05-19 139264]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
"Google Update"=C:\Users\petra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-02 116648]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"cz.seznam.software.autoupdate"=C:\Users\petra\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\petra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"FLV Player"=C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2012-10-26 202752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"CTxfiHlp"=CTXFIHLP.EXE []
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL []
"CTHelper"=CTHELPER.EXE []
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"ACSW15EN"=C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [2012-11-14 1133176]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-03-22 2544664]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"tsnp2uvc"=C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [2012-02-23 322560]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"NexusServer"=C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe [2007-03-26 389120]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-16 3854640]

C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Dropbox.lnk - C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-17 17:19:04 ----D---- C:\Program Files\trend micro
2014-04-17 17:19:03 ----D---- C:\rsit
2014-04-16 17:52:31 ----A---- C:\Windows\{00000005-00000000-00000001-00001102-00000004-10071102}.BAK
2014-04-16 17:45:37 ----A---- C:\Windows\avastSS.scr
2014-04-16 17:00:18 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-04-16 17:00:15 ----D---- C:\Users\petra\AppData\Roaming\Spyware Terminator
2014-04-16 17:00:15 ----D---- C:\ProgramData\Spyware Terminator
2014-04-16 16:58:11 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-04-11 05:33:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-11 05:33:40 ----A---- C:\Windows\system32\ieui.dll
2014-04-11 05:33:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-11 05:33:36 ----A---- C:\Windows\system32\vbscript.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\iernonce.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-11 05:33:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-11 05:33:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\system32\iesetup.dll
2014-04-11 05:33:25 ----A---- C:\Windows\system32\mshtml.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-11 05:33:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 05:33:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-11 05:33:21 ----A---- C:\Windows\system32\iertutil.dll
2014-04-11 05:33:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\wininet.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\urlmon.dll
2014-04-11 05:33:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-11 05:33:19 ----A---- C:\Windows\system32\ieframe.dll
2014-04-11 05:33:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-11 05:33:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-11 05:33:17 ----A---- C:\Windows\system32\jscript9.dll
2014-04-09 04:57:56 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 04:57:37 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 04:57:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 04:57:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-03-24 20:31:58 ----D---- C:\Program Files\CyberLink
2014-03-23 22:05:05 ----D---- C:\ProgramData\MAGIX
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files\NewBlue
2014-03-22 21:07:49 ----D---- C:\ProgramData\AVG Secure Search
2014-03-19 21:18:37 ----D---- C:\Users\petra\AppData\Roaming\Titler 2.0
2014-03-19 20:52:31 ----D---- C:\ProgramData\eSellerate
2014-03-19 20:52:31 ----D---- C:\Program Files\Adobe
2014-03-19 20:50:36 ----D---- C:\Program Files\Common Files\OFX
2014-03-19 20:49:56 ----D---- C:\Program Files\NewBlue
2014-03-19 20:49:23 ----D---- C:\Program Files (x86)\NewBlue
2014-03-19 20:12:07 ----D---- C:\Users\petra\AppData\Roaming\Avid Technology Inc
2014-03-19 19:40:12 ----D---- C:\Windows\SYSWOW64\MEDIA
2014-03-19 19:39:16 ----D---- C:\Program Files\Avid
2014-03-19 19:17:16 ----D---- C:\ProgramData\PACE
2014-03-19 19:14:10 ----D---- C:\Program Files\Java
2014-03-19 10:52:59 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-04-17 17:19:10 ----D---- C:\Windows\Prefetch
2014-04-17 17:19:06 ----D---- C:\Windows\Temp
2014-04-17 17:19:04 ----RD---- C:\Program Files
2014-04-17 16:19:04 ----D---- C:\Windows\system32\config
2014-04-17 15:48:31 ----D---- C:\Users\petra\AppData\Roaming\Dropbox
2014-04-17 13:36:24 ----ASD---- C:\ProgramData\Microsoft
2014-04-17 13:34:28 ----D---- C:\Users\petra\AppData\Roaming\Seznam.cz
2014-04-17 13:28:08 ----D---- C:\ProgramData\NVIDIA
2014-04-16 17:52:31 ----D---- C:\Windows
2014-04-16 17:45:48 ----D---- C:\Windows\system32\Tasks
2014-04-16 17:45:38 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-16 17:44:49 ----SHD---- C:\System Volume Information
2014-04-16 17:07:52 ----RD---- C:\Program Files (x86)
2014-04-16 17:00:19 ----D---- C:\Windows\system32\drivers
2014-04-16 17:00:19 ----D---- C:\Windows\inf
2014-04-16 17:00:15 ----HD---- C:\ProgramData
2014-04-16 16:55:50 ----D---- C:\Windows\Panther
2014-04-16 16:55:49 ----D---- C:\Windows\Logs
2014-04-16 16:55:49 ----D---- C:\Windows\debug
2014-04-16 16:51:51 ----SHD---- C:\Windows\Installer
2014-04-15 19:32:04 ----D---- C:\Users\petra\AppData\Roaming\MediaMonkey
2014-04-15 19:30:36 ----D---- C:\Program Files (x86)\The KMPlayer
2014-04-15 12:12:04 ----D---- C:\Windows\system32\NDF
2014-04-11 16:04:14 ----D---- C:\Windows\System32
2014-04-11 16:04:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-11 09:56:45 ----D---- C:\Windows\rescache
2014-04-11 08:32:42 ----D---- C:\Windows\winsxs
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-11 08:29:40 ----D---- C:\Program Files\Internet Explorer
2014-04-11 08:29:39 ----D---- C:\Windows\SysWOW64
2014-04-11 08:29:38 ----D---- C:\Windows\system32\en-US
2014-04-11 08:29:38 ----D---- C:\Windows\system32\cs-CZ
2014-04-11 08:29:38 ----D---- C:\Windows\PolicyDefinitions
2014-04-11 08:29:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-11 05:34:22 ----D---- C:\Windows\system32\catroot2
2014-04-11 05:34:22 ----D---- C:\Windows\system32\catroot
2014-04-10 05:01:44 ----D---- C:\Windows\AppPatch
2014-04-10 05:01:40 ----D---- C:\Windows\system32\DriverStore
2014-04-09 05:40:22 ----D---- C:\Windows\system32\MRT
2014-04-09 05:37:36 ----A---- C:\Windows\system32\MRT.exe
2014-03-27 16:37:57 ----SD---- C:\Users\petra\AppData\Roaming\Microsoft
2014-03-24 20:49:15 ----D---- C:\Program Files (x86)\Boris FX, Inc
2014-03-24 20:39:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-03-24 08:45:39 ----A---- C:\Windows\NeroDigital.ini
2014-03-23 22:21:16 ----D---- C:\Program Files (x86)\Avid
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files
2014-03-23 22:01:46 ----D---- C:\Program Files (x86)\Common Files
2014-03-22 21:06:51 ----D---- C:\Program Files (x86)\AVG Secure Search
2014-03-20 06:00:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 20:12:36 ----D---- C:\Users\petra\AppData\Roaming\PACE Anti-Piracy
2014-03-19 20:12:36 ----D---- C:\ProgramData\PACE Anti-Piracy
2014-03-19 20:11:44 ----D---- C:\ProgramData\Avid
2014-03-19 19:41:38 ----D---- C:\Program Files\Common Files\Avid
2014-03-19 19:40:07 ----RSD---- C:\Windows\Fonts
2014-03-19 19:17:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-03-19 10:32:45 ----D---- C:\Windows\SYSWOW64\drivers
2014-03-18 19:19:02 ----D---- C:\Users\petra\AppData\Roaming\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-16 208928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2011-06-28 105592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-16 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-16 423240]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-03-22 49952]
R1 cdrblock;cdrblock; C:\Windows\system32\DRIVERS\cdrblock.sys [2008-05-30 34360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-16 79184]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2007-04-27 142120]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-04-16 51496]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-16 84816]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 158808]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-03-18 580696]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-03-18 866264]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 706648]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-03-18 16984]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 681048]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-03-18 290392]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-03-18 147544]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2010-03-18 1360984]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2010-03-18 259672]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-03-18 221272]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-11-24 648808]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-09-09 3567232]
S1 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys []
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\Windows\system32\DRIVERS\avcstrm.sys [2009-07-14 17664]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL []
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 158808]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL []
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 706648]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL []
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTERFXFX;CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL []
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 681048]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\Everest Ultimate Engineer Edition v5.50 build 2253\kerneld.amd64 []
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2010-03-18 295000]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\Windows\system32\DRIVERS\mstape.sys [2009-07-14 56448]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-16 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PaceLicenseDServices;PACE License Services; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2011-07-09 2932224]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-10-22 1149104]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [2014-03-22 1771032]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S2 bonanzadealslive;Služba BonanzaDealsLive (bonanzadealslive); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-12-02 148976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-02-27 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 bonanzadealslivem;Služba BonanzaDealsLive (bonanzadealslivem); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-12-02 148976]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-07-10 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-03-17 79360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-19 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 17 dub 2014 16:37
od petouf
Díky, zdá se, že je to lepší, pro mne dostačující. Pošlu nějakou podporu :-)
Poprosil bych ještě o kontrolu druhého PC. Občas se "seká" a někdy mi gůgl hlásí podezřelou činnost a chce napsat kontrolní kód. Spyware terminator mě nic nenašel a avast se mi "kousne" na cca 4 procentech kontroly. Defrag se taky zastavil při analýze někde na 25procentech. Tak prosím o kontrolu, zda to má na svědomí nějaká havěť, nebo je-li čas na přeinstalování...:-/
Zde je log: Děkuji a přeji pěkný den!


Logfile of random's system information tool 1.09 (written by random/random)
Run by petra at 2014-04-17 17:19:03
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 24 GB (24%) free of 100 GB
Total RAM: 4094 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:09, on 17.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Users\petra\AppData\Local\FilesFrog Update Checker\update_checker.exe
C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
C:\Users\petra\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\petra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Instair - {0D778FDC-FAD7-4B1D-AB88-7A76A562D65C} - C:\PROGRA~1\Instair\Instair.dll
O2 - BHO: WinZipBar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll
O3 - Toolbar: WinZipBar Toolbar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [ACSW15EN] "C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NexusServer] "C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [EPSON Stylus Photo R265 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE /FU "C:\Windows\TEMP\E_S6B14.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Users\petra\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\petra\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\petra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [FLV Player] C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3338490639-4165212360-2111865542-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3338490639-4165212360-2111865542-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dropbox.lnk = petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CD82C85E-37B7-48E3-9E88-31E140C13C86} (TeeChart Commander v7) - http://www.premis.cz/PremisGUI/cab/Teechart7.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: SluA3ba BonanzaDealsLive (bonanzadealslive) (bonanzadealslive) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: SluA3ba BonanzaDealsLive (bonanzadealslivem) (bonanzadealslivem) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15477 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {6A39AB71-3F55-41DE-A199-F24610AC93BC}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\vsnp2uvc.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Users\petra\AppData\Local\FilesFrog Update Checker\update_checker.exe" /auto
"C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"
szndesktop.exe default start
"C:\Users\petra\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1320386506-425921313-1285190825-1883730953-1647322323-1315768697-1771991340-1096558359
"C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Windows\System32\CtHelper.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe"
"C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\splwow64.exe 12288
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-68018698516236965167281769763753281742101539189-1788061195-1537808930200645977
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Windows\System32\alg.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5060.0.472766813\372100682" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,28,34 --gpu-vendor-id=0x10de --gpu-device-id=0x1245 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.1.460692544\2125110938" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.2.1098136788\452890509" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.3.1825771797\254640605" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.4.238140243\2034343036" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5060.5.1462904141\795668072" /prefetch:673131151
"C:\Users\petra\Desktop\pc udrzba\antivir\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000UA.job
C:\Windows\tasks\PMCS_Wakeup634657982909132950.job

=========Mozilla firefox=========

ProfilePath - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3]
"Description"=BonanzaDealsLive Update
"Path"=C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9]
"Description"=BonanzaDealsLive Update
"Path"=C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\searchplugins\
Ask.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-16 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}]
Instair - C:\PROGRA~1\Instair\Instair.dll [2013-05-28 590640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}]
WinZipBar Toolbar - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-09-19 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-16 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll [2014-03-22 3486232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-09-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17}]
BonanzaDeals - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll [2013-08-21 100336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - WinZipBar Toolbar - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll [2011-05-09 176936]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll [2014-03-22 3486232]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R265 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE [2006-05-19 139264]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
"Google Update"=C:\Users\petra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-02 116648]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"cz.seznam.software.autoupdate"=C:\Users\petra\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\petra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"FLV Player"=C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2012-10-26 202752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"CTxfiHlp"=CTXFIHLP.EXE []
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL []
"CTHelper"=CTHELPER.EXE []
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"ACSW15EN"=C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [2012-11-14 1133176]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-03-22 2544664]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"tsnp2uvc"=C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [2012-02-23 322560]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"NexusServer"=C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe [2007-03-26 389120]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-16 3854640]

C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Dropbox.lnk - C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-17 17:19:04 ----D---- C:\Program Files\trend micro
2014-04-17 17:19:03 ----D---- C:\rsit
2014-04-16 17:52:31 ----A---- C:\Windows\{00000005-00000000-00000001-00001102-00000004-10071102}.BAK
2014-04-16 17:45:37 ----A---- C:\Windows\avastSS.scr
2014-04-16 17:00:18 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-04-16 17:00:15 ----D---- C:\Users\petra\AppData\Roaming\Spyware Terminator
2014-04-16 17:00:15 ----D---- C:\ProgramData\Spyware Terminator
2014-04-16 16:58:11 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-04-11 05:33:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-11 05:33:40 ----A---- C:\Windows\system32\ieui.dll
2014-04-11 05:33:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-11 05:33:36 ----A---- C:\Windows\system32\vbscript.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\iernonce.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-11 05:33:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-11 05:33:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\system32\iesetup.dll
2014-04-11 05:33:25 ----A---- C:\Windows\system32\mshtml.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-11 05:33:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 05:33:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-11 05:33:21 ----A---- C:\Windows\system32\iertutil.dll
2014-04-11 05:33:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\wininet.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\urlmon.dll
2014-04-11 05:33:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-11 05:33:19 ----A---- C:\Windows\system32\ieframe.dll
2014-04-11 05:33:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-11 05:33:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-11 05:33:17 ----A---- C:\Windows\system32\jscript9.dll
2014-04-09 04:57:56 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 04:57:37 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 04:57:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 04:57:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-03-24 20:31:58 ----D---- C:\Program Files\CyberLink
2014-03-23 22:05:05 ----D---- C:\ProgramData\MAGIX
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files\NewBlue
2014-03-22 21:07:49 ----D---- C:\ProgramData\AVG Secure Search
2014-03-19 21:18:37 ----D---- C:\Users\petra\AppData\Roaming\Titler 2.0
2014-03-19 20:52:31 ----D---- C:\ProgramData\eSellerate
2014-03-19 20:52:31 ----D---- C:\Program Files\Adobe
2014-03-19 20:50:36 ----D---- C:\Program Files\Common Files\OFX
2014-03-19 20:49:56 ----D---- C:\Program Files\NewBlue
2014-03-19 20:49:23 ----D---- C:\Program Files (x86)\NewBlue
2014-03-19 20:12:07 ----D---- C:\Users\petra\AppData\Roaming\Avid Technology Inc
2014-03-19 19:40:12 ----D---- C:\Windows\SYSWOW64\MEDIA
2014-03-19 19:39:16 ----D---- C:\Program Files\Avid
2014-03-19 19:17:16 ----D---- C:\ProgramData\PACE
2014-03-19 19:14:10 ----D---- C:\Program Files\Java
2014-03-19 10:52:59 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-04-17 17:19:10 ----D---- C:\Windows\Prefetch
2014-04-17 17:19:06 ----D---- C:\Windows\Temp
2014-04-17 17:19:04 ----RD---- C:\Program Files
2014-04-17 16:19:04 ----D---- C:\Windows\system32\config
2014-04-17 15:48:31 ----D---- C:\Users\petra\AppData\Roaming\Dropbox
2014-04-17 13:36:24 ----ASD---- C:\ProgramData\Microsoft
2014-04-17 13:34:28 ----D---- C:\Users\petra\AppData\Roaming\Seznam.cz
2014-04-17 13:28:08 ----D---- C:\ProgramData\NVIDIA
2014-04-16 17:52:31 ----D---- C:\Windows
2014-04-16 17:45:48 ----D---- C:\Windows\system32\Tasks
2014-04-16 17:45:38 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-16 17:44:49 ----SHD---- C:\System Volume Information
2014-04-16 17:07:52 ----RD---- C:\Program Files (x86)
2014-04-16 17:00:19 ----D---- C:\Windows\system32\drivers
2014-04-16 17:00:19 ----D---- C:\Windows\inf
2014-04-16 17:00:15 ----HD---- C:\ProgramData
2014-04-16 16:55:50 ----D---- C:\Windows\Panther
2014-04-16 16:55:49 ----D---- C:\Windows\Logs
2014-04-16 16:55:49 ----D---- C:\Windows\debug
2014-04-16 16:51:51 ----SHD---- C:\Windows\Installer
2014-04-15 19:32:04 ----D---- C:\Users\petra\AppData\Roaming\MediaMonkey
2014-04-15 19:30:36 ----D---- C:\Program Files (x86)\The KMPlayer
2014-04-15 12:12:04 ----D---- C:\Windows\system32\NDF
2014-04-11 16:04:14 ----D---- C:\Windows\System32
2014-04-11 16:04:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-11 09:56:45 ----D---- C:\Windows\rescache
2014-04-11 08:32:42 ----D---- C:\Windows\winsxs
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-11 08:29:40 ----D---- C:\Program Files\Internet Explorer
2014-04-11 08:29:39 ----D---- C:\Windows\SysWOW64
2014-04-11 08:29:38 ----D---- C:\Windows\system32\en-US
2014-04-11 08:29:38 ----D---- C:\Windows\system32\cs-CZ
2014-04-11 08:29:38 ----D---- C:\Windows\PolicyDefinitions
2014-04-11 08:29:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-11 05:34:22 ----D---- C:\Windows\system32\catroot2
2014-04-11 05:34:22 ----D---- C:\Windows\system32\catroot
2014-04-10 05:01:44 ----D---- C:\Windows\AppPatch
2014-04-10 05:01:40 ----D---- C:\Windows\system32\DriverStore
2014-04-09 05:40:22 ----D---- C:\Windows\system32\MRT
2014-04-09 05:37:36 ----A---- C:\Windows\system32\MRT.exe
2014-03-27 16:37:57 ----SD---- C:\Users\petra\AppData\Roaming\Microsoft
2014-03-24 20:49:15 ----D---- C:\Program Files (x86)\Boris FX, Inc
2014-03-24 20:39:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-03-24 08:45:39 ----A---- C:\Windows\NeroDigital.ini
2014-03-23 22:21:16 ----D---- C:\Program Files (x86)\Avid
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files
2014-03-23 22:01:46 ----D---- C:\Program Files (x86)\Common Files
2014-03-22 21:06:51 ----D---- C:\Program Files (x86)\AVG Secure Search
2014-03-20 06:00:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 20:12:36 ----D---- C:\Users\petra\AppData\Roaming\PACE Anti-Piracy
2014-03-19 20:12:36 ----D---- C:\ProgramData\PACE Anti-Piracy
2014-03-19 20:11:44 ----D---- C:\ProgramData\Avid
2014-03-19 19:41:38 ----D---- C:\Program Files\Common Files\Avid
2014-03-19 19:40:07 ----RSD---- C:\Windows\Fonts
2014-03-19 19:17:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-03-19 10:32:45 ----D---- C:\Windows\SYSWOW64\drivers
2014-03-18 19:19:02 ----D---- C:\Users\petra\AppData\Roaming\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-16 208928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2011-06-28 105592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-16 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-16 423240]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-03-22 49952]
R1 cdrblock;cdrblock; C:\Windows\system32\DRIVERS\cdrblock.sys [2008-05-30 34360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-16 79184]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2007-04-27 142120]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-04-16 51496]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-16 84816]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 158808]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-03-18 580696]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-03-18 866264]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 706648]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-03-18 16984]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 681048]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-03-18 290392]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-03-18 147544]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2010-03-18 1360984]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2010-03-18 259672]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-03-18 221272]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-11-24 648808]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-09-09 3567232]
S1 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys []
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\Windows\system32\DRIVERS\avcstrm.sys [2009-07-14 17664]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL []
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 158808]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL []
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 706648]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL []
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTERFXFX;CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL []
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 681048]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\Everest Ultimate Engineer Edition v5.50 build 2253\kerneld.amd64 []
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2010-03-18 295000]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\Windows\system32\DRIVERS\mstape.sys [2009-07-14 56448]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-16 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PaceLicenseDServices;PACE License Services; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2011-07-09 2932224]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-10-22 1149104]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [2014-03-22 1771032]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S2 bonanzadealslive;Služba BonanzaDealsLive (bonanzadealslive); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-12-02 148976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-02-27 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 bonanzadealslivem;Služba BonanzaDealsLive (bonanzadealslivem); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-12-02 148976]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-07-10 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-03-17 79360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-19 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 17 dub 2014 17:26
od Roli
V první řadě odinstaluj vše od AVG


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


V HJT fixni :

O2 - BHO: WinZipBar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.
O2 - BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll
O3 - Toolbar: WinZipBar Toolbar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Users\petra\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\petra\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\petra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [FLV Player] C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

HJT najdeš zde :

C:\Program Files\trend micro\petra.exe

Fix znamená že spustíš HJT Obrázek jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

Služba Google Update (gupdate)
Služba Google Update (gupdatem)
Nero BackItUp Scheduler 3
Nero BackItUp Scheduler 4.0
NMIndexingService
NVIDIA Update Service Daemon
vToolbarUpdater18.0.5

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


V Plánovači úloh zakaž :

AVG-Secure-Search-Update
Bonanza Deals Live Update
Google Update

vše tam bude několikrát.


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.

Re: Prosím o preventivní kontrolu

Napsal: 17 dub 2014 17:56
od petouf
Díky,
nenašel jsem
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
vToolbarUpdater18.0.5

Jinak jsem to udělal dle návodu, ADW na mě vyplivnul totok:
Díky...


# AdwCleaner v3.023 - Report created 17/04/2014 at 18:52:21
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : petra - PETRA-PC
# Running from : C:\Users\petra\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : bonanzadealslive
Service Found : bonanzadealslivem

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Found : C:\Users\petra\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\invalidprefs.js
File Found : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\searchplugins\Ask.xml
File Found : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
File Found : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
File Found : C:\Windows\System32\Tasks\BonanzaDealsUpdate
File Found : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
File Found : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Folder Found : C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Folder Found C:\Program Files (x86)\BonanzaDeals
Folder Found C:\Program Files (x86)\BonanzaDealsLive
Folder Found C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\driver-soft
Folder Found C:\Program Files (x86)\OApps
Folder Found C:\Program Files (x86)\SimilarSites
Folder Found C:\Program Files (x86)\WinZipBar
Folder Found C:\ProgramData\BonanzaDealsLive
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Folder Found C:\Users\petra\AppData\Local\BonanzaDealsLive
Folder Found C:\Users\petra\AppData\Local\Conduit
Folder Found C:\Users\petra\AppData\Local\FilesFrog Update Checker
Folder Found C:\Users\petra\AppData\Local\FilesFrog Update Checker
Folder Found C:\Users\petra\AppData\Local\webplayer
Folder Found C:\Users\petra\AppData\LocalLow\Conduit
Folder Found C:\Users\petra\AppData\LocalLow\WinZipBar
Folder Found C:\Users\petra\AppData\Roaming\dvdvideosoftiehelpers
Folder Found C:\Users\petra\AppData\Roaming\eCyber
Folder Found C:\Users\petra\AppData\Roaming\iSafe
Folder Found C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Folder Found C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Found C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Found C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\ConduitCommon
Folder Found C:\Users\petra\AppData\Roaming\pdfforge
Folder Found C:\Users\petra\AppData\Roaming\SimilarSites
Folder Found C:\Users\petra\AppData\Roaming\yourfiledownloader

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk ( _?=C:\Users\petra\AppData\Local\WebPlayer\FLV Player )

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\WinZipBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\BonanzaDealsLive
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82EA3E77-7BD2-4744-A8F2-670770767EC5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Somoto
Key Found : HKCU\Software\Webplayer
Key Found : HKCU\Software\YourFileDownloader
Key Found : [x64] HKCU\Software\BonanzaDealsLive
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Somoto
Key Found : [x64] HKCU\Software\Webplayer
Key Found : [x64] HKCU\Software\YourFileDownloader
Key Found : HKLM\Software\BonanzaDealsLive
Key Found : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9280CAA3-237E-468E-A41C-43EADB5FF61A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3106777
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82EA3E77-7BD2-4744-A8F2-670770767EC5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA3395D3-F332-4B9E-9E2F-64CFBFFCF798}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F09384DD-5599-48F9-AECB-36A0E607D29D}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kicad_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kicad_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9280CAA3-237E-468E-A41C-43EADB5FF61A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZipBar Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Key Found : HKLM\Software\SafetyNut
Key Found : HKLM\Software\WinZipBar
Key Found : HKLM\Software\YourFileDownloader
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\prefs.js ]

Line Found : user_pref("CT3106777..clientLogIsEnabled", true);
Line Found : user_pref("CT3106777..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT3106777..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT3106777.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Found : user_pref("CT3106777.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT3106777.AppTrackingLastCheckTime", "Sat Feb 25 2012 10:43:37 GMT+0100");
Line Found : user_pref("CT3106777.BrowserCompStateIsOpen_129724975549181030", true);
Line Found : user_pref("CT3106777.BrowserCompStateIsOpen_130041080178558067", true);
Line Found : user_pref("CT3106777.CT3106777.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3106777&octid=CT3106777&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_[...]
Line Found : user_pref("CT3106777.CTID", "CT3106777");
Line Found : user_pref("CT3106777.ConfigurationLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.CurrentServerDate", "26-10-2013");
Line Found : user_pref("CT3106777.DSInstall", false);
Line Found : user_pref("CT3106777.DialogsAlignMode", "LTR");
Line Found : user_pref("CT3106777.DialogsGetterLastCheckTime", "Wed Oct 23 2013 11:51:16 GMT+0200");
Line Found : user_pref("CT3106777.DownloadReferralCookieData", "");
Line Found : user_pref("CT3106777.EMailNotifierPollDate", "Sat Feb 25 2012 10:55:29 GMT+0100");
Line Found : user_pref("CT3106777.FirstServerDate", "22-2-2012");
Line Found : user_pref("CT3106777.FirstTime", true);
Line Found : user_pref("CT3106777.FirstTimeFF3", true);
Line Found : user_pref("CT3106777.FixPageNotFoundErrors", true);
Line Found : user_pref("CT3106777.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT3106777.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT3106777.HPInstall", false);
Line Found : user_pref("CT3106777.HasUserGlobalKeys", true);
Line Found : user_pref("CT3106777.HomePageProtectorEnabled", false);
Line Found : user_pref("CT3106777.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Line Found : user_pref("CT3106777.Initialize", true);
Line Found : user_pref("CT3106777.InitializeCommonPrefs", true);
Line Found : user_pref("CT3106777.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT3106777.InstallationId", "ConduitNSISIntegration");
Line Found : user_pref("CT3106777.InstallationType", "ConduitXPEIntegration");
Line Found : user_pref("CT3106777.InstalledDate", "Wed Feb 22 2012 09:42:22 GMT+0100");
Line Found : user_pref("CT3106777.IsAlertDBUpdated", true);
Line Found : user_pref("CT3106777.IsGrouping", false);
Line Found : user_pref("CT3106777.IsInitSetupIni", true);
Line Found : user_pref("CT3106777.IsMulticommunity", false);
Line Found : user_pref("CT3106777.IsOpenThankYouPage", false);
Line Found : user_pref("CT3106777.IsOpenUninstallPage", false);
Line Found : user_pref("CT3106777.LanguagePackLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT3106777.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT3106777.LastLogin_3.12.0.7", "Wed Apr 25 2012 11:54:53 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.12.2.3", "Thu May 31 2012 19:53:42 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.13.0.6", "Mon Jul 16 2012 04:56:08 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.14.1.0", "Thu Aug 23 2012 07:22:07 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.15.1.0", "Wed Nov 07 2012 19:14:03 GMT+0100");
Line Found : user_pref("CT3106777.LastLogin_3.16.0.3", "Thu Mar 07 2013 09:16:51 GMT+0100");
Line Found : user_pref("CT3106777.LastLogin_3.18.0.7", "Sun Jul 14 2013 20:33:43 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.19.0.3", "Mon Sep 09 2013 09:12:46 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.20.0.4", "Sat Oct 26 2013 09:14:06 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.9.0.3", "Sat Feb 25 2012 09:35:08 GMT+0100");
Line Found : user_pref("CT3106777.LatestVersion", "3.20.0.4");
Line Found : user_pref("CT3106777.Locale", "en");
Line Found : user_pref("CT3106777.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT3106777.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT3106777.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT3106777.MyStuffEnabledAtInstallation", true);
Line Found : user_pref("CT3106777.OriginalFirstVersion", "3.9.0.3");
Line Found : user_pref("CT3106777.SearchAPILastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.SearchCaption", "WinZipBar Customized Web Search");
Line Found : user_pref("CT3106777.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Line Found : user_pref("CT3106777.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT3106777.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=2&q=");
Line Found : user_pref("CT3106777.SearchInNewTabEnabled", true);
Line Found : user_pref("CT3106777.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT3106777.SearchInNewTabLastCheckTime", "Sun Sep 08 2013 15:45:24 GMT+0200");
Line Found : user_pref("CT3106777.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Found : user_pref("CT3106777.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT3106777&octid=CT3106777&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Found : user_pref("CT3106777.SearchInNewTabUserEnabled", false);
Line Found : user_pref("CT3106777.SearchProtectorEnabled", false);
Line Found : user_pref("CT3106777.SearchProtectorToolbarDisabled", false);
Line Found : user_pref("CT3106777.SendProtectorDataViaLogin", true);
Line Found : user_pref("CT3106777.ServiceMapLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.SettingsLastCheckTime", "Sat Oct 26 2013 09:14:04 GMT+0200");
Line Found : user_pref("CT3106777.SettingsLastUpdate", "1382265269");
Line Found : user_pref("CT3106777.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3106777&SearchSource=13");
Line Found : user_pref("CT3106777.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT3106777.ThirdPartyComponentsLastCheck", "Wed Feb 22 2012 09:42:19 GMT+0100");
Line Found : user_pref("CT3106777.ThirdPartyComponentsLastUpdate", "1312887586");
Line Found : user_pref("CT3106777.ToolbarShrinkedFromSetup", false);
Line Found : user_pref("CT3106777.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3106777");
Line Found : user_pref("CT3106777.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Found : user_pref("CT3106777.UserID", "UN59619505060305194");
Line Found : user_pref("CT3106777.alertChannelId", "1500748");
Line Found : user_pref("CT3106777.autoDisableScopes", -1);
Line Found : user_pref("CT3106777.backendstorage.searchappstate", "33");
Line Found : user_pref("CT3106777.backendstorage.searchapptracking", "73656E74");
Line Found : user_pref("CT3106777.countryCode", "CZ");
Line Found : user_pref("CT3106777.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Found : user_pref("CT3106777.globalFirstTimeInfoLastCheckTime", "Wed Feb 22 2012 09:42:23 GMT+0100");
Line Found : user_pref("CT3106777.homepageProtectorEnableByLogin", true);
Line Found : user_pref("CT3106777.initDone", true);
Line Found : user_pref("CT3106777.isAppTrackingManagerOn", true);
Line Found : user_pref("CT3106777.myStuffEnabled", true);
Line Found : user_pref("CT3106777.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT3106777.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT3106777.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT3106777.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT3106777.revertSettingsEnabled", true);
Line Found : user_pref("CT3106777.searchProtectorDialogDelayInSec", 10);
Line Found : user_pref("CT3106777.searchProtectorEnableByLogin", true);
Line Found : user_pref("CT3106777.testingCtid", "");
Line Found : user_pref("CT3106777.toolbarAppMetaDataLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.toolbarContextMenuLastCheckTime", "Wed Feb 22 2012 09:42:27 GMT+0100");
Line Found : user_pref("CT3106777.usagesFlag", 2);
Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3106777/CT3106777", "\"0bacd177089eeb1d9b8b6d85a7360bd43\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1500748/1496227/CZ", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3106777", "\"1359634418\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"23c5489aa686ce1:16c0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3106777", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5b6c7fc799d642c664ba7e131c771382\"");
Line Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\petra\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\3g0eftd4.default\\conduitCommon\\modules\\3.9.0.3");
Line Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT3106777");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT3106777");
Line Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3106777");
Line Found : user_pref("CommunityToolbar.globalUserId", "632b5f22-5f80-4db2-bab9-774aa4964dbe");
Line Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3106777");
Line Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Feb 22 2012 09:42:27 GMT+0100");
Line Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Feb 25 2012 09:35:16 GMT+0100");
Line Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.locale", "en");
Line Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Feb 25 2012 09:35:08 GMT+0100");
Line Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.notifications.userId", "3c529803-c391-42f9-8559-cdd25e7da0b8");
Line Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [29809 octets] - [17/04/2014 18:52:21]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [29870 octets] ##########

Re: Prosím o preventivní kontrolu

Napsal: 17 dub 2014 17:56
od petouf
Díky,
nenašel jsem
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
vToolbarUpdater18.0.5

Jinak jsem to udělal dle návodu, ADW na mě vyplivnul totok:
Díky...


# AdwCleaner v3.023 - Report created 17/04/2014 at 18:52:21
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : petra - PETRA-PC
# Running from : C:\Users\petra\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : bonanzadealslive
Service Found : bonanzadealslivem

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Found : C:\Users\petra\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\invalidprefs.js
File Found : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\searchplugins\Ask.xml
File Found : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
File Found : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
File Found : C:\Windows\System32\Tasks\BonanzaDealsUpdate
File Found : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
File Found : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Folder Found : C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Folder Found C:\Program Files (x86)\BonanzaDeals
Folder Found C:\Program Files (x86)\BonanzaDealsLive
Folder Found C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\driver-soft
Folder Found C:\Program Files (x86)\OApps
Folder Found C:\Program Files (x86)\SimilarSites
Folder Found C:\Program Files (x86)\WinZipBar
Folder Found C:\ProgramData\BonanzaDealsLive
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Folder Found C:\Users\petra\AppData\Local\BonanzaDealsLive
Folder Found C:\Users\petra\AppData\Local\Conduit
Folder Found C:\Users\petra\AppData\Local\FilesFrog Update Checker
Folder Found C:\Users\petra\AppData\Local\FilesFrog Update Checker
Folder Found C:\Users\petra\AppData\Local\webplayer
Folder Found C:\Users\petra\AppData\LocalLow\Conduit
Folder Found C:\Users\petra\AppData\LocalLow\WinZipBar
Folder Found C:\Users\petra\AppData\Roaming\dvdvideosoftiehelpers
Folder Found C:\Users\petra\AppData\Roaming\eCyber
Folder Found C:\Users\petra\AppData\Roaming\iSafe
Folder Found C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Folder Found C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Found C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Found C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\ConduitCommon
Folder Found C:\Users\petra\AppData\Roaming\pdfforge
Folder Found C:\Users\petra\AppData\Roaming\SimilarSites
Folder Found C:\Users\petra\AppData\Roaming\yourfiledownloader

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk ( _?=C:\Users\petra\AppData\Local\WebPlayer\FLV Player )

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\WinZipBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\BonanzaDealsLive
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82EA3E77-7BD2-4744-A8F2-670770767EC5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Somoto
Key Found : HKCU\Software\Webplayer
Key Found : HKCU\Software\YourFileDownloader
Key Found : [x64] HKCU\Software\BonanzaDealsLive
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Somoto
Key Found : [x64] HKCU\Software\Webplayer
Key Found : [x64] HKCU\Software\YourFileDownloader
Key Found : HKLM\Software\BonanzaDealsLive
Key Found : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9280CAA3-237E-468E-A41C-43EADB5FF61A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3106777
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82EA3E77-7BD2-4744-A8F2-670770767EC5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA3395D3-F332-4B9E-9E2F-64CFBFFCF798}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F09384DD-5599-48F9-AECB-36A0E607D29D}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kicad_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kicad_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9280CAA3-237E-468E-A41C-43EADB5FF61A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZipBar Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Key Found : HKLM\Software\SafetyNut
Key Found : HKLM\Software\WinZipBar
Key Found : HKLM\Software\YourFileDownloader
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\prefs.js ]

Line Found : user_pref("CT3106777..clientLogIsEnabled", true);
Line Found : user_pref("CT3106777..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT3106777..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT3106777.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Found : user_pref("CT3106777.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT3106777.AppTrackingLastCheckTime", "Sat Feb 25 2012 10:43:37 GMT+0100");
Line Found : user_pref("CT3106777.BrowserCompStateIsOpen_129724975549181030", true);
Line Found : user_pref("CT3106777.BrowserCompStateIsOpen_130041080178558067", true);
Line Found : user_pref("CT3106777.CT3106777.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3106777&octid=CT3106777&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_[...]
Line Found : user_pref("CT3106777.CTID", "CT3106777");
Line Found : user_pref("CT3106777.ConfigurationLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.CurrentServerDate", "26-10-2013");
Line Found : user_pref("CT3106777.DSInstall", false);
Line Found : user_pref("CT3106777.DialogsAlignMode", "LTR");
Line Found : user_pref("CT3106777.DialogsGetterLastCheckTime", "Wed Oct 23 2013 11:51:16 GMT+0200");
Line Found : user_pref("CT3106777.DownloadReferralCookieData", "");
Line Found : user_pref("CT3106777.EMailNotifierPollDate", "Sat Feb 25 2012 10:55:29 GMT+0100");
Line Found : user_pref("CT3106777.FirstServerDate", "22-2-2012");
Line Found : user_pref("CT3106777.FirstTime", true);
Line Found : user_pref("CT3106777.FirstTimeFF3", true);
Line Found : user_pref("CT3106777.FixPageNotFoundErrors", true);
Line Found : user_pref("CT3106777.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT3106777.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT3106777.HPInstall", false);
Line Found : user_pref("CT3106777.HasUserGlobalKeys", true);
Line Found : user_pref("CT3106777.HomePageProtectorEnabled", false);
Line Found : user_pref("CT3106777.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Line Found : user_pref("CT3106777.Initialize", true);
Line Found : user_pref("CT3106777.InitializeCommonPrefs", true);
Line Found : user_pref("CT3106777.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT3106777.InstallationId", "ConduitNSISIntegration");
Line Found : user_pref("CT3106777.InstallationType", "ConduitXPEIntegration");
Line Found : user_pref("CT3106777.InstalledDate", "Wed Feb 22 2012 09:42:22 GMT+0100");
Line Found : user_pref("CT3106777.IsAlertDBUpdated", true);
Line Found : user_pref("CT3106777.IsGrouping", false);
Line Found : user_pref("CT3106777.IsInitSetupIni", true);
Line Found : user_pref("CT3106777.IsMulticommunity", false);
Line Found : user_pref("CT3106777.IsOpenThankYouPage", false);
Line Found : user_pref("CT3106777.IsOpenUninstallPage", false);
Line Found : user_pref("CT3106777.LanguagePackLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT3106777.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT3106777.LastLogin_3.12.0.7", "Wed Apr 25 2012 11:54:53 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.12.2.3", "Thu May 31 2012 19:53:42 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.13.0.6", "Mon Jul 16 2012 04:56:08 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.14.1.0", "Thu Aug 23 2012 07:22:07 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.15.1.0", "Wed Nov 07 2012 19:14:03 GMT+0100");
Line Found : user_pref("CT3106777.LastLogin_3.16.0.3", "Thu Mar 07 2013 09:16:51 GMT+0100");
Line Found : user_pref("CT3106777.LastLogin_3.18.0.7", "Sun Jul 14 2013 20:33:43 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.19.0.3", "Mon Sep 09 2013 09:12:46 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.20.0.4", "Sat Oct 26 2013 09:14:06 GMT+0200");
Line Found : user_pref("CT3106777.LastLogin_3.9.0.3", "Sat Feb 25 2012 09:35:08 GMT+0100");
Line Found : user_pref("CT3106777.LatestVersion", "3.20.0.4");
Line Found : user_pref("CT3106777.Locale", "en");
Line Found : user_pref("CT3106777.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT3106777.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT3106777.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT3106777.MyStuffEnabledAtInstallation", true);
Line Found : user_pref("CT3106777.OriginalFirstVersion", "3.9.0.3");
Line Found : user_pref("CT3106777.SearchAPILastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.SearchCaption", "WinZipBar Customized Web Search");
Line Found : user_pref("CT3106777.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Line Found : user_pref("CT3106777.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT3106777.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=2&q=");
Line Found : user_pref("CT3106777.SearchInNewTabEnabled", true);
Line Found : user_pref("CT3106777.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT3106777.SearchInNewTabLastCheckTime", "Sun Sep 08 2013 15:45:24 GMT+0200");
Line Found : user_pref("CT3106777.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Found : user_pref("CT3106777.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT3106777&octid=CT3106777&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Found : user_pref("CT3106777.SearchInNewTabUserEnabled", false);
Line Found : user_pref("CT3106777.SearchProtectorEnabled", false);
Line Found : user_pref("CT3106777.SearchProtectorToolbarDisabled", false);
Line Found : user_pref("CT3106777.SendProtectorDataViaLogin", true);
Line Found : user_pref("CT3106777.ServiceMapLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.SettingsLastCheckTime", "Sat Oct 26 2013 09:14:04 GMT+0200");
Line Found : user_pref("CT3106777.SettingsLastUpdate", "1382265269");
Line Found : user_pref("CT3106777.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3106777&SearchSource=13");
Line Found : user_pref("CT3106777.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT3106777.ThirdPartyComponentsLastCheck", "Wed Feb 22 2012 09:42:19 GMT+0100");
Line Found : user_pref("CT3106777.ThirdPartyComponentsLastUpdate", "1312887586");
Line Found : user_pref("CT3106777.ToolbarShrinkedFromSetup", false);
Line Found : user_pref("CT3106777.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3106777");
Line Found : user_pref("CT3106777.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Found : user_pref("CT3106777.UserID", "UN59619505060305194");
Line Found : user_pref("CT3106777.alertChannelId", "1500748");
Line Found : user_pref("CT3106777.autoDisableScopes", -1);
Line Found : user_pref("CT3106777.backendstorage.searchappstate", "33");
Line Found : user_pref("CT3106777.backendstorage.searchapptracking", "73656E74");
Line Found : user_pref("CT3106777.countryCode", "CZ");
Line Found : user_pref("CT3106777.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Found : user_pref("CT3106777.globalFirstTimeInfoLastCheckTime", "Wed Feb 22 2012 09:42:23 GMT+0100");
Line Found : user_pref("CT3106777.homepageProtectorEnableByLogin", true);
Line Found : user_pref("CT3106777.initDone", true);
Line Found : user_pref("CT3106777.isAppTrackingManagerOn", true);
Line Found : user_pref("CT3106777.myStuffEnabled", true);
Line Found : user_pref("CT3106777.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT3106777.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT3106777.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT3106777.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT3106777.revertSettingsEnabled", true);
Line Found : user_pref("CT3106777.searchProtectorDialogDelayInSec", 10);
Line Found : user_pref("CT3106777.searchProtectorEnableByLogin", true);
Line Found : user_pref("CT3106777.testingCtid", "");
Line Found : user_pref("CT3106777.toolbarAppMetaDataLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Found : user_pref("CT3106777.toolbarContextMenuLastCheckTime", "Wed Feb 22 2012 09:42:27 GMT+0100");
Line Found : user_pref("CT3106777.usagesFlag", 2);
Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3106777/CT3106777", "\"0bacd177089eeb1d9b8b6d85a7360bd43\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1500748/1496227/CZ", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3106777", "\"1359634418\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"23c5489aa686ce1:16c0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3106777", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5b6c7fc799d642c664ba7e131c771382\"");
Line Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\petra\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\3g0eftd4.default\\conduitCommon\\modules\\3.9.0.3");
Line Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT3106777");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT3106777");
Line Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3106777");
Line Found : user_pref("CommunityToolbar.globalUserId", "632b5f22-5f80-4db2-bab9-774aa4964dbe");
Line Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3106777");
Line Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Feb 22 2012 09:42:27 GMT+0100");
Line Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Feb 25 2012 09:35:16 GMT+0100");
Line Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.locale", "en");
Line Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Feb 25 2012 09:35:08 GMT+0100");
Line Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.notifications.userId", "3c529803-c391-42f9-8559-cdd25e7da0b8");
Line Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [29809 octets] - [17/04/2014 18:52:21]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [29870 octets] ##########

Re: Prosím o preventivní kontrolu

Napsal: 17 dub 2014 20:30
od Roli
petouf píše:Díky,
nenašel jsem
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
vToolbarUpdater18.0.5
To je proto, že jsi správně odinstaloval AVG :wink:


Nevím jak to dokážeš, ale odpovídáš dvakrát.


Znovu spusť AdwCleaner ale tentokrát klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zase zkopíruj Report.


Plus mi přidej aktuální log z Rsit.

Re: Prosím o preventivní kontrolu

Napsal: 21 dub 2014 13:37
od petouf
Tady mám logy,
Dík, přeji pěkný den!
# AdwCleaner v3.102 - Report created 21/04/2014 at 14:29:10
# Updated 21/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : petra - PETRA-PC
# Running from : C:\Users\petra\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : bonanzadealslive
[#] Service Deleted : bonanzadealslivem

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\BonanzaDealsLive
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Folder Deleted : C:\Program Files (x86)\BonanzaDeals
[!] Folder Deleted : C:\Program Files (x86)\BonanzaDealsLive
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\DVDVideoSoft
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files (x86)\WinZipBar
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft
Folder Deleted : C:\Users\petra\AppData\Local\BonanzaDealsLive
Folder Deleted : C:\Users\petra\AppData\Local\Conduit
Folder Deleted : C:\Users\petra\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\petra\AppData\Local\webplayer
Folder Deleted : C:\Users\petra\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\petra\AppData\LocalLow\WinZipBar
Folder Deleted : C:\Users\petra\AppData\Roaming\DVDVideoSoft
Folder Deleted : C:\Users\petra\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\petra\AppData\Roaming\eCyber
Folder Deleted : C:\Users\petra\AppData\Roaming\iSafe
Folder Deleted : C:\Users\petra\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\petra\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\petra\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Folder Deleted : C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\ConduitCommon
Folder Deleted : C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
File Deleted : C:\Users\petra\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\invalidprefs.js
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\searchplugins\Ask.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
File Deleted : C:\Windows\System32\Tasks\BonanzaDealsUpdate

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3106777
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kicad_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kicad_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9280CAA3-237E-468E-A41C-43EADB5FF61A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82EA3E77-7BD2-4744-A8F2-670770767EC5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9280CAA3-237E-468E-A41C-43EADB5FF61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82EA3E77-7BD2-4744-A8F2-670770767EC5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F09384DD-5599-48F9-AECB-36A0E607D29D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA3395D3-F332-4B9E-9E2F-64CFBFFCF798}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Key Deleted : HKCU\Software\BonanzaDealsLive
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\WinZipBar
Key Deleted : HKLM\Software\BonanzaDealsLive
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\Software\WinZipBar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZipBar Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\prefs.js ]

Line Deleted : user_pref("CT3106777..clientLogIsEnabled", true);
Line Deleted : user_pref("CT3106777..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT3106777..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT3106777.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT3106777.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT3106777.AppTrackingLastCheckTime", "Sat Feb 25 2012 10:43:37 GMT+0100");
Line Deleted : user_pref("CT3106777.BrowserCompStateIsOpen_129724975549181030", true);
Line Deleted : user_pref("CT3106777.BrowserCompStateIsOpen_130041080178558067", true);
Line Deleted : user_pref("CT3106777.CT3106777.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3106777&octid=CT3106777&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_[...]
Line Deleted : user_pref("CT3106777.CTID", "CT3106777");
Line Deleted : user_pref("CT3106777.ConfigurationLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.CurrentServerDate", "26-10-2013");
Line Deleted : user_pref("CT3106777.DSInstall", false);
Line Deleted : user_pref("CT3106777.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3106777.DialogsGetterLastCheckTime", "Wed Oct 23 2013 11:51:16 GMT+0200");
Line Deleted : user_pref("CT3106777.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3106777.EMailNotifierPollDate", "Sat Feb 25 2012 10:55:29 GMT+0100");
Line Deleted : user_pref("CT3106777.FirstServerDate", "22-2-2012");
Line Deleted : user_pref("CT3106777.FirstTime", true);
Line Deleted : user_pref("CT3106777.FirstTimeFF3", true);
Line Deleted : user_pref("CT3106777.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT3106777.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT3106777.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT3106777.HPInstall", false);
Line Deleted : user_pref("CT3106777.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3106777.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT3106777.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT3106777.Initialize", true);
Line Deleted : user_pref("CT3106777.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3106777.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3106777.InstallationId", "ConduitNSISIntegration");
Line Deleted : user_pref("CT3106777.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3106777.InstalledDate", "Wed Feb 22 2012 09:42:22 GMT+0100");
Line Deleted : user_pref("CT3106777.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3106777.IsGrouping", false);
Line Deleted : user_pref("CT3106777.IsInitSetupIni", true);
Line Deleted : user_pref("CT3106777.IsMulticommunity", false);
Line Deleted : user_pref("CT3106777.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT3106777.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT3106777.LanguagePackLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT3106777.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT3106777.LastLogin_3.12.0.7", "Wed Apr 25 2012 11:54:53 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.12.2.3", "Thu May 31 2012 19:53:42 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.13.0.6", "Mon Jul 16 2012 04:56:08 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.14.1.0", "Thu Aug 23 2012 07:22:07 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.15.1.0", "Wed Nov 07 2012 19:14:03 GMT+0100");
Line Deleted : user_pref("CT3106777.LastLogin_3.16.0.3", "Thu Mar 07 2013 09:16:51 GMT+0100");
Line Deleted : user_pref("CT3106777.LastLogin_3.18.0.7", "Sun Jul 14 2013 20:33:43 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.19.0.3", "Mon Sep 09 2013 09:12:46 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.20.0.4", "Sat Oct 26 2013 09:14:06 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.9.0.3", "Sat Feb 25 2012 09:35:08 GMT+0100");
Line Deleted : user_pref("CT3106777.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT3106777.Locale", "en");
Line Deleted : user_pref("CT3106777.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT3106777.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT3106777.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3106777.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3106777.OriginalFirstVersion", "3.9.0.3");
Line Deleted : user_pref("CT3106777.SearchAPILastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.SearchCaption", "WinZipBar Customized Web Search");
Line Deleted : user_pref("CT3106777.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CT3106777.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT3106777.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=2&q=");
Line Deleted : user_pref("CT3106777.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3106777.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3106777.SearchInNewTabLastCheckTime", "Sun Sep 08 2013 15:45:24 GMT+0200");
Line Deleted : user_pref("CT3106777.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT3106777.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT3106777&octid=CT3106777&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Deleted : user_pref("CT3106777.SearchInNewTabUserEnabled", false);
Line Deleted : user_pref("CT3106777.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT3106777.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3106777.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT3106777.ServiceMapLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.SettingsLastCheckTime", "Sat Oct 26 2013 09:14:04 GMT+0200");
Line Deleted : user_pref("CT3106777.SettingsLastUpdate", "1382265269");
Line Deleted : user_pref("CT3106777.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3106777&SearchSource=13");
Line Deleted : user_pref("CT3106777.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3106777.ThirdPartyComponentsLastCheck", "Wed Feb 22 2012 09:42:19 GMT+0100");
Line Deleted : user_pref("CT3106777.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT3106777.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT3106777.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3106777");
Line Deleted : user_pref("CT3106777.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3106777.UserID", "UN59619505060305194");
Line Deleted : user_pref("CT3106777.alertChannelId", "1500748");
Line Deleted : user_pref("CT3106777.autoDisableScopes", -1);
Line Deleted : user_pref("CT3106777.backendstorage.searchappstate", "33");
Line Deleted : user_pref("CT3106777.backendstorage.searchapptracking", "73656E74");
Line Deleted : user_pref("CT3106777.countryCode", "CZ");
Line Deleted : user_pref("CT3106777.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT3106777.globalFirstTimeInfoLastCheckTime", "Wed Feb 22 2012 09:42:23 GMT+0100");
Line Deleted : user_pref("CT3106777.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3106777.initDone", true);
Line Deleted : user_pref("CT3106777.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT3106777.myStuffEnabled", true);
Line Deleted : user_pref("CT3106777.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT3106777.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT3106777.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT3106777.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT3106777.revertSettingsEnabled", true);
Line Deleted : user_pref("CT3106777.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3106777.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3106777.testingCtid", "");
Line Deleted : user_pref("CT3106777.toolbarAppMetaDataLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.toolbarContextMenuLastCheckTime", "Wed Feb 22 2012 09:42:27 GMT+0100");
Line Deleted : user_pref("CT3106777.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3106777/CT3106777", "\"0bacd177089eeb1d9b8b6d85a7360bd43\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1500748/1496227/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3106777", "\"1359634418\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"23c5489aa686ce1:16c0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3106777", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5b6c7fc799d642c664ba7e131c771382\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\petra\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\3g0eftd4.default\\conduitCommon\\modules\\3.9.0.3");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3106777");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3106777");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3106777");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "632b5f22-5f80-4db2-bab9-774aa4964dbe");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3106777");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Feb 22 2012 09:42:27 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Feb 25 2012 09:35:16 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Feb 25 2012 09:35:08 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "3c529803-c391-42f9-8559-cdd25e7da0b8");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [30023 octets] - [17/04/2014 18:52:21]
AdwCleaner[R1].txt - [30754 octets] - [21/04/2014 14:27:16]
AdwCleaner[S0].txt - [30759 octets] - [21/04/2014 14:29:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30820 octets] ##########


A z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by petra at 2014-04-21 14:34:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 27 GB (27%) free of 100 GB
Total RAM: 4094 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:05, on 21.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\vsnp2uvc.exe
C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe
C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.exe
C:\Program Files\trend micro\petra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Instair - {0D778FDC-FAD7-4B1D-AB88-7A76A562D65C} - C:\PROGRA~1\Instair\Instair.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [ACSW15EN] "C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
O4 - HKLM\..\Run: [NexusServer] "C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [EPSON Stylus Photo R265 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE /FU "C:\Windows\TEMP\E_S6B14.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [FLV Player] C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CD82C85E-37B7-48E3-9E88-31E140C13C86} (TeeChart Commander v7) - http://www.premis.cz/PremisGUI/cab/Teechart7.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11429 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {0E275775-E1B7-4C93-B011-7485C1CB35A8}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\vsnp2uvc.exe"
"C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Windows\System32\CtHelper.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
"C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe"
"C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\splwow64.exe 12288
taskeng.exe {94AB4988-32F1-468D-8ED2-BBFD1A85272E}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2240.0.1033623745\1324466950" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,28,34 --gpu-vendor-id=0x10de --gpu-device-id=0x1245 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.2.580980141\23288284" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.3.869789701\1724106410" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.4.2057346996\1675562901" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.5.1271750951\1399716927" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.7.877065450\1976932131" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.8.942216011\296178098" /prefetch:673131151
"C:\Users\petra\Desktop\pc udrzba\antivir\RSITx64.exe"
"C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\PrintIsolationHost.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\alg.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.exe" /toolhint

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000UA.job
C:\Windows\tasks\PMCS_Wakeup634657982909132950.job

=========Mozilla firefox=========

ProfilePath - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-16 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}]
Instair - C:\PROGRA~1\Instair\Instair.dll [2013-05-28 590640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-09-19 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-09-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R265 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE [2006-05-19 139264]
"FLV Player"=C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"CTxfiHlp"=CTXFIHLP.EXE []
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL []
"CTHelper"=CTHELPER.EXE []
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"ACSW15EN"=C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [2012-11-14 1133176]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"tsnp2uvc"=C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [2012-02-23 322560]
"NexusServer"=C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe [2007-03-26 389120]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-16 3854640]

C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-17 18:52:18 ----D---- C:\AdwCleaner
2014-04-17 17:19:04 ----D---- C:\Program Files\trend micro
2014-04-17 17:19:03 ----D---- C:\rsit
2014-04-16 17:52:31 ----A---- C:\Windows\{00000005-00000000-00000001-00001102-00000004-10071102}.BAK
2014-04-16 17:45:37 ----A---- C:\Windows\avastSS.scr
2014-04-16 17:00:18 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-04-16 17:00:15 ----D---- C:\Users\petra\AppData\Roaming\Spyware Terminator
2014-04-16 17:00:15 ----D---- C:\ProgramData\Spyware Terminator
2014-04-16 16:58:11 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-04-11 05:33:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-11 05:33:40 ----A---- C:\Windows\system32\ieui.dll
2014-04-11 05:33:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-11 05:33:36 ----A---- C:\Windows\system32\vbscript.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\iernonce.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-11 05:33:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-11 05:33:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\system32\iesetup.dll
2014-04-11 05:33:25 ----A---- C:\Windows\system32\mshtml.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-11 05:33:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 05:33:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-11 05:33:21 ----A---- C:\Windows\system32\iertutil.dll
2014-04-11 05:33:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\wininet.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\urlmon.dll
2014-04-11 05:33:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-11 05:33:19 ----A---- C:\Windows\system32\ieframe.dll
2014-04-11 05:33:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-11 05:33:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-11 05:33:17 ----A---- C:\Windows\system32\jscript9.dll
2014-04-09 04:57:56 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 04:57:37 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 04:57:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 04:57:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-03-24 20:31:58 ----D---- C:\Program Files\CyberLink
2014-03-23 22:05:05 ----D---- C:\ProgramData\MAGIX
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files\NewBlue

======List of files/folders modified in the last 1 month======

2014-04-21 14:34:59 ----D---- C:\Users\petra\AppData\Roaming\Dropbox
2014-04-21 14:30:58 ----D---- C:\ProgramData\NVIDIA
2014-04-21 14:30:40 ----RD---- C:\Program Files (x86)
2014-04-21 14:30:40 ----HD---- C:\ProgramData
2014-04-21 14:29:40 ----D---- C:\Windows\Prefetch
2014-04-21 14:29:21 ----D---- C:\Windows\Tasks
2014-04-21 14:29:21 ----D---- C:\Windows\system32\Tasks
2014-04-21 14:29:19 ----D---- C:\Program Files (x86)\Common Files
2014-04-21 14:27:22 ----D---- C:\Windows\Temp
2014-04-21 14:26:46 ----D---- C:\Windows\system32\config
2014-04-21 07:00:24 ----ASD---- C:\ProgramData\Microsoft
2014-04-20 07:55:14 ----D---- C:\Users\petra\AppData\Roaming\MediaMonkey
2014-04-20 05:53:27 ----D---- C:\Windows\System32
2014-04-20 05:53:27 ----D---- C:\Windows\inf
2014-04-20 05:53:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-19 08:39:51 ----D---- C:\Windows\system32\catroot2
2014-04-19 02:19:26 ----SHD---- C:\System Volume Information
2014-04-17 18:34:11 ----D---- C:\Windows\system32\drivers
2014-04-17 17:19:04 ----RD---- C:\Program Files
2014-04-17 13:34:28 ----D---- C:\Users\petra\AppData\Roaming\Seznam.cz
2014-04-16 17:52:31 ----D---- C:\Windows
2014-04-16 17:45:38 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-16 16:55:50 ----D---- C:\Windows\Panther
2014-04-16 16:55:49 ----D---- C:\Windows\Logs
2014-04-16 16:55:49 ----D---- C:\Windows\debug
2014-04-16 16:51:51 ----SHD---- C:\Windows\Installer
2014-04-15 19:30:36 ----D---- C:\Program Files (x86)\The KMPlayer
2014-04-15 12:12:04 ----D---- C:\Windows\system32\NDF
2014-04-11 09:56:45 ----D---- C:\Windows\rescache
2014-04-11 08:32:42 ----D---- C:\Windows\winsxs
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-11 08:29:40 ----D---- C:\Program Files\Internet Explorer
2014-04-11 08:29:39 ----D---- C:\Windows\SysWOW64
2014-04-11 08:29:38 ----D---- C:\Windows\system32\en-US
2014-04-11 08:29:38 ----D---- C:\Windows\system32\cs-CZ
2014-04-11 08:29:38 ----D---- C:\Windows\PolicyDefinitions
2014-04-11 08:29:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-11 05:34:22 ----D---- C:\Windows\system32\catroot
2014-04-10 05:01:44 ----D---- C:\Windows\AppPatch
2014-04-10 05:01:40 ----D---- C:\Windows\system32\DriverStore
2014-04-09 05:40:22 ----D---- C:\Windows\system32\MRT
2014-04-09 05:37:36 ----A---- C:\Windows\system32\MRT.exe
2014-03-31 09:35:08 ----N---- C:\Windows\system32\MpSigStub.exe
2014-03-27 16:37:57 ----SD---- C:\Users\petra\AppData\Roaming\Microsoft
2014-03-24 20:49:15 ----D---- C:\Program Files (x86)\Boris FX, Inc
2014-03-24 20:39:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-03-24 20:39:01 ----D---- C:\Program Files\NewBlue
2014-03-24 20:38:56 ----D---- C:\Program Files (x86)\NewBlue
2014-03-24 08:45:39 ----A---- C:\Windows\NeroDigital.ini
2014-03-23 22:21:16 ----D---- C:\Program Files (x86)\Avid
2014-03-23 22:01:57 ----D---- C:\Program Files\Adobe
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-16 208928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2011-06-28 105592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-16 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-16 423240]
R1 cdrblock;cdrblock; C:\Windows\system32\DRIVERS\cdrblock.sys [2008-05-30 34360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-16 79184]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2007-04-27 142120]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-04-16 51496]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-16 84816]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 158808]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-03-18 580696]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-03-18 866264]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 706648]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-03-18 16984]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 681048]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-03-18 290392]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-03-18 147544]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2010-03-18 1360984]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2010-03-18 259672]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-03-18 221272]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-11-24 648808]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-09-09 3567232]
S1 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys []
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\Windows\system32\DRIVERS\avcstrm.sys [2009-07-14 17664]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL []
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 158808]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL []
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 706648]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL []
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTERFXFX;CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL []
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 681048]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\Everest Ultimate Engineer Edition v5.50 build 2253\kerneld.amd64 []
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2010-03-18 295000]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\Windows\system32\DRIVERS\mstape.sys [2009-07-14 56448]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Sony sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-16 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PaceLicenseDServices;PACE License Services; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2011-07-09 2932224]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-10-22 1149104]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-02-27 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-07-10 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-03-17 79360]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-19 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 21 dub 2014 13:37
od petouf
Tady mám logy,
Dík, přeji pěkný den!
# AdwCleaner v3.102 - Report created 21/04/2014 at 14:29:10
# Updated 21/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : petra - PETRA-PC
# Running from : C:\Users\petra\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : bonanzadealslive
[#] Service Deleted : bonanzadealslivem

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\BonanzaDealsLive
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Folder Deleted : C:\Program Files (x86)\BonanzaDeals
[!] Folder Deleted : C:\Program Files (x86)\BonanzaDealsLive
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\DVDVideoSoft
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files (x86)\WinZipBar
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft
Folder Deleted : C:\Users\petra\AppData\Local\BonanzaDealsLive
Folder Deleted : C:\Users\petra\AppData\Local\Conduit
Folder Deleted : C:\Users\petra\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\petra\AppData\Local\webplayer
Folder Deleted : C:\Users\petra\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\petra\AppData\LocalLow\WinZipBar
Folder Deleted : C:\Users\petra\AppData\Roaming\DVDVideoSoft
Folder Deleted : C:\Users\petra\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\petra\AppData\Roaming\eCyber
Folder Deleted : C:\Users\petra\AppData\Roaming\iSafe
Folder Deleted : C:\Users\petra\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\petra\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\petra\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Folder Deleted : C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\ConduitCommon
Folder Deleted : C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
File Deleted : C:\Users\petra\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\invalidprefs.js
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\searchplugins\Ask.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
File Deleted : C:\Windows\System32\Tasks\BonanzaDealsUpdate

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3106777
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kicad_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kicad_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9280CAA3-237E-468E-A41C-43EADB5FF61A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82EA3E77-7BD2-4744-A8F2-670770767EC5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9280CAA3-237E-468E-A41C-43EADB5FF61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82EA3E77-7BD2-4744-A8F2-670770767EC5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F09384DD-5599-48F9-AECB-36A0E607D29D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA3395D3-F332-4B9E-9E2F-64CFBFFCF798}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Key Deleted : HKCU\Software\BonanzaDealsLive
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\WinZipBar
Key Deleted : HKLM\Software\BonanzaDealsLive
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\Software\WinZipBar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZipBar Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\prefs.js ]

Line Deleted : user_pref("CT3106777..clientLogIsEnabled", true);
Line Deleted : user_pref("CT3106777..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT3106777..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT3106777.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT3106777.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT3106777.AppTrackingLastCheckTime", "Sat Feb 25 2012 10:43:37 GMT+0100");
Line Deleted : user_pref("CT3106777.BrowserCompStateIsOpen_129724975549181030", true);
Line Deleted : user_pref("CT3106777.BrowserCompStateIsOpen_130041080178558067", true);
Line Deleted : user_pref("CT3106777.CT3106777.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3106777&octid=CT3106777&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_[...]
Line Deleted : user_pref("CT3106777.CTID", "CT3106777");
Line Deleted : user_pref("CT3106777.ConfigurationLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.CurrentServerDate", "26-10-2013");
Line Deleted : user_pref("CT3106777.DSInstall", false);
Line Deleted : user_pref("CT3106777.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3106777.DialogsGetterLastCheckTime", "Wed Oct 23 2013 11:51:16 GMT+0200");
Line Deleted : user_pref("CT3106777.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3106777.EMailNotifierPollDate", "Sat Feb 25 2012 10:55:29 GMT+0100");
Line Deleted : user_pref("CT3106777.FirstServerDate", "22-2-2012");
Line Deleted : user_pref("CT3106777.FirstTime", true);
Line Deleted : user_pref("CT3106777.FirstTimeFF3", true);
Line Deleted : user_pref("CT3106777.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT3106777.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT3106777.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT3106777.HPInstall", false);
Line Deleted : user_pref("CT3106777.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3106777.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT3106777.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT3106777.Initialize", true);
Line Deleted : user_pref("CT3106777.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3106777.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3106777.InstallationId", "ConduitNSISIntegration");
Line Deleted : user_pref("CT3106777.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3106777.InstalledDate", "Wed Feb 22 2012 09:42:22 GMT+0100");
Line Deleted : user_pref("CT3106777.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3106777.IsGrouping", false);
Line Deleted : user_pref("CT3106777.IsInitSetupIni", true);
Line Deleted : user_pref("CT3106777.IsMulticommunity", false);
Line Deleted : user_pref("CT3106777.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT3106777.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT3106777.LanguagePackLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT3106777.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT3106777.LastLogin_3.12.0.7", "Wed Apr 25 2012 11:54:53 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.12.2.3", "Thu May 31 2012 19:53:42 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.13.0.6", "Mon Jul 16 2012 04:56:08 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.14.1.0", "Thu Aug 23 2012 07:22:07 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.15.1.0", "Wed Nov 07 2012 19:14:03 GMT+0100");
Line Deleted : user_pref("CT3106777.LastLogin_3.16.0.3", "Thu Mar 07 2013 09:16:51 GMT+0100");
Line Deleted : user_pref("CT3106777.LastLogin_3.18.0.7", "Sun Jul 14 2013 20:33:43 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.19.0.3", "Mon Sep 09 2013 09:12:46 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.20.0.4", "Sat Oct 26 2013 09:14:06 GMT+0200");
Line Deleted : user_pref("CT3106777.LastLogin_3.9.0.3", "Sat Feb 25 2012 09:35:08 GMT+0100");
Line Deleted : user_pref("CT3106777.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT3106777.Locale", "en");
Line Deleted : user_pref("CT3106777.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT3106777.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT3106777.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3106777.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3106777.OriginalFirstVersion", "3.9.0.3");
Line Deleted : user_pref("CT3106777.SearchAPILastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.SearchCaption", "WinZipBar Customized Web Search");
Line Deleted : user_pref("CT3106777.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CT3106777.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT3106777.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=2&q=");
Line Deleted : user_pref("CT3106777.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3106777.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3106777.SearchInNewTabLastCheckTime", "Sun Sep 08 2013 15:45:24 GMT+0200");
Line Deleted : user_pref("CT3106777.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT3106777.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT3106777&octid=CT3106777&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Deleted : user_pref("CT3106777.SearchInNewTabUserEnabled", false);
Line Deleted : user_pref("CT3106777.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT3106777.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3106777.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT3106777.ServiceMapLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.SettingsLastCheckTime", "Sat Oct 26 2013 09:14:04 GMT+0200");
Line Deleted : user_pref("CT3106777.SettingsLastUpdate", "1382265269");
Line Deleted : user_pref("CT3106777.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3106777&SearchSource=13");
Line Deleted : user_pref("CT3106777.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3106777.ThirdPartyComponentsLastCheck", "Wed Feb 22 2012 09:42:19 GMT+0100");
Line Deleted : user_pref("CT3106777.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT3106777.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT3106777.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3106777");
Line Deleted : user_pref("CT3106777.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3106777.UserID", "UN59619505060305194");
Line Deleted : user_pref("CT3106777.alertChannelId", "1500748");
Line Deleted : user_pref("CT3106777.autoDisableScopes", -1);
Line Deleted : user_pref("CT3106777.backendstorage.searchappstate", "33");
Line Deleted : user_pref("CT3106777.backendstorage.searchapptracking", "73656E74");
Line Deleted : user_pref("CT3106777.countryCode", "CZ");
Line Deleted : user_pref("CT3106777.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT3106777.globalFirstTimeInfoLastCheckTime", "Wed Feb 22 2012 09:42:23 GMT+0100");
Line Deleted : user_pref("CT3106777.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3106777.initDone", true);
Line Deleted : user_pref("CT3106777.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT3106777.myStuffEnabled", true);
Line Deleted : user_pref("CT3106777.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT3106777.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT3106777.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT3106777.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT3106777.revertSettingsEnabled", true);
Line Deleted : user_pref("CT3106777.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3106777.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3106777.testingCtid", "");
Line Deleted : user_pref("CT3106777.toolbarAppMetaDataLastCheckTime", "Fri Oct 25 2013 20:09:36 GMT+0200");
Line Deleted : user_pref("CT3106777.toolbarContextMenuLastCheckTime", "Wed Feb 22 2012 09:42:27 GMT+0100");
Line Deleted : user_pref("CT3106777.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3106777/CT3106777", "\"0bacd177089eeb1d9b8b6d85a7360bd43\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1500748/1496227/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3106777", "\"1359634418\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"23c5489aa686ce1:16c0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3106777", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5b6c7fc799d642c664ba7e131c771382\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\petra\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\3g0eftd4.default\\conduitCommon\\modules\\3.9.0.3");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3106777");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3106777");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3106777");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "632b5f22-5f80-4db2-bab9-774aa4964dbe");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3106777");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Feb 22 2012 09:42:27 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Feb 25 2012 09:35:16 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Feb 25 2012 09:35:08 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "3c529803-c391-42f9-8559-cdd25e7da0b8");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [30023 octets] - [17/04/2014 18:52:21]
AdwCleaner[R1].txt - [30754 octets] - [21/04/2014 14:27:16]
AdwCleaner[S0].txt - [30759 octets] - [21/04/2014 14:29:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30820 octets] ##########


A z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by petra at 2014-04-21 14:34:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 27 GB (27%) free of 100 GB
Total RAM: 4094 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:05, on 21.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\vsnp2uvc.exe
C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe
C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.exe
C:\Program Files\trend micro\petra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Instair - {0D778FDC-FAD7-4B1D-AB88-7A76A562D65C} - C:\PROGRA~1\Instair\Instair.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [ACSW15EN] "C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
O4 - HKLM\..\Run: [NexusServer] "C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [EPSON Stylus Photo R265 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE /FU "C:\Windows\TEMP\E_S6B14.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [FLV Player] C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = petra\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CD82C85E-37B7-48E3-9E88-31E140C13C86} (TeeChart Commander v7) - http://www.premis.cz/PremisGUI/cab/Teechart7.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11429 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {0E275775-E1B7-4C93-B011-7485C1CB35A8}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\vsnp2uvc.exe"
"C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Windows\System32\CtHelper.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" /pid ACSW15EN
"C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe"
"C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\splwow64.exe 12288
taskeng.exe {94AB4988-32F1-468D-8ED2-BBFD1A85272E}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2240.0.1033623745\1324466950" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,28,34 --gpu-vendor-id=0x10de --gpu-device-id=0x1245 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.2.580980141\23288284" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.3.869789701\1724106410" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.4.2057346996\1675562901" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.5.1271750951\1399716927" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.7.877065450\1976932131" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group11 pct:1b stable:r2 prefetch_results:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2240.8.942216011\296178098" /prefetch:673131151
"C:\Users\petra\Desktop\pc udrzba\antivir\RSITx64.exe"
"C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\PrintIsolationHost.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\alg.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.exe" /toolhint

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000UA.job
C:\Windows\tasks\PMCS_Wakeup634657982909132950.job

=========Mozilla firefox=========

ProfilePath - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-16 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}]
Instair - C:\PROGRA~1\Instair\Instair.dll [2013-05-28 590640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-09-19 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-09-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R265 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE [2006-05-19 139264]
"FLV Player"=C:\Users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"CTxfiHlp"=CTXFIHLP.EXE []
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL []
"CTHelper"=CTHELPER.EXE []
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"ACSW15EN"=C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [2012-11-14 1133176]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"tsnp2uvc"=C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [2012-02-23 322560]
"NexusServer"=C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe [2007-03-26 389120]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-16 3854640]

C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-17 18:52:18 ----D---- C:\AdwCleaner
2014-04-17 17:19:04 ----D---- C:\Program Files\trend micro
2014-04-17 17:19:03 ----D---- C:\rsit
2014-04-16 17:52:31 ----A---- C:\Windows\{00000005-00000000-00000001-00001102-00000004-10071102}.BAK
2014-04-16 17:45:37 ----A---- C:\Windows\avastSS.scr
2014-04-16 17:00:18 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-04-16 17:00:15 ----D---- C:\Users\petra\AppData\Roaming\Spyware Terminator
2014-04-16 17:00:15 ----D---- C:\ProgramData\Spyware Terminator
2014-04-16 16:58:11 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-04-11 05:33:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-11 05:33:40 ----A---- C:\Windows\system32\ieui.dll
2014-04-11 05:33:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-11 05:33:36 ----A---- C:\Windows\system32\vbscript.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\iernonce.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 05:33:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-11 05:33:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-11 05:33:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-11 05:33:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msrating.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-11 05:33:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-11 05:33:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-11 05:33:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-11 05:33:26 ----A---- C:\Windows\system32\iesetup.dll
2014-04-11 05:33:25 ----A---- C:\Windows\system32\mshtml.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-11 05:33:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-11 05:33:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 05:33:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-11 05:33:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-11 05:33:21 ----A---- C:\Windows\system32\iertutil.dll
2014-04-11 05:33:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\wininet.dll
2014-04-11 05:33:20 ----A---- C:\Windows\system32\urlmon.dll
2014-04-11 05:33:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-11 05:33:19 ----A---- C:\Windows\system32\ieframe.dll
2014-04-11 05:33:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-11 05:33:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-11 05:33:17 ----A---- C:\Windows\system32\jscript9.dll
2014-04-09 04:57:56 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 04:57:56 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 04:57:37 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 04:57:36 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 04:57:35 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 04:57:35 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 04:57:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 04:57:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 04:57:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-03-24 20:31:58 ----D---- C:\Program Files\CyberLink
2014-03-23 22:05:05 ----D---- C:\ProgramData\MAGIX
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files\NewBlue

======List of files/folders modified in the last 1 month======

2014-04-21 14:34:59 ----D---- C:\Users\petra\AppData\Roaming\Dropbox
2014-04-21 14:30:58 ----D---- C:\ProgramData\NVIDIA
2014-04-21 14:30:40 ----RD---- C:\Program Files (x86)
2014-04-21 14:30:40 ----HD---- C:\ProgramData
2014-04-21 14:29:40 ----D---- C:\Windows\Prefetch
2014-04-21 14:29:21 ----D---- C:\Windows\Tasks
2014-04-21 14:29:21 ----D---- C:\Windows\system32\Tasks
2014-04-21 14:29:19 ----D---- C:\Program Files (x86)\Common Files
2014-04-21 14:27:22 ----D---- C:\Windows\Temp
2014-04-21 14:26:46 ----D---- C:\Windows\system32\config
2014-04-21 07:00:24 ----ASD---- C:\ProgramData\Microsoft
2014-04-20 07:55:14 ----D---- C:\Users\petra\AppData\Roaming\MediaMonkey
2014-04-20 05:53:27 ----D---- C:\Windows\System32
2014-04-20 05:53:27 ----D---- C:\Windows\inf
2014-04-20 05:53:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-19 08:39:51 ----D---- C:\Windows\system32\catroot2
2014-04-19 02:19:26 ----SHD---- C:\System Volume Information
2014-04-17 18:34:11 ----D---- C:\Windows\system32\drivers
2014-04-17 17:19:04 ----RD---- C:\Program Files
2014-04-17 13:34:28 ----D---- C:\Users\petra\AppData\Roaming\Seznam.cz
2014-04-16 17:52:31 ----D---- C:\Windows
2014-04-16 17:45:38 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-16 16:55:50 ----D---- C:\Windows\Panther
2014-04-16 16:55:49 ----D---- C:\Windows\Logs
2014-04-16 16:55:49 ----D---- C:\Windows\debug
2014-04-16 16:51:51 ----SHD---- C:\Windows\Installer
2014-04-15 19:30:36 ----D---- C:\Program Files (x86)\The KMPlayer
2014-04-15 12:12:04 ----D---- C:\Windows\system32\NDF
2014-04-11 09:56:45 ----D---- C:\Windows\rescache
2014-04-11 08:32:42 ----D---- C:\Windows\winsxs
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-11 08:29:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-11 08:29:40 ----D---- C:\Program Files\Internet Explorer
2014-04-11 08:29:39 ----D---- C:\Windows\SysWOW64
2014-04-11 08:29:38 ----D---- C:\Windows\system32\en-US
2014-04-11 08:29:38 ----D---- C:\Windows\system32\cs-CZ
2014-04-11 08:29:38 ----D---- C:\Windows\PolicyDefinitions
2014-04-11 08:29:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-11 05:34:22 ----D---- C:\Windows\system32\catroot
2014-04-10 05:01:44 ----D---- C:\Windows\AppPatch
2014-04-10 05:01:40 ----D---- C:\Windows\system32\DriverStore
2014-04-09 05:40:22 ----D---- C:\Windows\system32\MRT
2014-04-09 05:37:36 ----A---- C:\Windows\system32\MRT.exe
2014-03-31 09:35:08 ----N---- C:\Windows\system32\MpSigStub.exe
2014-03-27 16:37:57 ----SD---- C:\Users\petra\AppData\Roaming\Microsoft
2014-03-24 20:49:15 ----D---- C:\Program Files (x86)\Boris FX, Inc
2014-03-24 20:39:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-03-24 20:39:01 ----D---- C:\Program Files\NewBlue
2014-03-24 20:38:56 ----D---- C:\Program Files (x86)\NewBlue
2014-03-24 08:45:39 ----A---- C:\Windows\NeroDigital.ini
2014-03-23 22:21:16 ----D---- C:\Program Files (x86)\Avid
2014-03-23 22:01:57 ----D---- C:\Program Files\Adobe
2014-03-23 22:01:50 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-16 208928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2011-06-28 105592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-16 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-16 423240]
R1 cdrblock;cdrblock; C:\Windows\system32\DRIVERS\cdrblock.sys [2008-05-30 34360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-16 79184]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2007-04-27 142120]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-04-16 51496]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-16 84816]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 158808]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-03-18 580696]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-03-18 866264]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 706648]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-03-18 16984]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 681048]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-03-18 290392]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-03-18 147544]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2010-03-18 1360984]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2010-03-18 259672]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-03-18 221272]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-11-24 648808]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-09-09 3567232]
S1 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys []
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\Windows\system32\DRIVERS\avcstrm.sys [2009-07-14 17664]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL []
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 158808]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL []
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 706648]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL []
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTERFXFX;CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [2010-03-18 141912]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL []
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 681048]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\Everest Ultimate Engineer Edition v5.50 build 2253\kerneld.amd64 []
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2010-03-18 295000]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\Windows\system32\DRIVERS\mstape.sys [2009-07-14 56448]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Sony sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-16 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PaceLicenseDServices;PACE License Services; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2011-07-09 2932224]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-10-22 1149104]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-02-27 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-07-10 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-03-17 79360]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-19 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 136176]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 21 dub 2014 13:38
od petouf
(koukám zase dvakrát... :shock: )

Re: Prosím o preventivní kontrolu

Napsal: 21 dub 2014 17:02
od Roli
petouf píše:(koukám zase dvakrát... :shock: )
Mě to fakt stačí jednou :)


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000UA.job

:commands
[purity]
[emptytemp]
[start explorer]
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

Re: Prosím o preventivní kontrolu

Napsal: 23 dub 2014 19:19
od petouf
Tak jsem se s tim - snad správně - popral a tu jsou logy...
Hezký den!



All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job moved successfully.
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3338490639-4165212360-2111865542-1000UA.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: petra
->Temp folder emptied: 50270431 bytes
->Temporary Internet Files folder emptied: 24270090 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 332338781 bytes
->Google Chrome cache emptied: 297280459 bytes
->Flash cache emptied: 3017 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 39896565 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 441332 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78280 bytes
RecycleBin emptied: 2019149478 bytes

Total Files Cleaned = 2 636,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 04232014_181702

Files moved on Reboot...
C:\Users\petra\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\petra\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


ComboFix 14-04-20.01 - petra 23.04.2014 18:28:34.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4094.2161 [GMT 2:00]
Spuštěný z: c:\users\petra\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-23 do 2014-04-23 )))))))))))))))))))))))))))))))
.
.
2014-04-23 16:17 . 2014-04-23 16:17 -------- d-----w- C:\_OTM
2014-04-23 02:49 . 2014-04-17 03:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B6753D36-D796-4647-AE09-2DEB815553B6}\mpengine.dll
2014-04-17 16:52 . 2014-04-21 12:29 -------- d-----w- C:\AdwCleaner
2014-04-17 15:19 . 2014-04-21 12:35 -------- d-----w- c:\program files\trend micro
2014-04-17 15:19 . 2014-04-17 15:19 -------- d-----w- C:\rsit
2014-04-16 15:45 . 2014-04-16 15:45 43152 ----a-w- c:\windows\avastSS.scr
2014-04-16 15:00 . 2014-04-16 15:00 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2014-04-16 15:00 . 2014-04-16 15:52 -------- d-----w- c:\programdata\Spyware Terminator
2014-04-16 15:00 . 2014-04-16 15:00 -------- d-----w- c:\users\petra\AppData\Roaming\Spyware Terminator
2014-04-16 14:58 . 2014-04-16 15:00 -------- d-----w- c:\program files (x86)\Spyware Terminator
2014-04-15 10:15 . 2014-04-15 10:15 0 ---ha-w- c:\users\petra\AppData\Local\BITA64C.tmp
2014-04-09 02:57 . 2014-02-04 02:35 190912 ----a-w- c:\windows\system32\drivers\storport.sys
2014-03-24 18:53 . 2014-03-24 18:53 -------- d-----w- c:\users\petra\AppData\Local\BorisFX
2014-03-24 18:31 . 2014-03-24 18:31 -------- d-----w- c:\program files\CyberLink
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-16 15:45 . 2014-02-20 15:18 84816 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-04-16 15:45 . 2013-03-18 19:06 208928 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-16 15:45 . 2013-03-18 19:05 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-16 15:45 . 2012-10-03 19:24 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-16 15:45 . 2012-02-18 14:21 423240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-16 15:45 . 2012-02-18 14:21 1039096 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-16 15:45 . 2012-02-18 14:21 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-16 15:45 . 2012-02-18 14:21 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-09 03:37 . 2012-03-17 14:52 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-31 07:35 . 2012-02-18 14:04 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-23 20:21 . 2014-03-23 20:21 53248 ----a-r- c:\users\petra\AppData\Roaming\Microsoft\Installer\{D954A6FA-5769-4B38-9377-2B6DF78D77E5}\ARPPRODUCTICON.exe
2014-03-23 20:08 . 2014-03-23 20:08 53248 ----a-r- c:\users\petra\AppData\Roaming\Microsoft\Installer\{6CA8F328-2590-4232-9A2D-B50F72F41863}\ARPPRODUCTICON.exe
2014-03-12 23:07 . 2014-03-12 23:07 761416 ----a-w- c:\windows\system32\AvOmfToolkit.dll
2014-03-12 23:07 . 2014-03-12 23:07 72264 ----a-w- c:\windows\system32\libjpegV4.dll
2014-03-12 23:07 . 2014-03-12 23:07 66560 ----a-w- c:\windows\system32\ntrights.exe
2014-03-12 23:07 . 2014-03-12 23:07 56904 ----a-w- c:\windows\SysWow64\libjpegV4.dll
2014-03-12 23:07 . 2014-03-12 23:07 549960 ----a-w- c:\windows\SysWow64\mmclient.dll
2014-03-12 10:22 . 2013-02-09 22:17 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-12 10:22 . 2012-02-18 14:22 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-04 09:17 . 2014-04-09 02:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-02-21 14:00 . 2013-03-18 19:05 440672 ----a-w- c:\windows\system32\drivers\aswndisflt.sys
2014-02-07 01:23 . 2014-03-14 04:11 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:32 . 2014-03-14 04:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-14 04:10 624128 ----a-w- c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-14 04:10 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-14 04:10 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-01-29 02:32 . 2014-03-14 04:11 484864 ----a-w- c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-14 04:11 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-01-28 02:32 . 2014-03-14 04:11 228864 ----a-w- c:\windows\system32\wwansvc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}]
2013-05-28 06:30 590640 ----a-w- c:\progra~1\Instair\Instair.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\petra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\petra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\petra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\petra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"CTxfiHlp"="CTXFIHLP.EXE" [2007-04-09 19968]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"AsioThk32Reg"="CTASIO.DLL" [2010-03-18 47104]
"CTHelper"="CTHELPER.EXE" [2010-03-18 19456]
"Print2PDF Print Monitor"="c:\program files (x86)\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
"ACSW15EN"="c:\program files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe" [2012-11-14 1133176]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-12 662016]
"tsnp2uvc"="c:\program files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe" [2012-02-23 322560]
"NexusServer"="c:\program files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" [2007-03-26 389120]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-16 3854640]
.
c:\users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\petra\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 33508336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;e:\everest ultimate engineer edition v5.50 build 2253\kerneld.amd64;e:\everest ultimate engineer edition v5.50 build 2253\kerneld.amd64 [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys;c:\windows\SYSNATIVE\DRIVERS\cdrblock.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-11 06:36 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-09 10:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-16 15:45 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\petra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\petra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\petra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\petra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-12 662016]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2013-10-22 2777736]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=13415
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.88.1.2 10.89.1.2
DPF: {CD82C85E-37B7-48E3-9E88-31E140C13C86} - hxxp://www.premis.cz/PremisGUI/cab/Teechart7.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\3g0eftd4.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-FLV Player - c:\users\petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-Free YouTube to MP3 Converter_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-Super Ovladac_is1 - c:\program files (x86)\Driver-Soft\SuperOvladac\unins000.exe
AddRemove-vfd-ob - c:\program files (x86)\OApps\vfd-ob_uninstall.exe
AddRemove-Bonanza - c:\users\petra\AppData\Roaming\Bonanza\UpdateProc\UpdateTask.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\e:\everest ultimate engineer edition v5.50 build 2253\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3338490639-4165212360-2111865542-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v15o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 15.v15o"
.
[HKEY_USERS\S-1-5-21-3338490639-4165212360-2111865542-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v15p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 15.v15p"
.
[HKEY_USERS\S-1-5-21-3338490639-4165212360-2111865542-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v15pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 15.v15pf"
.
[HKEY_USERS\S-1-5-21-3338490639-4165212360-2111865542-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 15.xmp"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:2e,e8,e1,00,eb,16,2b,de,4e,02,e3,d2,a3,
23,9a,f3,c8,28,51,af,b0,29,a3,98,25,49,69,5a,43,8f,83,66,e2,63,26,f1,3f,c8,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,77,57,9b,45,dc,
85,de,9c,71,3b,04,66,8b,46,0d,96,6a,93,f3,b6,4a,e7,72,34,6a,9c,d6,61,af,45,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,91,43,4b,f0,c9,
a6,6c,99,25,da,ec,7e,55,20,c9,26,92,96,d8,1f,f6,b1,f4,45,ff,7c,85,e0,43,d4,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,77,c4,fd,79,56,
43,d9,e8,3e,1e,9e,e0,57,5a,93,61,4a,12,d1,68,1e,6e,9b,7f,86,8c,21,01,be,91,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,d1,80,f1,85,e3,
25,ba,37,cd,44,cd,b9,a6,33,6c,cd,81,9c,ee,e6,89,12,9d,41,f5,1d,4d,73,a8,13,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,2c,34,61,4f,0a,
61,72,c4,b0,18,ed,a7,3f,8d,37,a4,ea,aa,c5,ac,64,84,87,7c,df,20,58,62,78,6b,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,27,a7,72,94,64,
f8,0d,97,31,77,e1,ba,b1,f8,68,02,a4,1d,85,5b,fc,04,3d,93,fb,a7,78,e6,12,2f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:aa,52,c6,00,84,3c,26,64,57,dc,4f,d8,66,
47,5d,76,83,6c,56,8b,a0,85,96,ab,ee,19,f9,fd,c2,12,31,ef,01,3a,48,fc,e8,04,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,d7,13,54,4f,dc,
b9,82,6b,51,fa,6e,91,28,9e,14,cc,a3,85,5b,10,4b,30,cc,54,f6,0f,4e,58,98,5b,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,06,6d,5b,ff,e4,
7a,02,66,b1,cd,45,5a,a8,c4,f8,b9,d1,56,20,4f,1d,f4,c8,1a,3d,ce,ea,26,2d,45,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,77,50,a9,cd,7d,
f8,83,8a,e3,0e,66,d5,eb,bc,2f,6b,09,c5,ed,c0,68,c6,e1,66,2a,b7,cc,b5,b9,7f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\Windows\\SysWow64\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,56,d6,54,41,0f,
d5,41,c2,fa,ea,66,7f,d4,3b,6b,70,4d,7b,12,51,88,2b,63,f0,6c,43,2d,1e,aa,22,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-04-23 18:39:54
ComboFix-quarantined-files.txt 2014-04-23 16:39
ComboFix2.txt 2010-08-23 20:54
ComboFix3.txt 2009-04-04 19:46
ComboFix4.txt 2009-04-04 19:34
ComboFix5.txt 2011-10-28 09:03
.
Před spuštěním: Volných bajtů: 27 247 845 376
Po spuštění: Volných bajtů: 26 732 863 488
.
- - End Of File - - BB17B1791B1CAA62F435BF3C4348069A
413FC2A0C716421B3158746D63736515

Re: Prosím o preventivní kontrolu

Napsal: 23 dub 2014 20:11
od Roli
petouf píše:Tak jsem se s tim - snad správně - popral a tu jsou logy...
:thumbsup:

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
c:\users\petra\AppData\Local\BITA64C.tmp

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz