Prosím o kontrolu
Napsal: 01 srp 2014 20:37
Dobrý den, prosím o kontrolu, ale vůbec ne preventivní. Zaneřádil jsem si prohlížeče svou chybou. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by jaroslak at 2014-08-01 20:20:58
Microsoft Windows 7 Enterprise Service Pack 1
System drive C: has 10 GB (20%) free of 50 GB
Total RAM: 6142 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:21:06 PM, on 8/1/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\jaroslak\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
C:\Users\jaroslak\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\jaroslak\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Genius\Manticore\MTHid.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files\trend micro\jaroslak.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 6196561965
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 6196561965
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 6196561965
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0042822 - {11111111-1111-1111-1111-110411281122} - C:\Program Files (x86)\Shop_an_Upi_1.6\Shop_an_Upi_1.6-bho.dll
O2 - BHO: CrossriderApp0061915 - {11111111-1111-1111-1111-110611191115} - C:\Program Files (x86)\Sense\Sense-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Adblocker - {5FF305DF-B056-088A-0103-F225B48C71CD} - C:\Program Files (x86)\Adblocker\bv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O2 - BHO: priceechop - {BB104FC0-2488-3AB2-DB2B-EF72ED530925} - C:\Program Files (x86)\priceechop\qgq2amv9.dll
O2 - BHO: YTAHelperBHO - {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} - C:\ProgramData\YTAHelper\YTAHelper.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Manticore] C:\Program Files (x86)\Genius\Manticore\MThid.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [FLV Player] C:\Users\jaroslak\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\jaroslak\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\jaroslak\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe
O4 - HKCU\..\Run: [GoobzoYouTubeAccelerator] "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: ShopperPro Update (SPBIUpd) - ShopperPro - C:\Program Files\Common Files\ShopperPro\spbiu.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: YouTubeAcceleratorService - GOOBZO - C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe
--
End of file - 12515 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe"
C:\Windows\SysWOW64\XSrvSetup.exe
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
"C:\Program Files\Common Files\ShopperPro\spbiu.exe" /service
C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Users\jaroslak\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"
"C:\Users\jaroslak\AppData\Roaming\Seznam.cz\szninstall.exe" -c
szndesktop.exe default start
"C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
"C:\Users\jaroslak\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "730113699904839753-6949773-149376665295244113419772579266234690132079895288
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Genius\Manticore\MTHid.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe" -m
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://istart.webssearches.com/?type=sc ... 6196561965
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=600.1519d340.667326968 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 600 "\\.\pipe\gecko-crash-server-pipe.600" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --proxy-stub-channel=Flash4224.669C0D80.25696 --host-broker-channel=Flash4224.669C0D80.3112 --host-pid=4224 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --channel=4684.006EF888.1646506969 --proxy-stub-channel=Flash4224.669C0D80.25696 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --host-npapi-version=27 --type=renderer
"C:\Users\jaroslak\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AmiUpdXp.job - C:\Users\jaroslak\AppData\Local\15268\a19561.exe
C:\Windows\tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-11.job - C:\Program Files (x86)\Shop_an_Upi_1.6\d8f74118-7758-4a73-8216-f3d5e66779f5-11.exe /fazRMXi=QHIwCbAsKWnFd9Lza5PYmBQFigs4TxZ5OpP1vqGqchrBee4fW86ZfBzCJaggydyFmINkGS7DVDzo3Vf1d6wPpOcO72b/tiw/2KuyGUqnTDWF4NWdRpQs2De/2o78cizM/0fUQeOh+KyrHP0W1Z9arrtXMsKsLED7ByD0WktgsYJOOOGkbQnZ4kGM3SNaSCzWNqKZSxTrJUFcGj1D2x1Do+n41fVQHGzeIsUElH5J2F4Q7cH8mwgqDX1oqQW9ZTNzxXSbqb3C20eIAcXHKzGcHO/1XrpDvWWlP4sa8qDkzNr42OSqMLGltidswc5fmyAA6+zNYMQ3sds9283OVpm96kOwbnfWtbgxxigY7yt5eYFNs0cljJG+4ULjljYDdc3EjzUyoZpnhbUNRiZBBuOMgIX9Va7FzR3idnqW+qwN2XEq3LqMuRcNXqhgibJHrxNgUgUIJfODV/nfOvNG6QUdjMI2/AxeX/Tsm9LGNv54j++DsmDiDcCPKcjbFQA9054QeLIfaMdt014Yk9mS6BE88xzm/DxMBENvo0xUgdNGjRV8AqlP8mxT4/XuoH6+RFUQ3PVZPpc1oaC0zKGgttUBKCaEslWpqWqyjtrN7hfLGbgx++2u0Wp5RLoGSnryXN34x0dLQyRTORIECApOeHxDgnKv28UQZMgb5+KqHo6WPva2eLquUvTWW/Vkf05m9hF2S+zkDoc6zqeX3w0fSJLEDc9lXPQrIDsqkzPZa4je0tlvX1KNsEZlATMJVZ+bqFS1dsOUIXjvvrw5GGgdPiWDCEhbdrDXOhaJnLJ4UC3gkuMyBZqh709bXDCBruYcg2bRQLiJLklH79F1oL+uYKwNlQCqacM37X3sfJ4ZxSTejHip4RVkyL907KyhzPquuzun07QUpw/yIC3RfTR+stPWsKRzIKOSKtqhjd4optpMdwvGpGvD+EQQD3N9JM0FkaA7IBwklQn7UH61H40dkJ2lKOszLzikSzuzE/E8ePctKW8HWIiH6TpvaaKxzYG9JtT5tK+5uYAehjMR8dJ4OApPaIGTwvIDkr98frRFGFJu8XBSJ4c90iPjq0MJHCxBJi535BIQnnOL+eTPFn4Xlda5VINadWfOyLI85bEQ3NnrZ1n27yuOL92Hnxxfa5e1HEiTtlfGuyX8Gs2uIHiujyeiPcJHSd0cRWRu7haOXFHeSzM+RXb3lkmzLaGPbfsHb/PO6StDp4UdQfP/O9Zm7I+aRt7Ha1EPCr1vdUzXwQYMfYLnUpT0C/7gp7GuqVvU+s1l2nDMrfQ8MMyg3j+QPpNyHF3hW78fsjdr2f27v5ETMPO/69ey7UVNmgh+F8VTw/e54SkMSU5aodc6WMmzCSb5UZGuYFr5zZB0wq3JwiswxCfspCO4PWzJolE1GkJ/ojhfBZF0yXMizy/kD5m+C/z2XQQLCQHjmG6NrlpR+brUz0YAZyNitE2kusLLwdg+4YSb6B4mDGNKBvkX4vw+GNRhvxzZ6AoepPzm1DNlTZgIp41w40m4Xy+D0E+ALji8GuHriiN0nf+4qOvQj3rNODdmhibC/q5iEYM+rdt/n0l+1vNK1CnBgcRvtW/cB8p92Bj1h/8Uo29jjHV9gEwKuz+D5ExXew/6jzskotz8M5Ffh8e8ON9sC3vawUbES1y91T66StRnbSowY868gANMlLr3OT9N3IZSTYrwPWWfmf4K34o=
C:\Windows\tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-2.job - C:\Program Files (x86)\Shop_an_Upi_1.6\d8f74118-7758-4a73-8216-f3d5e66779f5-2.exe /CbEbS /ZpBCgxxtc='Shop_an_Upi_1.6' /opKZNk=42822 /CjftjJ='001310' /JlFutVD='0' /xsGyTcGOL='0' /uEdfKzwvS=56855A7736244CBD906ECB36DB78E724IE /TRIdwDGm=4ce998b45735bb71b72bbf26ac7d96c9 /vxIZPlGJu=1_34_06_10 /nkaOBMRBi=1406701158 /YSZaXHc=http://stats.democlientnet.com /hSYjiK=http://errors.democlientnet.com /dyeDbLY=11111111-1111-1111-1111-110411281122 /tQQrCEVl=ff /JKizC /JGGFP='http://update.democlientnet.com/ie_enab ... pdate.json' /rcbYrfph='task' /XeUwvLgUe=''
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\jaroslak\AppData\Roaming\Mozilla\Firefox\Profiles\c16r1q0z.default
prefs.js - "browser.search.useDBForOrder" - true
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\jaroslak\AppData\Roaming\Mozilla\Firefox\Profiles\c16r1q0z.default\extensions\
a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com
warnerroberts@hotmail.com
{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E}
{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\jaroslak\AppData\Roaming\Mozilla\Firefox\Profiles\c16r1q0z.default\searchplugins\
firmycz.xml
google.xml
smartbar.xml
yahoo.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411281122}]
Shop_an_Upi_1.6 - C:\Program Files (x86)\Shop_an_Upi_1.6\Shop_an_Upi_1.6-bho64.dll [2014-07-29 730112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}]
Sense - C:\Program Files (x86)\Sense\Sense-bho64.dll [2014-07-30 825704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF305DF-B056-088A-0103-F225B48C71CD}]
Adblocker - C:\Program Files (x86)\Adblocker\bv.x64.dll [2014-07-29 510464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-31 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll [2014-07-22 500584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BB104FC0-2488-3AB2-DB2B-EF72ED530925}]
priceechop - C:\Program Files (x86)\priceechop\qgq2amv9.x64.dll [2014-07-29 510464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}]
YTAHelper - C:\ProgramData\YTAHelper\YTAHelper64.dll [2014-06-15 522600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411281122}]
Shop_an_Upi_1.6 - C:\Program Files (x86)\Shop_an_Upi_1.6\Shop_an_Upi_1.6-bho.dll [2014-07-29 536064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}]
Sense - C:\Program Files (x86)\Sense\Sense-bho.dll [2014-07-30 610664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-07-29 515464]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF305DF-B056-088A-0103-F225B48C71CD}]
Adblocker - C:\Program Files (x86)\Adblocker\bv.dll [2013-07-29 452096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-31 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro.dll [2014-07-22 418664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BB104FC0-2488-3AB2-DB2B-EF72ED530925}]
priceechop - C:\Program Files (x86)\priceechop\qgq2amv9.dll [2014-07-29 452096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}]
YTAHelper - C:\ProgramData\YTAHelper\YTAHelper.dll [2014-06-15 434024]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
"FLV Player"=C:\Users\jaroslak\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2012-10-25 202752]
"cz.seznam.software.autoupdate"=C:\Users\jaroslak\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\jaroslak\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe [2014-07-22 3211776]
"GoobzoYouTubeAccelerator"=C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2014-07-29 2227048]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-18 43632]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-11-20 106496]
"EasyTuneVI"=C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [2007-07-26 20480]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304]
"Manticore"=C:\Program Files (x86)\Genius\Manticore\MThid.exe [2013-10-29 293376]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe [2014-07-22 3211776]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4086432]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
Logfile of random's system information tool 1.10 (written by random/random)
Run by jaroslak at 2014-08-01 20:20:58
Microsoft Windows 7 Enterprise Service Pack 1
System drive C: has 10 GB (20%) free of 50 GB
Total RAM: 6142 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:21:06 PM, on 8/1/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\jaroslak\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
C:\Users\jaroslak\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\jaroslak\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Genius\Manticore\MTHid.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files\trend micro\jaroslak.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 6196561965
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 6196561965
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 6196561965
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0042822 - {11111111-1111-1111-1111-110411281122} - C:\Program Files (x86)\Shop_an_Upi_1.6\Shop_an_Upi_1.6-bho.dll
O2 - BHO: CrossriderApp0061915 - {11111111-1111-1111-1111-110611191115} - C:\Program Files (x86)\Sense\Sense-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Adblocker - {5FF305DF-B056-088A-0103-F225B48C71CD} - C:\Program Files (x86)\Adblocker\bv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O2 - BHO: priceechop - {BB104FC0-2488-3AB2-DB2B-EF72ED530925} - C:\Program Files (x86)\priceechop\qgq2amv9.dll
O2 - BHO: YTAHelperBHO - {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} - C:\ProgramData\YTAHelper\YTAHelper.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Manticore] C:\Program Files (x86)\Genius\Manticore\MThid.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [FLV Player] C:\Users\jaroslak\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\jaroslak\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\jaroslak\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe
O4 - HKCU\..\Run: [GoobzoYouTubeAccelerator] "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: ShopperPro Update (SPBIUpd) - ShopperPro - C:\Program Files\Common Files\ShopperPro\spbiu.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: YouTubeAcceleratorService - GOOBZO - C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe
--
End of file - 12515 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe"
C:\Windows\SysWOW64\XSrvSetup.exe
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
"C:\Program Files\Common Files\ShopperPro\spbiu.exe" /service
C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Users\jaroslak\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"
"C:\Users\jaroslak\AppData\Roaming\Seznam.cz\szninstall.exe" -c
szndesktop.exe default start
"C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
"C:\Users\jaroslak\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "730113699904839753-6949773-149376665295244113419772579266234690132079895288
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Genius\Manticore\MTHid.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe" -m
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://istart.webssearches.com/?type=sc ... 6196561965
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=600.1519d340.667326968 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 600 "\\.\pipe\gecko-crash-server-pipe.600" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --proxy-stub-channel=Flash4224.669C0D80.25696 --host-broker-channel=Flash4224.669C0D80.3112 --host-pid=4224 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --channel=4684.006EF888.1646506969 --proxy-stub-channel=Flash4224.669C0D80.25696 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --host-npapi-version=27 --type=renderer
"C:\Users\jaroslak\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AmiUpdXp.job - C:\Users\jaroslak\AppData\Local\15268\a19561.exe
C:\Windows\tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-11.job - C:\Program Files (x86)\Shop_an_Upi_1.6\d8f74118-7758-4a73-8216-f3d5e66779f5-11.exe /fazRMXi=QHIwCbAsKWnFd9Lza5PYmBQFigs4TxZ5OpP1vqGqchrBee4fW86ZfBzCJaggydyFmINkGS7DVDzo3Vf1d6wPpOcO72b/tiw/2KuyGUqnTDWF4NWdRpQs2De/2o78cizM/0fUQeOh+KyrHP0W1Z9arrtXMsKsLED7ByD0WktgsYJOOOGkbQnZ4kGM3SNaSCzWNqKZSxTrJUFcGj1D2x1Do+n41fVQHGzeIsUElH5J2F4Q7cH8mwgqDX1oqQW9ZTNzxXSbqb3C20eIAcXHKzGcHO/1XrpDvWWlP4sa8qDkzNr42OSqMLGltidswc5fmyAA6+zNYMQ3sds9283OVpm96kOwbnfWtbgxxigY7yt5eYFNs0cljJG+4ULjljYDdc3EjzUyoZpnhbUNRiZBBuOMgIX9Va7FzR3idnqW+qwN2XEq3LqMuRcNXqhgibJHrxNgUgUIJfODV/nfOvNG6QUdjMI2/AxeX/Tsm9LGNv54j++DsmDiDcCPKcjbFQA9054QeLIfaMdt014Yk9mS6BE88xzm/DxMBENvo0xUgdNGjRV8AqlP8mxT4/XuoH6+RFUQ3PVZPpc1oaC0zKGgttUBKCaEslWpqWqyjtrN7hfLGbgx++2u0Wp5RLoGSnryXN34x0dLQyRTORIECApOeHxDgnKv28UQZMgb5+KqHo6WPva2eLquUvTWW/Vkf05m9hF2S+zkDoc6zqeX3w0fSJLEDc9lXPQrIDsqkzPZa4je0tlvX1KNsEZlATMJVZ+bqFS1dsOUIXjvvrw5GGgdPiWDCEhbdrDXOhaJnLJ4UC3gkuMyBZqh709bXDCBruYcg2bRQLiJLklH79F1oL+uYKwNlQCqacM37X3sfJ4ZxSTejHip4RVkyL907KyhzPquuzun07QUpw/yIC3RfTR+stPWsKRzIKOSKtqhjd4optpMdwvGpGvD+EQQD3N9JM0FkaA7IBwklQn7UH61H40dkJ2lKOszLzikSzuzE/E8ePctKW8HWIiH6TpvaaKxzYG9JtT5tK+5uYAehjMR8dJ4OApPaIGTwvIDkr98frRFGFJu8XBSJ4c90iPjq0MJHCxBJi535BIQnnOL+eTPFn4Xlda5VINadWfOyLI85bEQ3NnrZ1n27yuOL92Hnxxfa5e1HEiTtlfGuyX8Gs2uIHiujyeiPcJHSd0cRWRu7haOXFHeSzM+RXb3lkmzLaGPbfsHb/PO6StDp4UdQfP/O9Zm7I+aRt7Ha1EPCr1vdUzXwQYMfYLnUpT0C/7gp7GuqVvU+s1l2nDMrfQ8MMyg3j+QPpNyHF3hW78fsjdr2f27v5ETMPO/69ey7UVNmgh+F8VTw/e54SkMSU5aodc6WMmzCSb5UZGuYFr5zZB0wq3JwiswxCfspCO4PWzJolE1GkJ/ojhfBZF0yXMizy/kD5m+C/z2XQQLCQHjmG6NrlpR+brUz0YAZyNitE2kusLLwdg+4YSb6B4mDGNKBvkX4vw+GNRhvxzZ6AoepPzm1DNlTZgIp41w40m4Xy+D0E+ALji8GuHriiN0nf+4qOvQj3rNODdmhibC/q5iEYM+rdt/n0l+1vNK1CnBgcRvtW/cB8p92Bj1h/8Uo29jjHV9gEwKuz+D5ExXew/6jzskotz8M5Ffh8e8ON9sC3vawUbES1y91T66StRnbSowY868gANMlLr3OT9N3IZSTYrwPWWfmf4K34o=
C:\Windows\tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-2.job - C:\Program Files (x86)\Shop_an_Upi_1.6\d8f74118-7758-4a73-8216-f3d5e66779f5-2.exe /CbEbS /ZpBCgxxtc='Shop_an_Upi_1.6' /opKZNk=42822 /CjftjJ='001310' /JlFutVD='0' /xsGyTcGOL='0' /uEdfKzwvS=56855A7736244CBD906ECB36DB78E724IE /TRIdwDGm=4ce998b45735bb71b72bbf26ac7d96c9 /vxIZPlGJu=1_34_06_10 /nkaOBMRBi=1406701158 /YSZaXHc=http://stats.democlientnet.com /hSYjiK=http://errors.democlientnet.com /dyeDbLY=11111111-1111-1111-1111-110411281122 /tQQrCEVl=ff /JKizC /JGGFP='http://update.democlientnet.com/ie_enab ... pdate.json' /rcbYrfph='task' /XeUwvLgUe=''
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\jaroslak\AppData\Roaming\Mozilla\Firefox\Profiles\c16r1q0z.default
prefs.js - "browser.search.useDBForOrder" - true
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\jaroslak\AppData\Roaming\Mozilla\Firefox\Profiles\c16r1q0z.default\extensions\
a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com
warnerroberts@hotmail.com
{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E}
{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\jaroslak\AppData\Roaming\Mozilla\Firefox\Profiles\c16r1q0z.default\searchplugins\
firmycz.xml
google.xml
smartbar.xml
yahoo.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411281122}]
Shop_an_Upi_1.6 - C:\Program Files (x86)\Shop_an_Upi_1.6\Shop_an_Upi_1.6-bho64.dll [2014-07-29 730112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}]
Sense - C:\Program Files (x86)\Sense\Sense-bho64.dll [2014-07-30 825704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF305DF-B056-088A-0103-F225B48C71CD}]
Adblocker - C:\Program Files (x86)\Adblocker\bv.x64.dll [2014-07-29 510464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-31 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll [2014-07-22 500584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BB104FC0-2488-3AB2-DB2B-EF72ED530925}]
priceechop - C:\Program Files (x86)\priceechop\qgq2amv9.x64.dll [2014-07-29 510464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}]
YTAHelper - C:\ProgramData\YTAHelper\YTAHelper64.dll [2014-06-15 522600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411281122}]
Shop_an_Upi_1.6 - C:\Program Files (x86)\Shop_an_Upi_1.6\Shop_an_Upi_1.6-bho.dll [2014-07-29 536064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}]
Sense - C:\Program Files (x86)\Sense\Sense-bho.dll [2014-07-30 610664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-07-29 515464]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF305DF-B056-088A-0103-F225B48C71CD}]
Adblocker - C:\Program Files (x86)\Adblocker\bv.dll [2013-07-29 452096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-31 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro.dll [2014-07-22 418664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BB104FC0-2488-3AB2-DB2B-EF72ED530925}]
priceechop - C:\Program Files (x86)\priceechop\qgq2amv9.dll [2014-07-29 452096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}]
YTAHelper - C:\ProgramData\YTAHelper\YTAHelper.dll [2014-06-15 434024]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
"FLV Player"=C:\Users\jaroslak\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2012-10-25 202752]
"cz.seznam.software.autoupdate"=C:\Users\jaroslak\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\jaroslak\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe [2014-07-22 3211776]
"GoobzoYouTubeAccelerator"=C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2014-07-29 2227048]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-18 43632]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-11-20 106496]
"EasyTuneVI"=C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [2007-07-26 20480]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304]
"Manticore"=C:\Program Files (x86)\Genius\Manticore\MThid.exe [2013-10-29 293376]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.exe [2014-07-22 3211776]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4086432]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
Jen se s dovolenim zeptam, kde jste prisel k verzi Windows 7 Enterprise, ktery neni bezne k zakoupeni a je urcen pro firemni klientelu??